[Buildroot] [git commit branch/2017.02.x] rtmpdump: security bump to current HEAD
Peter Korsgaard
peter at korsgaard.com
Wed May 17 20:37:24 UTC 2017
commit: https://git.buildroot.net/buildroot/commit/?id=9737f2b9fa15a71c6cd26b2db81471edc27b34bf
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2017.02.x
Fixes:
- CVE-2015-8271: The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows
remote RTMP Media servers to execute arbitrary code
https://www.talosintelligence.com/reports/TALOS-2016-0067/
- CVE-2015-8272: RTMPDump 2.4 allows remote attackers to trigger a denial of
service (NULL pointer dereference and process crash).
https://www.talosintelligence.com/reports/TALOS-2016-0068/
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at free-electrons.com>
(cherry picked from commit 4ebd2fa277fdffecca146d07c78954653517eff4)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/rtmpdump/rtmpdump.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/rtmpdump/rtmpdump.mk b/package/rtmpdump/rtmpdump.mk
index 2e3428f..eb2d810 100644
--- a/package/rtmpdump/rtmpdump.mk
+++ b/package/rtmpdump/rtmpdump.mk
@@ -4,7 +4,7 @@
#
################################################################################
-RTMPDUMP_VERSION = a107cef9b392616dff54fabfd37f985ee2190a6f
+RTMPDUMP_VERSION = fa8646daeb19dfd12c181f7d19de708d623704c0
RTMPDUMP_SITE = git://git.ffmpeg.org/rtmpdump
RTMPDUMP_INSTALL_STAGING = YES
# Note that rtmpdump is GPLv2 but librtmp has its own license and since we only
More information about the buildroot
mailing list