On Thu, Nov 14, 2019 at 11:42:45PM +0100, Michael Niedermayer wrote: > On Thu, Nov 14, 2019 at 03:01:29PM -0500, James Boyle wrote: > > Hello, > > > > This patch is nearly identical to commit > > 8df6884832ec413cf032dfaa45c23b1c7876670c, but is intended to backport > > the fix for CVE-2019-17539 to ffmpeg version 3.4.6, which is in use on > > RHEL 7 systems that get ffmpeg from rpmfusion. > > > > https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c > > > > --- > > libavcodec/utils.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > This and "[PATCH 2/2] backport out of array access fix / CVE-2019-17542 / > 15919 clusterfuzz" > and more than 200 other fixes > will be part of the next release from the 3.4 branch > in fact i already have fixes for these 2 backported locally, just not pushed > > ill try to get these pushed to the branch after a bit of sleep
pushed, feel free to check if something was missed i intend to make a release of this in the next week(s) probably. Thanks [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Freedom in capitalist society always remains about the same as it was in ancient Greek republics: Freedom for slave owners. -- Vladimir Lenin
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
