[Bug 249484] multimedia/mythtv: Update to 31.0
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Sep 21 10:26:11 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=249484
--- Comment #3 from Alan Hicks <ahicks at p-o.co.uk> ---
CVE-2016-10191 only lists before 3.2.2 as vulnerable,
the version of ffmpeg included in 31.0 is 4.2.1,
there isn't an option to use ffmpeg from ports.
I've checked the source file
work/mythtv-31.0/mythtv/external/FFmpeg/libavformat/rtmppkt.c
and it contains the check for "RTMP packet size mismatch" from
patch-CVE-2016-10191.
head -n 4 work/mythtv-31.0/mythtv/external/FFmpeg/Changelog
Entries are sorted chronologically from oldest to youngest within each release,
releases are sorted from youngest to oldest.
version 4.2.1:
https://nvd.nist.gov/vuln/detail/CVE-2016-10191
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list