older ffmpeg overflows/out-of-bounds-accesses/etc.

[Thomas Klausner <wiz () NetBSD org>]

Hi!

Here's a list of commits to the ffmpeg repository which look like they
might fix trouble. I don't think CVEs are assigned for these, but it's
a long list, so I'm not completely sure.

I don't know if it's worth the trouble to assign CVEs for these now,
since they all were fixed last year, but I thought I'd bring them to
your attention. Please use your own judgment.

June/July 2013:

http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6e9bfc19bd7be2b28258ca93d706cb67ed482c65;hp=16f3102f41031f70a24cf25836b1b7ab972c1265
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bbc19010edfdb1b2e248a24894c5ec77960bbfc3;hp=702c1bf240f255d9afe2c3dbf2f07d7fbdc2ffc7
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c59ce1c98e5fdcd3d00fa4980ec8516eb9cad2c4;hp=b28851a1d688f2c650977ea73c1d775417a0bd0e
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c51654fbc023f22feabee68a858a1a33e12ed9f6;hp=a28f4fd1ea45821100032403ebdac1c164b10007
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b26bcd08e670b90740f7253f21adddafb9d8c478;hp=c51654fbc023f22feabee68a858a1a33e12ed9f6
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c49d94487c6135325930cbc4a8cd96d38ef6653e;hp=75b9fb27f516f9db7995ab2c2abb83e25cae5813
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21d0f75f29ca97b2ca31bd4451f488163a27e24f;hp=c49d94487c6135325930cbc4a8cd96d38ef6653e
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bce2ed55596a603b0dd35e000e064b9a40eee542;hp=369684f1092427a3cfa1a62b43f2952a5554061d
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c2216976907336dfae0e8e38a4d70ca2465a92c;hp=999ccd2d0a43640921088578f138c874f6cc0f8a
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=467e7a8f26e54c300ba494bf00033fec1078fa45;hp=0ea135613788ef69ee4f52afb520a169e6da6b9e
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=38229362529ed1619d8ebcc81ecde85b23b45895
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e30b068ef79f604ff439418da07f7e2efd01d4ea
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6765ee7b9cba46818a45b051438b2552f0a1b70a
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7388c0c58601477db076e2e74e8b11f8a644384a
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=95a57d26d8653d21f0dab1aff3558ee944853dbf
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b564784a207b1395d2b5a41e580539df04651096
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=78962d3df49afe5011b572656ecfe940bd5fbf2e
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cf04af2086be105ff86088357b83d672d38417d9
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=eae63e3c156f784ee0612422f0c95131ea913c14
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fd54dd028bc9f7bfb80ebf823a533dc84b73f936
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=76f5dfbfd902178df4a38221a68dc8540189345a
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c4abc9098cacb227dba39bac6aea16b2bceba0d0
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5e646a00ac21e500dae4bcceded790a0fbc5246
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f27b22b4974c740f4c7b4140a793cac196179266
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ddefb80c95d88e88aeb7bc938d58c0389bb83b78
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8435bca087c0e79385763c51de009fd89390b6a5
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6255ccf7d51c82ab79bf0cd47a921f572dda4489
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cd78e934c246d1b2510f8fba0abfe40bb75795f6
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dc79685195a45c9b8b17d7b93d118e0aefa45462

August 2013
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5ef7c84a9374681c64722a96d91741f3b990af2b
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c59967fa7cc5bc2fa06b36c17d2c207240c06b3e

November 2013
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6d9dad6a7cb5d544d540abf941fedbd34c14d2bd
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=808c10e728db2d92ccbb0f8b3bcd4a2f4305a2cf
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4d388c0cd05dd4de545e8ea333ab4de7d67ad12d


 Thomas