[v2.5] ffmpeg: multiple vulnerabilities (fixed in 0.10.9 and 1.0.4)
Multiple security issues have been fixed through ffmpeg 0.10.9 and 1.0.4 (see http://www.ffmpeg.org/security.html).
Upgrade to at least the following ffmpeg versions is needed:
Alpine Linux v2.4 - ffmpeg 0.10.9 (now has 0.10.3)
Alpine Linux v2.5 - ffmpeg 1.0.4 (now has 1.0)
Alpine Linux v2.6 and v2.7 are not vunlerable.
(from redmine: issue id 2703, created on 2014-02-21, closed on 2014-03-03)
- Relations:
- parent #2701 (closed)
- Changesets:
- Revision a83cec91 by Natanael Copa on 2014-02-25T08:25:40Z:
main/ffmpeg: upgrade to 1.0.4
Fixes #2703
1.0.4 Fixes following vulnerabilities:
CVE-2013-0866
CVE-2013-0865
CVE-2013-0863
CVE-2013-0861
CVE-2013-0860
CVE-2013-0858
CVE-2013-0845
CVE-2013-0844
CVE-2013-0868
CVE-2013-0862
1.0.2 Fixes following vulnerabilities:
CVE-2012-6617
CVE-2012-6618
1.0.1 Fixes following vulnerabilities:
CVE-2013-0859
CVE-2013-0857
CVE-2013-0856
CVE-2013-0855
CVE-2013-0853
CVE-2013-0852
CVE-2013-0851
CVE-2013-0850
CVE-2013-0849
CVE-2013-0848
CVE-2013-0846