* If it's unsupported or invalid, then there's no point trying to rebuild it using a value that may have been derived from the same layout to begin with.
* Move the checks before the attempts at copying the layout while at it.
(CVE-2024-7272, bsc#1229261)
- Update to version 5.1.3:
* avcodec/012v: Order operations for odd size handling
* avcodec/alsdec:
- Check bits left before block decoding in non multi channel
coding loop
- The minimal block is at least 7 bits
* avcodec/atrac3plus: reorder channels to match the output layout
* avcodec/audiotoolboxenc: return AVERROR_EXTERNAL immediately
when encode error
* avcodec/bink:
- Avoid undefined out of array end pointers in
binkb_decode_plane()
- Fix off by 1 error in ref end
* avcodec/eac3dec: avoid float noise in fixed mode addition to
overflow
* avcodec/eatgq: : Check index increments in tgq_decode_block()
* avcodec/escape124:
- Fix signdness of end of input check
- Fix some return codes
* avcodec/ffv1dec:
- Check that num h/v slices is supported
- Fail earlier if prior context is corrupted
* avcodec/ffv1dec: restructure slice coordinate reading a bit
* avcodec/h274: fix include
* avcodec/libjxldec:
- Fix gamma22 and gamma28 recognition
- Avoid hard failure with unspecified primaries
* avcodec/mjpegenc: take into account component count when
writing the SOF header size
* avcodec/mlpdec: Check max matrix instead of max channel in
noise check
* avcodec/motionpixels: Mask pixels to valid values
* avcodec/mpeg12dec:
- Check input size
- Use init_get_bits8 and check the return value
* avcodec/nvenc: fix vbv buffer size in cq mode
* avcodec/pictordec: Remove mid exit branch
* avcodec/pngdec:
- Check deloco index more exactly
- Dont skip/read chunk twice
* avcodec/rpzaenc: stop accessing out of bounds frame
* avcodec/scpr3: Check bx
* avcodec/scpr: Test bx before use
* avcodec/smcenc: stop accessing out of bounds frame
* avcodec/snowenc: Fix visual weight calculation
* avcodec/speedhq: Check buf_size to be big enough for DC
* avcodec/speexdec: Check channels > 2
* avcodec/sunrast: Fix maplength check
* avcodec/tests/snowenc:
- Fix 2nd test
- Return a failure if DWT/IDWT mismatches
- Unbreak DWT tests
* avcodec/tiff: Ignore tile_count
* avcodec/utils:
- Allocate a line more for VC1 and WMV3
- Ensure linesize for SVQ3
- Use 32pixel alignment for bink
* avcodec/videodsp_template: Adjust pointers to avoid undefined
pointer things
* avcodec/wavpack:
- Avoid undefined shift in get_tail()
- Check for end of input in wv_unpack_dsd_high()
* avcodec/xpmdec: Check size before allocation to avoid
truncation
* avcodec/aacdec: fix parsing streams with channel configuration
11
* avformat/id3v2: Check taglen in read_uslt()
* avformat/mov: Check samplesize and offset to avoid integer
overflow
* avformat/mxfdec: Use 64bit in remainder
* avformat/replaygain: avoid undefined / negative abs
* avformat/vividas: Check packet size
* avutil/tx: Use unsigned in ff_tx_fft_sr_combine() to avoid
undefined behavior
* hwcontext_vulkan: remove optional encode/decode extensions from
the list
* lavf/async: Fix ring_write return value
* lavu/vulkan: fix handle type for 32-bit targets
* libswscale: force a minimum size of the slide for bayer sources
* swscale/input: Use more unsigned intermediates
* swscale/output:
- Bias 16bps output calculations to improve non overflowing
range
- Bias 16bps output calculations to improve non overflowing
range for GBRP16/GBRPF32
* swscale: aarch64: Fix yuv2rgb with negative strides
* Use https for repository links
* vulkan: Fix win/i386 calling convention
- Rebase patches with quilt.
- Drop ffmpeg-CVE-2022-3964.patch: Fixed upstream.
- Drop no-vk-video-decoding.patch: Upstream removed this optional
code.
- Use ldconfig_scriptlets macro.
