[v2.4] ffmpeg: multiple vulnerabilities (fixed in 0.10.9 and 1.0.4)
Multiple security issues have been fixed through ffmpeg 0.10.9 and 1.0.4 (see http://www.ffmpeg.org/security.html).
Upgrade to at least the following ffmpeg versions is needed:
Alpine Linux v2.4 - ffmpeg 0.10.9 (now has 0.10.3)
Alpine Linux v2.5 - ffmpeg 1.0.4 (now has 1.0)
Alpine Linux v2.6 and v2.7 are not vunlerable.
(from redmine: issue id 2702, created on 2014-02-21, closed on 2014-03-03)
- Relations:
- parent #2701 (closed)
- Changesets:
- Revision 89d8ce68 by Natanael Copa on 2014-02-24T16:58:10Z:
main/ffmpeg: security upgrade to 0.10.9
fixes #2702
0.10.9
Fixes following vulnerabilities:
CVE-2013-7009
CVE-2013-7010
CVE-2013-7014
CVE-2013-7015
CVE-2013-7018
CVE-2013-7023
0.10.7
Fixes following vulnerabilities:
CVE-2013-0868
0.10.6
Fixes following vulnerabilities:
CVE-2012-2796, CVE-2012-2775, CVE-2012-2772, CVE-2012-2776,
CVE-2012-2779, CVE-2012-2787, CVE-2012-2794, CVE-2012-2800,
CVE-2012-2802, CVE-2012-2801, CVE-2012-2786, CVE-2012-2798,
CVE-2012-2793, CVE-2012-2789, CVE-2012-2788, CVE-2012-2790,
CVE-2012-2777, CVE-2012-2784