K 10
svn:author
V 5
riggs
K 8
svn:date
V 27
2016-01-17T09:58:37.171499Z
K 7
svn:log
V 386
Upgrade to upstream release 2.8.5; fix zero-day remote vulnerability

Both mentioned CVE IDs refer to vulnerabilities where a remote attacker
can read arbitrary files by using the subfile protocol in an HTTP Live
Streaming (HLS) M3U8 file. The new release fixes those in the process.

PR:		206282
Reported by:	sasamotikomi@gmail.com
MFH:		2016Q1
Security:	CVE-2016-1897
		CVE-2016-1898

END