Mail archive
alpine-aports

[alpine-aports] [PATCH v3.4] main/ffmpeg: security upgrade to 3.0.7 - fixes #6871

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Thu, 16 Feb 2017 12:12:13 +0000

3.0.7 fixes:
CVE-2017-5024
CVE-2017-5025

3.0.5 fixes:
CVE-2016-10190
CVE-2016-10191
CVE-2016-10192

3.0.4 fixes:
CVE-2016-5199
CVE-2016-7450
CVE-2016-7502
CVE-2016-7555
CVE-2016-7562
CVE-2016-7785
CVE-2016-7905

3.0.3 fixes:
CVE-2016-6164
CVE-2016-6881
CVE-2016-7122
---
Changelog for 3.0.2 > 3.0.7:
https://abi-laboratory.pro/tracker/changelog/ffmpeg/3.0.7/log.html
(no major changes)
https://ffmpeg.org/security.html
 main/ffmpeg/APKBUILD | 29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/main/ffmpeg/APKBUILD b/main/ffmpeg/APKBUILD
index 6ccfd61..2557091 100644
--- a/main/ffmpeg/APKBUILD
+++ b/main/ffmpeg/APKBUILD
_at_@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Contributor: Ɓukasz Jendrysik <scadu_at_yandex.com>
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=ffmpeg
-pkgver=3.0.2
-pkgrel=1
+pkgver=3.0.7
+pkgrel=0
 pkgdesc="Complete and free Internet live audio and video broadcasting solution for Linux/Unix"
 url="http://ffmpeg.org/"
 arch="all"
_at_@ -18,6 +19,24 @@ source="http://ffmpeg.org/releases/ffmpeg-$pkgver.tar.bz2
 	cflags-speed-O2.patch
 	"
 
+# secfixes:
+#   3.0.7-r0:
+#   - CVE-2017-5024
+#   - CVE-2017-5025
+#   - CVE-2016-10190
+#   - CVE-2016-10191
+#   - CVE-2016-10192
+#   - CVE-2016-5199
+#   - CVE-2016-7450
+#   - CVE-2016-7502
+#   - CVE-2016-7555
+#   - CVE-2016-7562
+#   - CVE-2016-7785
+#   - CVE-2016-7905
+#   - CVE-2016-6164
+#   - CVE-2016-6881
+#   - CVE-2016-7122
+
 _builddir="$srcdir"/$pkgname-$pkgver
 prepare() {
 	cd "$_builddir"
_at_@ -83,12 +102,12 @@ libs() {
 	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
 }
 
-md5sums="7db5efb1070872823143e1365fdfcd53  ffmpeg-3.0.2.tar.bz2
+md5sums="bdb7857dd6e8f5c0b59551d1f0209978  ffmpeg-3.0.7.tar.bz2
 627bb0f8b28063cd5d6a090b07bd3754  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
 91167b4f601db28836dcc3de9f756ed7  cflags-speed-O2.patch"
-sha256sums="30e3c77c2f4c358ed087869455a7496cbd7753a5e1b98d20ba49c1004009fd36  ffmpeg-3.0.2.tar.bz2
+sha256sums="a840d1887afc6341d7e9a1da3360c122a7243565353bf3bedf7ee5f96ef268fa  ffmpeg-3.0.7.tar.bz2
 011f8beaf81074c9f4e522b699d27ee0ab74ec43f800286244a5b63b82ec5e8c  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
 ed75cdc99acb83b660a9e40b908adec896a9421228a620b016a22e7f647bd92b  cflags-speed-O2.patch"
-sha512sums="67697334899b57efd6cfaebca1bb7450635034af34daae1caf77c57239116a7d2854eef3da967d3d1be4b89f346c79e970dc221543ab6181088172460807bc91  ffmpeg-3.0.2.tar.bz2
+sha512sums="0d0c4ce9dcdbe47fb986967be955623fbd98edf33e74a4a8115f16b88bd636d97f99de3d274b5e98ef95bda3a7f501d2c30fa867aaa0590e5fe617b8b812f342  ffmpeg-3.0.7.tar.bz2
 32652e18d4eb231a2e32ad1cacffdf33264aac9d459e0e2e6dd91484fced4e1ca5a62886057b1f0b4b1589c014bbe793d17c78adbaffec195f9a75733b5b18cb  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
 5ff940abb4265401eebb0f2fd486b51a004d62a480c5a64bc279149731b577b5c95f0b7ff2d73429ec10b1f0b76ecf7fa466b02ba3a0bf79d9b7ac2ae87ee5d5  cflags-speed-O2.patch"
-- 
2.8.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Thu Feb 16 2017 - 12:12:13 GMT