From a11e95f56fc6460eeeb6e6c848e1175f439a3c341125eb0eb95471249d1fd86c Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Jul 2024 07:55:53 +0200 Subject: [PATCH] Revert renames rejected by factory-auto in rq 1189525 --- ...6.patch => ffmpeg-4.4-CVE-2020-22046.patch | 0 ffmpeg-5.changes | 19 ++---------- ffmpeg-5.spec | 31 ++++++++++--------- ...49502.patch => ffmpeg-CVE-2023-49502.patch | 0 ...50007.patch => ffmpeg-CVE-2023-50007.patch | 0 ...50008.patch => ffmpeg-CVE-2023-50008.patch | 0 ...50009.patch => ffmpeg-CVE-2023-50009.patch | 0 ...50010.patch => ffmpeg-CVE-2023-50010.patch | 0 ...51793.patch => ffmpeg-CVE-2023-51793.patch | 0 ...ify-ff_gaussian_blur-and-ff-function.patch | 13 +++++--- 10 files changed, 27 insertions(+), 36 deletions(-) rename ffmpeg-4-CVE-2020-22046.patch => ffmpeg-4.4-CVE-2020-22046.patch (100%) rename ffmpeg-5-CVE-2023-49502.patch => ffmpeg-CVE-2023-49502.patch (100%) rename ffmpeg-5-CVE-2023-50007.patch => ffmpeg-CVE-2023-50007.patch (100%) rename ffmpeg-5-CVE-2023-50008.patch => ffmpeg-CVE-2023-50008.patch (100%) rename ffmpeg-5-CVE-2023-50009.patch => ffmpeg-CVE-2023-50009.patch (100%) rename ffmpeg-5-CVE-2023-50010.patch => ffmpeg-CVE-2023-50010.patch (100%) rename ffmpeg-5-CVE-2023-51793.patch => ffmpeg-CVE-2023-51793.patch (100%) rename ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch => ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch (97%) diff --git a/ffmpeg-4-CVE-2020-22046.patch b/ffmpeg-4.4-CVE-2020-22046.patch similarity index 100% rename from ffmpeg-4-CVE-2020-22046.patch rename to ffmpeg-4.4-CVE-2020-22046.patch diff --git a/ffmpeg-5.changes b/ffmpeg-5.changes index 8bf01b4..1452147 100644 --- a/ffmpeg-5.changes +++ b/ffmpeg-5.changes @@ -13,19 +13,6 @@ Tue Jul 2 11:57:01 UTC 2024 - Cliff Zhao grain metadata. (CVE-2024-32228, bsc#1227277) -------------------------------------------------------------------- -Tue Jul 2 11:28:10 UTC 2024 - Cliff Zhao - -- Rename CVE patches as SUSE CVE standard:(package name)-%(CVE number) - ffmpeg-4.4-CVE-2020-22046.patch - ffmpeg-5-CVE-2023-50007.patch - ffmpeg-5-CVE-2023-50008.patch - ffmpeg-5-CVE-2023-49502.patch - ffmpeg-5-CVE-2023-51793.patch - ffmpeg-5-CVE-2023-50009.patch - ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch - ffmpeg-5-CVE-2023-50010.patch - ------------------------------------------------------------------- Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao @@ -50,7 +37,7 @@ Tue Apr 26 12:18:26 UTC 2024 - Cliff Zhao ------------------------------------------------------------------- Tue Apr 24 10:48:32 UTC 2024 - Cliff Zhao -- Add ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch: +- Add ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch: Backporting cf1f5744 from upstream, Templatify function ff_gaussian_blur and ff_sobel to prepare fix support for CVE-2023-50009. (CVE-2023-50009 bsc#1223255) @@ -295,7 +282,7 @@ Thu Jan 5 12:57:10 UTC 2023 - Jan Engelhardt ------------------------------------------------------------------- Mon Dec 12 21:18:30 UTC 2022 - Dirk Müller -- build for x86_64 subarchs the same way like for baseline +- build for x86_64 subarchs the same way like for baseline ------------------------------------------------------------------- Thu Dec 8 11:27:56 UTC 2022 - Callum Farmer @@ -446,7 +433,7 @@ Sat Apr 9 22:36:13 UTC 2022 - Dirk Müller * avcodec/libdav1d: free the Dav1dData packet on dav1d_send_data() failure * avcodec/h264_parser: don't alter decoder private data * configure: link to libatomic when it's present - * fate/ffmpeg: add missing samples dependency to fate-shortest + * fate/ffmpeg: add missing samples dependency to fate-shortest ------------------------------------------------------------------- Thu Mar 10 13:37:06 UTC 2022 - Bjørn Lie diff --git a/ffmpeg-5.spec b/ffmpeg-5.spec index 742cb9a..e867491 100644 --- a/ffmpeg-5.spec +++ b/ffmpeg-5.spec @@ -17,9 +17,6 @@ %define flavor @BUILD_FLAVOR@%{nil} -# -# preamble is present twice, watch out -# %if "%{flavor}" != "ffmpeg-5-mini" # Create proper conflicts to make sure we require all from one version @@ -107,7 +104,7 @@ Patch2: ffmpeg-new-coder-errors.diff Patch3: ffmpeg-codec-choice.diff Patch4: ffmpeg-4.2-dlopen-fdk_aac.patch Patch5: work-around-abi-break.patch -Patch9: ffmpeg-4-CVE-2020-22046.patch +Patch9: ffmpeg-4.4-CVE-2020-22046.patch Patch10: 0001-avfilter-af_dialoguenhance-fix-overreads.patch Patch11: 0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch Patch12: 0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch @@ -119,15 +116,18 @@ Patch17: 