All, Apologies in advance if this is not the correct forum. We're currently using FFmpeg in a production application, and our infosec folks have flagged it as a vulnerability.
https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726 a) has anyone applied and implemented this patch in an upcoming version of FFmpeg? b) has anyone had to deal with mitigating this vulnerability in your production application, and can point us to a solution that doesn't force us to compromise functionality? CVE details: https://nvd.nist.gov/vuln/detail/CVE-2020-12284 Private or public replies are welcome. Thanks! *Patrick Watts <http://about.me/patrickwatts>*Lead Business Analyst LifeWay Christian Resources (615) 251-5793 Twitter: @patrickwatts <http://twitter.com/patrickwatts> *We serve the Church in Her mission of making disciples.* *FREE resources from LifeWay for your church:* https://lifeway.com/coronavirus *Download a free sample at https://vbs.lifeway.com/free-sample/ <https://vbs.lifeway.com/free-sample/>* _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
