[3.3] libass: Multiple issues (CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972)
Libass released a new 0.13.4 version which fixes multiple issues. CVE-2016-7971 remains unfixed for now.
CVE-2016-7969:
Patch:
https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26
CVE-2016-7970
Patch:
https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75
CVE-2016-7972
Patch:
https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b
Reference:
https://github.com/libass/libass/releases/tag/0.13.4
https://marc.info/?l=oss-security&m=147802434930997&w=2
(from redmine: issue id 6537, created on 2016-12-15, closed on 2016-12-21)
- Relations:
- parent #6534 (closed)
- Changesets:
- Revision 5817f955 on 2016-12-20T10:30:12Z:
main/libass: security upgrade to 0.13.4. Fixes #6537
CVE-2016-7969
CVE-2016-7970
CVE-2016-7971
CVE-2016-7972
(cherry picked from commit 8887c484286e50ad0cf41a47ffe52f2954ec7921)