A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed (CVE-2017-9122).
An invalid memory read in lqtframeduration via a crafted mp4 file was fixed (CVE-2017-9123).
A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed (CVE-2017-9124).
A DoS in lqtframeduration function in lqt_quicktime.c via crafted mp4 file was fixed (CVE-2017-9125).
A heap-based buffer overflow in quicktimereaddref_table via a crafted mp4 file was fixed (CVE-2017-9126).
A heap-based buffer overflow in quicktimeuseratomsreadatom via a crafted mp4 file was fixed (CVE-2017-9127).
A heap-based buffer over-read in quicktimevideowidth via a crafted mp4 file was fixed (CVE-2017-9128).