Porting lost ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch and add lost bugID in changelog.

2025-03-25 13:48:38 +08:00
parent 5d7becce29
commit a0ecb7ad2d
3 changed files with 65 additions and 8 deletions
--- a/ffmpeg-4.changes
+++ b/ffmpeg-4.changes
@@ -72,6 +72,7 @@ Mon Jan  6 11:53:32 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
  ffmpeg-CVE-2023-50010.patch
  ffmpeg-4-CVE-2024-32230.patch
  ffmpeg-4-CVE-2024-7055.patch (all merged)
+  (CVE-2023-51798, bsc#1223304)

 -------------------------------------------------------------------
 Tue Oct 15 08:18:54 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
@@ -136,20 +137,39 @@ Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 -------------------------------------------------------------------
 Tue Apr 23 14:25:53 UTC 2024 - Jan Engelhardt <jengelh@inai.de>

- Address boo#1223304/CVE-2023-51798: add patch
-  0001-avfilter-vf_minterpolate-Check-pts-before-division.patch
+- Add 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch:
+  Backporting 68146f06 from upstream, Check pts before division.
+  (CVE-2023-51798, bsc#1223304)

 -------------------------------------------------------------------
 Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de>

- Address boo#1223070/CVE-2024-31578: add patch
-  0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
+- Add 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch:
+  Backporting 76a48e85 from upstream, Check length.
+  (CVE-2024-31578, bsc#1223070)
+
+-------------------------------------------------------------------
+Mon Feb 12 18:23:41 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
+
+- ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
+  * fixes build against dav1d, which has been updated in
+    SUSE:SLE-15-SP5:Update (where apparently no rebuild of ffmpeg-4
+    had been triggered)

 -------------------------------------------------------------------
 Fri Feb  2 09:34:15 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- drop support for libmfx, which is no longer supported upstream
-  at all (boo#1219494)
+- no longer build against libmfx; build also 15.5 against libvpl
+ (boo#1230983, boo#1219494)
+
+- dropping support for libmfx below covers:
+  * libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
+  * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
+  * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
+  * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
+  * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
+  * Multiple vulnerabilities in the Intel Media SDK (libmfx1) (bsc#1226892)
+  * Drop libmfx dependency from our product (jira #PED-10024)

 -------------------------------------------------------------------
 Tue Dec 26 13:36:38 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
@@ -169,7 +189,7 @@ Fri Nov  3 08:17:13 UTC 2023 - Marcus Meissner <meissner@suse.com>
 - Add ffmpeg-fix-new-binutils.patch:
  Backporting 01fc3034 from upstream, Fix build with new binutils
  (bsc#1215309)
- 
+
 -------------------------------------------------------------------
 Mon Oct 30 11:16:43 UTC 2023 - Jan Engelhardt <jengelh@inai.de>

@@ -550,7 +570,7 @@ Fri Mar 31 00:41:22 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
 - Add Samba support for Factory (as this needs a fix in Samba itself)
  Add --enable-libsmbclient to configure, add BR on pkgconfig(smbclient)
 - License is now GPLv3+ by default (--enable-version3)
- 
+
 -------------------------------------------------------------------
 Mon Mar 30 07:14:39 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

--- a/ffmpeg-4.spec
+++ b/ffmpeg-4.spec
@@ -144,6 +144,7 @@ Patch26:        ffmpeg-4-CVE-2025-22919.patch
 Patch27:        ffmpeg-4-CVE-2025-0518.patch
 Patch28:        ffmpeg-4-CVE-2025-25473.patch
 Patch29:        ffmpeg-4-CVE-2025-22921.patch
+Patch30:        ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  libmp3lame-devel
--- a/ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
+++ b/ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
@@ -0,0 +1,36 @@
+commit e204846ec16c1ab34c7f3a681734cf5190433018
+Author: James Almer <jamrial@gmail.com>
+Date:   Fri Sep 3 13:50:32 2021 -0300
+
+    avcodec/libdav1d: fix compilation after recent libdav1d API changes
+
+    They were done in preparation for an upcoming 1.0 release.
+    Keep supporting previous releases for the time being.
+
+    Reviewed-by: BBB
+    Signed-off-by: James Almer <jamrial@gmail.com>
+
+--- a/libavcodec/libdav1d.c
+++ b/libavcodec/libdav1d.c
+@@ -202,6 +202,9 @@
+     Libdav1dContext *dav1d = c->priv_data;
+     Dav1dData *data = &dav1d->data;
+     Dav1dPicture pic = { 0 }, *p = &pic;
+#if FF_DAV1D_VERSION_AT_LEAST(5,1)
+    enum Dav1dEventFlags event_flags = 0;
+#endif
+     int res;
+
+     if (!data->sz) {
+@@ -280,6 +283,11 @@
+     frame->linesize[1] = p->stride[1];
+     frame->linesize[2] = p->stride[1];
+
+#if FF_DAV1D_VERSION_AT_LEAST(5,1)
+    dav1d_get_event_flags(dav1d->c, &event_flags);
+    if (c->pix_fmt == AV_PIX_FMT_NONE ||
+        event_flags & DAV1D_EVENT_FLAG_NEW_SEQUENCE)
+#endif
+     c->profile = p->seq_hdr->profile;
+     c->level = ((p->seq_hdr->operating_points[0].major_level - 2) << 2)
+                | p->seq_hdr->operating_points[0].minor_level;