svn commit: r406294 - branches/2016Q1/multimedia/ffmpeg
Thomas Zander
riggs at FreeBSD.org
Sun Jan 17 10:14:51 UTC 2016
Author: riggs
Date: Sun Jan 17 10:14:49 2016
New Revision: 406294
URL: https://svnweb.freebsd.org/changeset/ports/406294
Log:
MFH: r406290
Upgrade to upstream release 2.8.5; fix zero-day remote vulnerability
Both mentioned CVE IDs refer to vulnerabilities where a remote attacker
can read arbitrary files by using the subfile protocol in an HTTP Live
Streaming (HLS) M3U8 file. The new release fixes those in the process.
PR: 206282
Reported by: sasamotikomi at gmail.com
Security: CVE-2016-1897
CVE-2016-1898
Approved by: ports-secteam (miwi)
Modified:
branches/2016Q1/multimedia/ffmpeg/Makefile
branches/2016Q1/multimedia/ffmpeg/distinfo
Directory Properties:
branches/2016Q1/ (props changed)
Modified: branches/2016Q1/multimedia/ffmpeg/Makefile
==============================================================================
--- branches/2016Q1/multimedia/ffmpeg/Makefile Sun Jan 17 10:12:17 2016 (r406293)
+++ branches/2016Q1/multimedia/ffmpeg/Makefile Sun Jan 17 10:14:49 2016 (r406294)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= ffmpeg
-PORTVERSION= 2.8.4
+PORTVERSION= 2.8.5
PORTEPOCH= 1
CATEGORIES= multimedia audio ipv6 net
MASTER_SITES= http://ffmpeg.org/releases/
Modified: branches/2016Q1/multimedia/ffmpeg/distinfo
==============================================================================
--- branches/2016Q1/multimedia/ffmpeg/distinfo Sun Jan 17 10:12:17 2016 (r406293)
+++ branches/2016Q1/multimedia/ffmpeg/distinfo Sun Jan 17 10:14:49 2016 (r406294)
@@ -1,2 +1,2 @@
-SHA256 (ffmpeg-2.8.4.tar.bz2) = 83cc8136a7845546062a43cda9ae3cf0a02f43ef5e434d2f997f055231a75f8e
-SIZE (ffmpeg-2.8.4.tar.bz2) = 8579383
+SHA256 (ffmpeg-2.8.5.tar.bz2) = 3b6d9951533323ee64a21d0aa7667a780b3470bfe4e0fb7c1b33307ce290615a
+SIZE (ffmpeg-2.8.5.tar.bz2) = 8580755
More information about the svn-ports-all
mailing list