a61a04cd14
Both mentioned CVE IDs refer to vulnerabilities where a remote attacker can read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file. Building with 2.8.5 fixes those. MFH: 2016Q1 Security: CVE-2016-1897 CVE-2016-1898