Linux News Today: FFmpeg 2.8.5 Is Out, Patches the Vulnerability That Lets Attackers Steal Files Remotely
Just a few minutes ago, the development team behind the well-known, cross-platform and open source FFmpeg multimedia backend have announced the release of FFmpeg 2.8.5, which is now available for download for all supported operating systems, including GNU/Linux, Mac OS X and Microsoft Windows.
The release notes of FFmpeg 2.8.5 are the same as for any other maintenance version from the FFmpeg 2.8 “Feynman” series. Nothing is specified about the zero-day vulnerability that we reported a couple of days ago, which could have allowed an attacker to steal files from remote machines.
The FFmpeg devs noted that version 2.8.5 is now that latest stable FFmpeg release from the 2.8 release branch, bringing updates to various core components, including ffmpeg-mt, libav 11, and libav master, and that several other libraries have been upgraded to their latest versions at the moment of the announcement.
“2.8.5 was released on 2016-01-15. It is the latest stable FFmpeg release from the 2.8 release branch, which was cut from master on 2015-09-05. Amongst lots of other changes, it includes all changes from ffmpeg-mt, libav master of 2015-08-28, libav 11 as of 2015-08-28,” reads today’s announcement.
Among the core libraries that have been updated in FFmpeg 2.8.5, we can mention libavutil 54.31.100, libavcodec 56.60.100, libavformat 56.40.101, libavdevice 56.4.100, libavfilter 5.40.101, libavresample 2.1.0, libswscale 3.1.101, libswresample 1.2.101, and libpostproc 53. 3.100.
As expected, you are urged to update to FFmpeg 2.8.5 as soon as possible to fix the critical security issue mentioned in the second paragraph above. Of course, we always recommend our readers to run the latest stable version of a software to avoid system issues and crashes. Download FFmpeg 2.8.5 right now from Softpedia.