0001-avfilter-af_stereowiden-Check-length.patch Patch90: ffmpeg-chromium.patch Patch91: ffmpeg-dlopen-openh264.patch Patch93: soname.diff -Patch94: ffmpeg-5-CVE-2023-50007.patch -Patch95: ffmpeg-5-CVE-2023-50008.patch -Patch96: ffmpeg-5-CVE-2023-49502.patch -Patch97: ffmpeg-5-CVE-2023-51793.patch -Patch98: ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch -Patch99: ffmpeg-5-CVE-2023-50009.patch -Patch100: ffmpeg-5-CVE-2023-50010.patch +Patch94: ffmpeg-CVE-2023-50007.patch +Patch95: ffmpeg-CVE-2023-50008.patch +Patch96: ffmpeg-CVE-2023-49502.patch +Patch97: ffmpeg-CVE-2023-51793.patch +Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch +Patch99: ffmpeg-CVE-2023-50009.patch +Patch100: ffmpeg-CVE-2023-50010.patch Patch101: ffmpeg-5-CVE-2024-32228.patch Patch102: ffmpeg-5-CVE-2024-32230.patch +# +# preamble is present twice, watch out +# %if %{with amf_sdk} BuildRequires: AMF-devel %endif @@ -855,14 +855,15 @@ Patch17: 0001-avfilter-af_stereowiden-Check-length.patch Patch90: ffmpeg-chromium.patch Patch91: ffmpeg-dlopen-openh264.patch Patch93: soname.diff -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50007.patch CVE-2023-50007 bsc#1223253 qzhao@suse.com -- Fix crash with EOF handling. Patch94: ffmpeg-CVE-2023-50007.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50008.patch CVE-2023-50008 bsc#1223254 qzhao@suse.com -- Fix memory leaks. Patch95: ffmpeg-CVE-2023-50008.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-49502.patch CVE-2023-49502 bsc#1223235 qzhao@suse.com -- Account for chroma sub-sampling in min size calculation. Patch96: ffmpeg-CVE-2023-49502.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-51793.patch CVE-2023-51793 bsc#1223272 qzhao@suse.com -- Fix odd height handling. Patch97: ffmpeg-CVE-2023-51793.patch +Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch +Patch99: ffmpeg-CVE-2023-50009.patch +Patch100: ffmpeg-CVE-2023-50010.patch +Patch101: ffmpeg-5-CVE-2024-32228.patch +Patch102: ffmpeg-5-CVE-2024-32230.patch BuildRequires: c_compiler Requires: this-is-only-for-build-envs diff --git a/ffmpeg-5-CVE-2023-49502.patch b/ffmpeg-CVE-2023-49502.patch similarity index 100% rename from ffmpeg-5-CVE-2023-49502.patch rename to ffmpeg-CVE-2023-49502.patch diff --git a/ffmpeg-5-CVE-2023-50007.patch b/ffmpeg-CVE-2023-50007.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50007.patch rename to ffmpeg-CVE-2023-50007.patch diff --git a/ffmpeg-5-CVE-2023-50008.patch b/ffmpeg-CVE-2023-50008.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50008.patch rename to ffmpeg-CVE-2023-50008.patch diff --git a/ffmpeg-5-CVE-2023-50009.patch b/ffmpeg-CVE-2023-50009.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50009.patch rename to ffmpeg-CVE-2023-50009.patch diff --git a/ffmpeg-5-CVE-2023-50010.patch b/ffmpeg-CVE-2023-50010.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50010.patch rename to ffmpeg-CVE-2023-50010.patch diff --git a/ffmpeg-5-CVE-2023-51793.patch b/ffmpeg-CVE-2023-51793.patch similarity index 100% rename from ffmpeg-5-CVE-2023-51793.patch rename to ffmpeg-CVE-2023-51793.patch diff --git a/ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch b/ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch similarity index 97% rename from ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch rename to ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch index e7e64a7..a796a16 100644 --- a/ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch +++ b/ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch @@ -1,14 +1,16 @@ commit cf1f57443158bcbe84a213e8dc631a302993f9a2 Author: Thilo Borgmann Date: Mon Jul 18 16:09:46 2022 +0200 -Subject: lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel References: CVE-2023-50009 -References: bsc#1172423 -Upstream: Backport from upstream +References: https://bugzilla.opensuse.org/1172423 -Backport cf1f5744 from upstream, Templatify function ff_gaussian_blur -and ff_sobel to prepare fix support for CVE-2023-50009. -qzhao +lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel +[Backport cf1f5744 from upstream, Templatify function ff_gaussian_blur +and ff_sobel to prepare fix support for CVE-2023-50009. -qzhao] + +diff --git a/libavfilter/edge_common.c b/libavfilter/edge_common.c +index d72e8521cd..ebd47d7c53 100644 --- a/libavfilter/edge_common.c +++ b/libavfilter/edge_common.c @@ -46,33 +46,13 @@ static int get_rounded_direction(int gx, int gy) @@ -310,3 +312,4 @@ index 90390ceb3e..603f06f141 100644 * ignore the rest, so we need a clean output buffer */ -- 2.41.0 +