[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 2162d12 web/security: add CVEs for 6.1, 6.0.1, 5.1.4

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Sat Nov 11 03:02:02 EET 2023


The branch, master has been updated
       via  2162d124d031788560f80b6d8539be0a77a4589c (commit)
       via  f3212cab096623d95f1c467b59bbe19bf1a9ca51 (commit)
      from  5d6b55c9c298aa0578c532911be3437a9f3ef34a (commit)


- Log -----------------------------------------------------------------
commit 2162d124d031788560f80b6d8539be0a77a4589c
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Nov 11 01:59:32 2023 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Nov 11 01:59:32 2023 +0100

    web/security: add CVEs for 6.1, 6.0.1, 5.1.4

diff --git a/src/security b/src/security
index 1739d45..fa2c372 100644
--- a/src/security
+++ b/src/security
@@ -1,8 +1,28 @@
 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
 
 
+<h2>FFmpeg 6.1</h2>
+
+<h3>6.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+CVE-2023-47344, f7ac3512f5b5cb8eb149f37300b43461d8e93af3
+</pre>
+
+
 <h2>FFmpeg 6.0</h2>
 
+<h3>6.0.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, 07e3223dd0213cc5f0b65e98a6e1b1500d09ece0 / e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+</pre>
+
 <h3>6.0</h3>
 <p>
 Fixes following vulnerabilities:
@@ -17,6 +37,14 @@ CVE-2022-48434, cc867f2c09d2b69cee8a0eccd62aff002cbbfe11
 
 <h2>FFmpeg 5.1</h2>
 
+<h3>5.1.4</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, 5e71da4ef9636966b7ec5f8910cf0e6dd4e941e6 / e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+</pre>
+
 <h3>5.1.3</h3>
 <p>
 Fixes following vulnerabilities:

commit f3212cab096623d95f1c467b59bbe19bf1a9ca51
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Nov 11 01:56:54 2023 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Nov 11 01:57:25 2023 +0100

    web/download: add FFmpeg 6.1

diff --git a/src/download b/src/download
index 5ef70ea..833420c 100644
--- a/src/download
+++ b/src/download
@@ -303,6 +303,42 @@ gpg: Good signature from "FFmpeg release signing key <ffmpeg-devel at ffmpeg.org
     and much faster bug fixes such as additional features and security patches.
   </p>
 
+  <h3 id="release_6.1">FFmpeg 6.1 "Heaviside"</h3>
+
+  <p>
+    6.1 was released on 2023-11-11. It is the latest stable FFmpeg release
+    from the 6.1 release branch, which was cut from master on 2023-10-29.
+  </p>
+  <p>It includes the following library versions:
+  </p>
+  <pre>
+libavutil      58. 29.100
+libavcodec     60. 31.102
+libavformat    60. 16.100
+libavdevice    60.  3.100
+libavfilter     9. 12.100
+libswscale      7.  5.100
+libswresample   4. 12.100
+libpostproc    57.  3.100</pre>
+  <div class="row">
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.xz">Download xz tarball</a>
+      <small><a href="releases/ffmpeg-6.1.tar.xz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.bz2">Download bzip2 tarball</a>
+      <small><a href="releases/ffmpeg-6.1.tar.bz2.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.gz">Download gzip tarball</a>
+      <small><a href="releases/ffmpeg-6.1.tar.gz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3 text-right">
+      <small><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n6.1">Changelog</a></small>
+      <a class="btn btn-success" href="https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/refs/heads/release/6.1:/RELEASE_NOTES">Release Notes</a>
+    </div> <!-- col -->
+  </div> <!-- row -->
+
   <h3 id="release_6.0">FFmpeg 6.0.1 "Von Neumann"</h3>
 
   <p>

-----------------------------------------------------------------------

Summary of changes:
 src/download | 36 ++++++++++++++++++++++++++++++++++++
 src/security | 28 ++++++++++++++++++++++++++++
 2 files changed, 64 insertions(+)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list