Checked into GIT, the ffmpeg 5.1 patch 6 as Andrew had attached. We will have to remember to exclude this patch on the next ffmpeg upgrade (did not think necessary to upgrade this soon to 5.1.2 after all).

On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin <cin@lists.cinelerra-gg.org> wrote:

https://github.com/google/security-research/security/advisories/GHSA-vhxg-9wfx-7fcj

so I downloaded

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87ef840315207d

and turned it into ffmpeg-5.1.patch6
(attached)

from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?

--
Cin mailing list
Cin@lists.cinelerra-gg.org
https://lists.cinelerra-gg.org/mailman/listinfo/cin