This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg-web.
The following commit(s) were added to refs/heads/master by this push:
new b5e2422 web/security: add more CVE#s for the 8.0 and 8.1 branches
b5e2422 is described below
commit b5e2422fc729542c6d3de7b2a8bbb5954a82c5fd
Author: Michael Niedermayer <[email protected]>
AuthorDate: Mon Jun 22 02:09:43 2026 +0200
Commit: Michael Niedermayer <[email protected]>
CommitDate: Mon Jun 22 02:32:17 2026 +0200
web/security: add more CVE#s for the 8.0 and 8.1 branches
Signed-off-by: Michael Niedermayer <[email protected]>
---
src/security | 22 ++++++++++++++++++++--
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/src/security b/src/security
index f0ca141..8861ee8 100644
--- a/src/security
+++ b/src/security
@@ -30,6 +30,8 @@ CVE-2025-59734, d311382c38df9c2237b33a9e8e860a5da7d2895d,
BIGSLEEP-440183164
CVE-2025-59734, c41a70b6bb79707e1e3a4b0e31950cd986b9f50e, BIGSLEEP-440183164
CVE-2025-63757, 0c6b7f9483a38657c9be824572b4c0c45d4d9fef
CVE-2026-8461, c23d4da3128c279b714b282e6ec292e8755007e3, pr/23159
+CVE-2026-8461, 5806e8b9f34f1b0663b3017ef9dd1aa5d08116d1, pr/23159
+CVE-2026-8461, 374b726ffa878ee1cadb987bd1e1e20cc7ed8845, pr/23159
CVE-2026-30999, 144af8f81abc1385631b4e1f4672cd415a9c6e05, pr/23006
</pre>
@@ -42,6 +44,8 @@ Fixes following vulnerabilities:
</p>
<pre>
CVE-2026-8461, a991b3e1102824730de6b0b2afd1c7e41fbdf03d /
c23d4da3128c279b714b282e6ec292e8755007e3, pr/23159
+CVE-2026-8461, 9516e6900a8294c5a9e0da8d4ad88956776d6666 /
374b726ffa878ee1cadb987bd1e1e20cc7ed8845
+CVE-2026-8461, e302bafe79e0153f4dc7faecec7203836dcd71a7 /
5806e8b9f34f1b0663b3017ef9dd1aa5d08116d1
CVE-2026-30999, 874cd67a3c560fcc2edbfc38940777610670b604 /
144af8f81abc1385631b4e1f4672cd415a9c6e05
</pre>
@@ -50,12 +54,26 @@ CVE-2026-30999, 874cd67a3c560fcc2edbfc38940777610670b604 /
144af8f81abc1385631b4
Fixes following vulnerabilities:
</p>
<pre>
+CVE-2025-12343, b8d5f65b9e89d893f27cf00799dbc15fc0ca2f8e
CVE-2025-67306, faa382e5b196f2acb5bc5b159aaf06682291328b, pr/21108
CVE-2025-67306, 554ae5ada98cd44686ade995102d3aa2295d7b09, pr/21108
+CVE-2025-69693, 8abeb879df66ea8d27ce1735925ced5a30813de4
</pre>
<h2>FFmpeg 8.0</h2>
+
+<h3>8.0.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2026-8461, 24b452cd9f6664dcee63f1d597ba052b34f8efd2 /
5806e8b9f34f1b0663b3017ef9dd1aa5d08116d1
+CVE-2026-8461, 31c9c550ef5a2aea5606c319b6299108c359f21f /
374b726ffa878ee1cadb987bd1e1e20cc7ed8845
+CVE-2026-8461, 3e8f3537f957da011d7360acacc9941f3ce5c306 /
c23d4da3128c279b714b282e6ec292e8755007e3
+CVE-2026-30999, 5c8a8750de5239136da3e2cdb2ede8122864b252 /
144af8f81abc1385631b4e1f4672cd415a9c6e05
+</pre>
+
<h3>8.0.2</h3>
<p>
Fixes following vulnerabilities:
@@ -63,8 +81,6 @@ Fixes following vulnerabilities:
<pre>
CVE-2025-67306, b5996929df27276db37e075600988ebb17890eb4 /
554ae5ada98cd44686ade995102d3aa2295d7b09
CVE-2025-67306, fe72a8781b22912ec7125de1509d83fc2b1ad802 /
faa382e5b196f2acb5bc5b159aaf06682291328b
-CVE-2026-8461, 3e8f3537f957da011d7360acacc9941f3ce5c306 /
c23d4da3128c279b714b282e6ec292e8755007e3
-CVE-2026-30999, 5c8a8750de5239136da3e2cdb2ede8122864b252 /
144af8f81abc1385631b4e1f4672cd415a9c6e05
</pre>
<h3>8.0.1</h3>
@@ -72,6 +88,7 @@ CVE-2026-30999, 5c8a8750de5239136da3e2cdb2ede8122864b252 /
144af8f81abc1385631b4
Fixes following vulnerabilities:
</p>
<pre>
+CVE-2025-69693, 5a6e2b0ab1bbc5a85a9575af8e4d67b4f0ed3d14 /
8abeb879df66ea8d27ce1735925ced5a30813de4
CVE-2025-63757, 716cf25eb8616e8e068a7c2a5d23ae107bd117b4 /
0c6b7f9483a38657c9be824572b4c0c45d4d9fef
</pre>
@@ -89,6 +106,7 @@ CVE-2025-1594, bedfb6eca402037f5cbb115fa767d106b8c14f1c,
ticket/11418
CVE-2025-1816, 0526535cd58444dd264e810b2f3348b4d96cff3b, ticket/11475,
CVE-2025-9951, 104d6846c1be0cb757dc95d5801a416f4d7c687d
CVE-2025-9951, 01a292c7e36545ddeb3c7f79cd02e2611cd37d73
+CVE-2025-12343, 263e819aa45cd3c48bf6887be02b4ec504c02048 /
b8d5f65b9e89d893f27cf00799dbc15fc0ca2f8e
CVE-2025-22919, 1446e37d3d032e1452844778b3e6ba2c20f0c322, ticket/11385,
CVE-2025-22920, 4bf784c0e5615c3f934e677d5de093a8be7da7ae, ticket/11389 never
affected a release
CVE-2025-25471, fd1772b7475d0d5673a5dd314ee78443d0be4cf1, ticket/11417 never
affected a release
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]