OBS-URL: https://build.opensuse.org/request/show/1080435
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=67
- Update to release 5.1.2
* avcodec/dstdec: Check for overflow in build_filter()
* avformat/spdifdec: Use 64bit to compute bit rate
* avformat/rpl: Use 64bit for duration computation
* avformat/xwma: Use av_rescale() for duration computation
* avformat/sdsdec: Use av_rescale() to avoid intermediate overflow in duration calculation
* avformat/sbgdec: Check ts_int in genrate_intervals
* avformat/sbgdec: clamp end_ts
* avformat/rmdec: check tag_size
* avformat/nutdec: Check fields
* avformat/flvdec: Use 64bit for sum_flv_tag_size
* avformat/jacosubdec: Fix overflow in get_shift()
* avformat/genh: Check nb_channels for IMA ADPCM
* avformat/dxa: avoid bpc overflows
* avformat/dhav: Use 64bit seek_back
* avformat/cafdec: Check that nb_frasmes fits within 64bit
* avformat/asfdec_o: Limit packet offset
* avformat/apm: Use 64bit for bit_rate computation
* avformat/ape: Check frames size
* avformat/icodec: Check nb_pal
* avformat/aiffdec: Use 64bit for block_duration use
* avformat/aiffdec: Check block_duration
* avformat/mxfdec: only probe max run in
* avformat/mxfdec: Check run_in is within 65536
* avcodec/mjpegdec: Check for unsupported bayer case
* avcodec/tta: Check 24bit scaling for overflow
* avcodec/exr: Check preview psize
* avcodec/tiff: Fix loop detection
* libavformat/hls: Free keys
* avcodec/fmvc: Move frame allocation to a later stage
* avfilter/vf_showinfo: remove backspaces
* avcodec/speedhq: Check width
* avcodec/bink: disallow odd positioned scaled blocks
* avformat/cafenc: derive Opus frame size from the relevant stream parameters
* avformat/dashdec: Fix crash on invalid input/ENOMEM, fix leak
* lavc/videotoolbox: do not pass AVCodecContext to decoder output callback
* lavc/pthread_frame: always transfer stashed hwaccel state
* avcodec/arm/sbcenc: avoid callee preserved vfp registers
* avformat/riffdec: don't unconditionally overwrite WAVEFORMATEXTENSIBLE layout
* avfilter/vf_scale: overwrite the width and height expressions with the original values
* lavc/pthread_frame: avoid leaving stale hwaccel state in worker threads
* avutil/tests/.gitignore: Add channel_layout testtool
OBS-URL: https://build.opensuse.org/request/show/1006248
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=26
- update to 5.0.1:
* avcodec/exr: Avoid signed overflow in displayWindow
* avcodec/diracdec: avoid signed integer overflow in global mv
* avcodec/takdsp: Fix integer overflow in decorrelate_sf()
* avcodec/apedec: fix a integer overflow in long_filter_high_3800()
* avdevice/dshow: fix regression
* avfilter/vf_subtitles: pass storage size to libass
* avcodec/vp9_superframe_split_bsf: Don't read inexistent data
* avcodec/vp9_superframe_split_bsf: Discard invalid zero-sized frames
* avcodec/vp9_superframe_bsf: Check for existence of data before reading it
* avcodec/vp9_raw_reorder_bsf: Check for existence of data before reading it
* avformat/imf: fix packet pts, dts and muxing
* avformat/imf: open resources only when first needed
* avformat/imf: cosmetics
* avformat/imf_cpl: do not use filesize when reading XML file
* avformat/imfdec: Use proper logcontext
* avformat/imfdec: do not use filesize when reading XML file
* doc/utils: add missing 22.2 layout entry
* avcodec/av1: only set the private context pix_fmt field if get_pixel_format() succeeds
* avformat/aqtitledec: Skip unrepresentable durations
* avformat/cafdec: Do not store empty keys in read_info_chunk()
* avformat/mxfdec: Do not clear array in mxf_read_strong_ref_array() before writing
* avformat/mxfdec: Check for avio_read() failure in mxf_read_strong_ref_array()
* avformat/mxfdec: Check count in mxf_read_strong_ref_array()
* avformat/hls: Check target_duration
* avcodec/pixlet: Avoid signed integer overflow in scaling in filterfn()
* avformat/matroskadec: Check pre_ns
* avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior
* avcodec/libuavs3d: Check ff_set_dimensions() for failure
* avcodec/speexdec: Align some comments
OBS-URL: https://build.opensuse.org/request/show/968075
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=14
Yes, this does not build on i586 for 15.3, but I think we can live with that as ffmpeg-5 will never be the "main" ffmpeg on 15.3, in fact I doubt it will even reach it at all.
- Drop pkgconfig(celt) BuildRequires and stop passing
--enable-libcelt to configure and drop celt from enable_decoders,
abandoned upstream for opus.
- Drop pkgconfig(libv4l2) BuildRequires and stop passing
--enable-libv4l2 to configure, only needed very old devices and
may cause problems for others for those needing it, use
LD_PRELOAD pointing on libv4l2.
- Drop pkgconfig(librtmp) BuildRequires and stop passing
conditional --enable-librtmp to configure, built-in RTMP support
is better, and has listen mode.
- Drop bcond conditionals for cuda_sdk, libaom, srt, lv2, soxr,
zmq, zimg and openmpt, build unconditionally for all supported
versions of openSUSE.
- Drop pkgconfig(enca) BuildRequires: Seems unused.
OBS-URL: https://build.opensuse.org/request/show/961334
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=11