Upgrade to upstream release 2.8.5; fix zero-day remote vulnerability
Both mentioned CVE IDs refer to vulnerabilities where a remote attacker can read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file. The new release fixes those in the process. PR: 206282 Reported by: sasamotikomi@gmail.com MFH: 2016Q1 Security: CVE-2016-1897 CVE-2016-1898
This commit is contained in:
parent
67203ec51e
commit
9f83b0a62e
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=406290
@ -2,7 +2,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= ffmpeg
|
||||
PORTVERSION= 2.8.4
|
||||
PORTVERSION= 2.8.5
|
||||
PORTEPOCH= 1
|
||||
CATEGORIES= multimedia audio ipv6 net
|
||||
MASTER_SITES= http://ffmpeg.org/releases/
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (ffmpeg-2.8.4.tar.bz2) = 83cc8136a7845546062a43cda9ae3cf0a02f43ef5e434d2f997f055231a75f8e
|
||||
SIZE (ffmpeg-2.8.4.tar.bz2) = 8579383
|
||||
SHA256 (ffmpeg-2.8.5.tar.bz2) = 3b6d9951533323ee64a21d0aa7667a780b3470bfe4e0fb7c1b33307ce290615a
|
||||
SIZE (ffmpeg-2.8.5.tar.bz2) = 8580755
|
||||
|
Loading…
Reference in New Issue
Block a user