svn commit: r406290 - head/multimedia/ffmpeg
Thomas Zander
riggs at FreeBSD.org
Sun Jan 17 09:58:38 UTC 2016
Author: riggs
Date: Sun Jan 17 09:58:37 2016
New Revision: 406290
URL: https://svnweb.freebsd.org/changeset/ports/406290
Log:
Upgrade to upstream release 2.8.5; fix zero-day remote vulnerability
Both mentioned CVE IDs refer to vulnerabilities where a remote attacker
can read arbitrary files by using the subfile protocol in an HTTP Live
Streaming (HLS) M3U8 file. The new release fixes those in the process.
PR: 206282
Reported by: sasamotikomi at gmail.com
MFH: 2016Q1
Security: CVE-2016-1897
CVE-2016-1898
Modified:
head/multimedia/ffmpeg/Makefile
head/multimedia/ffmpeg/distinfo
Modified: head/multimedia/ffmpeg/Makefile
==============================================================================
--- head/multimedia/ffmpeg/Makefile Sun Jan 17 09:54:07 2016 (r406289)
+++ head/multimedia/ffmpeg/Makefile Sun Jan 17 09:58:37 2016 (r406290)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= ffmpeg
-PORTVERSION= 2.8.4
+PORTVERSION= 2.8.5
PORTEPOCH= 1
CATEGORIES= multimedia audio ipv6 net
MASTER_SITES= http://ffmpeg.org/releases/
Modified: head/multimedia/ffmpeg/distinfo
==============================================================================
--- head/multimedia/ffmpeg/distinfo Sun Jan 17 09:54:07 2016 (r406289)
+++ head/multimedia/ffmpeg/distinfo Sun Jan 17 09:58:37 2016 (r406290)
@@ -1,2 +1,2 @@
-SHA256 (ffmpeg-2.8.4.tar.bz2) = 83cc8136a7845546062a43cda9ae3cf0a02f43ef5e434d2f997f055231a75f8e
-SIZE (ffmpeg-2.8.4.tar.bz2) = 8579383
+SHA256 (ffmpeg-2.8.5.tar.bz2) = 3b6d9951533323ee64a21d0aa7667a780b3470bfe4e0fb7c1b33307ce290615a
+SIZE (ffmpeg-2.8.5.tar.bz2) = 8580755
More information about the svn-ports-head
mailing list