[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 41b6aa8 web: Add FFmpeg 7.0

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Fri Apr 5 03:00:58 EEST 2024 

The branch, master has been updated
       via  41b6aa8a92d184ffa43e3b39eb0fc7a89867d851 (commit)
       via  b2339414f087d5bdd0c620f5a8685198baf7ebf4 (commit)
      from  52dd873867a86f4d555b3e9c1e5a32b5ed62a0cc (commit)


- Log -----------------------------------------------------------------
commit 41b6aa8a92d184ffa43e3b39eb0fc7a89867d851
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Fri Apr 5 01:59:47 2024 +0200
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Fri Apr 5 01:59:47 2024 +0200

    web: Add FFmpeg 7.0

diff --git a/src/download b/src/download
index 9866a3b..1a7447d 100644
--- a/src/download
+++ b/src/download
@@ -1,10 +1,10 @@
 
 <div id="download">
   <div class="btn-download-wrapper">
-    <a href="https://ffmpeg.org/releases/ffmpeg-6.1.1.tar.xz" class="btn btn-success">
+    <a href="https://ffmpeg.org/releases/ffmpeg-7.0.tar.xz" class="btn btn-success">
       <i class="fa fa-cloud-download"></i>
       Download Source Code
-      <small>ffmpeg-6.1.1.tar.xz</small>
+      <small>ffmpeg-7.0.tar.xz</small>
     </a>
     <br>
     <a href="#releases">More releases</a>
@@ -305,6 +305,42 @@ gpg: Good signature from "FFmpeg release signing key <ffmpeg-devel at ffmpeg.org
     and much faster bug fixes such as additional features and security patches.
   </p>
 
+  <h3 id="release_7.0">FFmpeg 7.0 "Dijkstra"</h3>
+
+  <p>
+    7.0 was released on 2024-04-05. It is the latest stable FFmpeg release
+    from the 7.0 release branch, which was cut from master on 2024-03-27.
+  </p>
+  <p>It includes the following library versions:
+  </p>
+  <pre>
+libavutil      59.  8.100
+libavcodec     61.  3.100
+libavformat    61.  1.100
+libavdevice    61.  1.100
+libavfilter    10.  1.100
+libswscale      8.  1.100
+libswresample   5.  1.100
+libpostproc    58.  1.100</pre>
+  <div class="row">
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-7.0.tar.xz">Download xz tarball</a>
+      <small><a href="releases/ffmpeg-7.0.tar.xz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-7.0.tar.bz2">Download bzip2 tarball</a>
+      <small><a href="releases/ffmpeg-7.0.tar.bz2.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-7.0.tar.gz">Download gzip tarball</a>
+      <small><a href="releases/ffmpeg-7.0.tar.gz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3 text-right">
+      <small><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n7.0">Changelog</a></small>
+      <a class="btn btn-success" href="https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/refs/heads/release/7.0:/RELEASE_NOTES">Release Notes</a>
+    </div> <!-- col -->
+  </div> <!-- row -->
+
   <h3 id="release_6.1">FFmpeg 6.1.1 "Heaviside"</h3>
 
   <p>
diff --git a/src/security b/src/security
index b862459..7c0653f 100644
--- a/src/security
+++ b/src/security
@@ -1,6 +1,17 @@
 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
 
 
+<h2>FFmpeg 7.0</h2>
+
+<h3>7.0</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2024-28661, 66b50445cb36cf6adb49c2397362509aedb42c71
+</pre>
+
+
 <h2>FFmpeg 6.1</h2>
 
 <h3>6.1</h3>

commit b2339414f087d5bdd0c620f5a8685198baf7ebf4
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Mar 30 14:57:18 2024 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Tue Apr 2 01:32:44 2024 +0200

    web/download: List the expected differences for releases and git and the expected signing key
    
    This is kept terse, as few users are expected to check that but its important that we list what the expected differences and
    signing key is, so any anomalies can be quickly detected.
    
    Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

diff --git a/src/download b/src/download
index 0e6fa7e..9866a3b 100644
--- a/src/download
+++ b/src/download
@@ -285,6 +285,8 @@ gpg:                issuer "ffmpeg-devel at ffmpeg.org"
 gpg: Good signature from "FFmpeg release signing key <ffmpeg-devel at ffmpeg.org>" [full]</pre>
       </li>
     </ol>
+    Optionally, you can verify that git and tarball match, the only differences should be the absence of .git* files in the tarball and a VERSION file in the tarball containing the version.
+    The git tags should be signed with <a href="git-tag-key.asc">EDDSA key DD1EC9E8DE085C629B3E1846B18E8928B3948D64</a>
   </p>
 
   <h4 id="releases">

-----------------------------------------------------------------------

Summary of changes:
 src/download | 42 ++++++++++++++++++++++++++++++++++++++++--
 src/security | 11 +++++++++++
 2 files changed, 51 insertions(+), 2 deletions(-)


hooks/post-receive
--

More information about the ffmpeg-cvslog mailing list