jengelh/ffmpeg-4
SHA256
1
0
Fork 3
forked from pool/ffmpeg-4
Code Pull Requests Activity

Add ffmpeg-4-CVE-2025-63757.patch to fix bsc#1255392 #27

Merged
jengelh merged 1 commits from jonathankang/ffmpeg-4:bsc#1255392 into master 2026-01-15 11:15:26 +01:00
Conversation 0 Commits 1 Files Changed 3 +43
3 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
ffmpeg-4-CVE-2025-63757.patch Normal file
View File

@@ -0,0 +1,35 @@
From 95d890bf18e535e1ae5a9e24d801ca021e288804 Mon Sep 17 00:00:00 2001
From: Jonathan Kang <jonathankang@gnome.org>
Date: Thu, 15 Jan 2026 15:28:26 +0800
Subject: [PATCH] swscale/output: Fix integer overflow in
yuv2ya16_X_c_template()
---
libswscale/output.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libswscale/output.c b/libswscale/output.c
index be22279229..49af3818b9 100644
--- a/libswscale/output.c
+++ b/libswscale/output.c
@@ -911,7 +911,7 @@ yuv2ya16_X_c_template(SwsContext *c, const int16_t *lumFilter,
int A = 0xffff;
for (j = 0; j < lumFilterSize; j++)
- Y += lumSrc[j][i] * lumFilter[j];
+ Y += lumSrc[j][i] * (unsigned)lumFilter[j];
Y >>= 15;
Y += (1<<3) + 0x8000;
@@ -920,7 +920,7 @@ yuv2ya16_X_c_template(SwsContext *c, const int16_t *lumFilter,
if (hasAlpha) {
A = -0x40000000 + (1<<14);
for (j = 0; j < lumFilterSize; j++)
- A += alpSrc[j][i] * lumFilter[j];
+ A += alpSrc[j][i] * (unsigned)lumFilter[j];
A >>= 15;
A += 0x8000;
--
2.52.0

7
ffmpeg-4.changes
View File

@@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Jan 15 07:36:04 UTC 2026 - SongChuan Kang <sckang@suse.com>
- Add ffmpeg-4-CVE-2025-63757.patch: Backport 0c6b7f948 from
upstream. swscale/output: Fix integer overflow in
yuv2ya16_X_c_template() (bsc#1255392, CVE-2025-63757).
-------------------------------------------------------------------
Sun Jan 08 10:04:01 UTC 2026 - Cliff Zhao <qzhao@suse.com>

1
ffmpeg-4.spec
View File

@@ -150,6 +150,7 @@ Patch36: ffmpeg-4-CVE-2023-6601-shim02-954d16fa.patch
Patch37: ffmpeg-4-CVE-2023-6601-shim03-a0cb5722.patch
Patch38: ffmpeg-4-CVE-2023-6601-shim04-5b630743.patch
Patch39: ffmpeg-4-CVE-2023-6601.patch
Patch40: ffmpeg-4-CVE-2025-63757.patch
BuildRequires: ladspa-devel
BuildRequires: libgsm-devel
BuildRequires: libmp3lame-devel