oss-sec mailing list archives
older ffmpeg overflows/out-of-bounds-accesses/etc.
From: Thomas Klausner <wiz () NetBSD org>
Date: Sun, 15 Jun 2014 19:27:13 +0200
Hi! Here's a list of commits to the ffmpeg repository which look like they might fix trouble. I don't think CVEs are assigned for these, but it's a long list, so I'm not completely sure. I don't know if it's worth the trouble to assign CVEs for these now, since they all were fixed last year, but I thought I'd bring them to your attention. Please use your own judgment. June/July 2013: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6e9bfc19bd7be2b28258ca93d706cb67ed482c65;hp=16f3102f41031f70a24cf25836b1b7ab972c1265 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bbc19010edfdb1b2e248a24894c5ec77960bbfc3;hp=702c1bf240f255d9afe2c3dbf2f07d7fbdc2ffc7 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c59ce1c98e5fdcd3d00fa4980ec8516eb9cad2c4;hp=b28851a1d688f2c650977ea73c1d775417a0bd0e http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c51654fbc023f22feabee68a858a1a33e12ed9f6;hp=a28f4fd1ea45821100032403ebdac1c164b10007 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b26bcd08e670b90740f7253f21adddafb9d8c478;hp=c51654fbc023f22feabee68a858a1a33e12ed9f6 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c49d94487c6135325930cbc4a8cd96d38ef6653e;hp=75b9fb27f516f9db7995ab2c2abb83e25cae5813 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21d0f75f29ca97b2ca31bd4451f488163a27e24f;hp=c49d94487c6135325930cbc4a8cd96d38ef6653e http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bce2ed55596a603b0dd35e000e064b9a40eee542;hp=369684f1092427a3cfa1a62b43f2952a5554061d http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c2216976907336dfae0e8e38a4d70ca2465a92c;hp=999ccd2d0a43640921088578f138c874f6cc0f8a http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=467e7a8f26e54c300ba494bf00033fec1078fa45;hp=0ea135613788ef69ee4f52afb520a169e6da6b9e http://git.videolan.org/?p=ffmpeg.git;a=commit;h=38229362529ed1619d8ebcc81ecde85b23b45895 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e30b068ef79f604ff439418da07f7e2efd01d4ea http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6765ee7b9cba46818a45b051438b2552f0a1b70a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7388c0c58601477db076e2e74e8b11f8a644384a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=95a57d26d8653d21f0dab1aff3558ee944853dbf http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b564784a207b1395d2b5a41e580539df04651096 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=78962d3df49afe5011b572656ecfe940bd5fbf2e http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cf04af2086be105ff86088357b83d672d38417d9 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=eae63e3c156f784ee0612422f0c95131ea913c14 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fd54dd028bc9f7bfb80ebf823a533dc84b73f936 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=76f5dfbfd902178df4a38221a68dc8540189345a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c4abc9098cacb227dba39bac6aea16b2bceba0d0 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5e646a00ac21e500dae4bcceded790a0fbc5246 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f27b22b4974c740f4c7b4140a793cac196179266 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ddefb80c95d88e88aeb7bc938d58c0389bb83b78 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8435bca087c0e79385763c51de009fd89390b6a5 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6255ccf7d51c82ab79bf0cd47a921f572dda4489 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cd78e934c246d1b2510f8fba0abfe40bb75795f6 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dc79685195a45c9b8b17d7b93d118e0aefa45462 August 2013 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5ef7c84a9374681c64722a96d91741f3b990af2b http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c59967fa7cc5bc2fa06b36c17d2c207240c06b3e November 2013 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6d9dad6a7cb5d544d540abf941fedbd34c14d2bd http://git.videolan.org/?p=ffmpeg.git;a=commit;h=808c10e728db2d92ccbb0f8b3bcd4a2f4305a2cf http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4d388c0cd05dd4de545e8ea333ab4de7d67ad12d Thomas
Current thread:
- older ffmpeg overflows/out-of-bounds-accesses/etc. Thomas Klausner (Jun 15)