ffmpeg-5-CVE-2024-32228.patch gelöscht

- Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
  which does not build on Packman.

0001-avutil-hwcontext_vaapi-use-the-correct-type-for-VASu.patch

@@ -1,29 +0,0 @@
-From 6f8e365a2af2b6b21701d41eed3b2e3f8a436eeb Mon Sep 17 00:00:00 2001
-From: James Almer <jamrial@gmail.com>
-Date: Wed, 31 Jul 2024 10:00:54 -0300
-Subject: [PATCH] avutil/hwcontext_vaapi: use the correct type for
- VASurfaceAttribExternalBuffers.buffers
-
-Should fix ticket #11115.
-
-Signed-off-by: James Almer <jamrial@gmail.com>
----
- libavutil/hwcontext_vaapi.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libavutil/hwcontext_vaapi.c b/libavutil/hwcontext_vaapi.c
-index 4cb25dd032..15fd84aa40 100644
---- a/libavutil/hwcontext_vaapi.c
-+++ b/libavutil/hwcontext_vaapi.c
-@@ -1225,7 +1225,7 @@ static int vaapi_map_from_drm(AVHWFramesContext *src_fc, AVFrame *dst,
- 
-     if (!use_prime2 || vas != VA_STATUS_SUCCESS) {
-         int k;
--        unsigned long buffer_handle;
-+        uintptr_t buffer_handle;
-         VASurfaceAttribExternalBuffers buffer_desc;
-         VASurfaceAttrib buffer_attrs[2] = {
-             {
--- 
-2.46.0
-

0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch

@@ -1,58 +0,0 @@
-From 654bd47716c4f36719fb0f3f7fd8386d5ed0b916 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@arm.com>
-Date: Fri, 9 Aug 2024 11:32:00 +0100
-Subject: [PATCH] libavcodec/arm/mlpdsp_armv5te: fix label format to work with
- binutils 2.43
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-binutils 2.43 has stricter validation for labels[1] and results in errors
-when building ffmpeg for armv5:
-
-src/libavcodec/arm/mlpdsp_armv5te.S:232: Error: junk at end of line, first unrecognized character is `0'
-
-Remove the leading zero in the "01" label to resolve this error.
-
-[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c607d6428d6c81e1e7e7a994b
-
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-Signed-off-by: Martin Storsjö <martin@martin.st>
----
- libavcodec/arm/mlpdsp_armv5te.S | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/libavcodec/arm/mlpdsp_armv5te.S b/libavcodec/arm/mlpdsp_armv5te.S
-index 4f9aa485fd..d31568611c 100644
---- a/libavcodec/arm/mlpdsp_armv5te.S
-+++ b/libavcodec/arm/mlpdsp_armv5te.S
-@@ -229,7 +229,7 @@ A .endif
-   .endif
- 
-         // Begin loop
--01:
-+1:
-   .if TOTAL_TAPS == 0
-         // Things simplify a lot in this case
-         // In fact this could be pipelined further if it's worth it...
-@@ -241,7 +241,7 @@ A .endif
-         str     ST0, [PST, #-4]!
-         str     ST0, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
-         str     ST0, [PSAMP], #4 * MAX_CHANNELS
--        bne     01b
-+        bne     1b
-   .else
-     .if \fir_taps & 1
-       .set LOAD_REG, 1
-@@ -333,7 +333,7 @@ T       orr     AC0, AC0, AC1
-         str     ST3, [PST, #-4]!
-         str     ST2, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
-         str     ST3, [PSAMP], #4 * MAX_CHANNELS
--        bne     01b
-+        bne     1b
-   .endif
-         b       99f
- 
--- 
-2.46.0
-

ffmpeg-5-CVE-2024-7055.patch

@@ -1,29 +0,0 @@
-From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Thu, 18 Jul 2024 21:12:54 +0200
-Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
-References: CVE-2024-7055
-References: bsc#1229026
-Upstream: Backport from upstream
-
-Fixes: out of array read
-Fixes: poc3
-
-Reported-by: VulDB CNA Team
-Found-by: CookedMelon
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavcodec/pnmdec.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- ffmpeg-5.1.4/libavcodec/pnmdec.c
-+++ ffmpeg-5.1.4_new/libavcodec/pnmdec.c
-@@ -260,7 +260,7 @@
-         break;
-     case AV_PIX_FMT_GBRPF32:
-         if (!s->half) {
--        if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
-+        if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
-             return AVERROR_INVALIDDATA;
-         scale = 1.f / s->scale;
-         if (s->endian) {

ffmpeg-5-CVE-2024-7272.patch

@@ -1,114 +0,0 @@
-From 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 Mon Sep 17 00:00:00 2001
-From: James Almer <jamrial@gmail.com>
-Date: Thu, 8 Sep 2022 19:43:03 -0300
-Subject: [PATCH] swsresample/swresample: error out on invalid layouts
-References: CVE-2024-7272
-References: bsc#1229261
-Upstream: Backport from upstream
-
-If it's unsupported or invalid, then there's no point trying to rebuild it
-using a value that may have been derived from the same layout to begin with.
-
-Move the checks before the attempts at copying the layout while at it.
-
-Fixes ticket #9908.
-
-Signed-off-by: James Almer <jamrial@gmail.com>
----
- libswresample/swresample.c | 48 +++++++++++++++++++++++++-------------
- 1 file changed, 32 insertions(+), 16 deletions(-)
-
-diff --git a/libswresample/swresample.c b/libswresample/swresample.c
-index 6f04d130d3..5884f8d533 100644
---- a/libswresample/swresample.c
-+++ b/libswresample/swresample.c
-@@ -227,7 +227,7 @@ av_cold int swr_init(struct SwrContext *s){
-             s->in_ch_layout.order       = AV_CHANNEL_ORDER_UNSPEC;
-             s->in_ch_layout.nb_channels = s->user_in_ch_count;
-         }
--    } else
-+    } else if (av_channel_layout_check(&s->user_in_chlayout))
-         av_channel_layout_copy(&s->in_ch_layout, &s->user_in_chlayout);
- 
-     if ((s->user_out_ch_count && s->user_out_ch_count != s->user_out_chlayout.nb_channels) ||
-@@ -240,17 +240,45 @@ av_cold int swr_init(struct SwrContext *s){
-             s->out_ch_layout.order       = AV_CHANNEL_ORDER_UNSPEC;
-             s->out_ch_layout.nb_channels = s->user_out_ch_count;
-         }
--    } else
-+    } else if (av_channel_layout_check(&s->user_out_chlayout))
-         av_channel_layout_copy(&s->out_ch_layout, &s->user_out_chlayout);
- 
-     if (!s->out.ch_count && !s->user_out_ch_layout)
-         s->out.ch_count  = s->out_ch_layout.nb_channels;
-     if (!s-> in.ch_count && !s-> user_in_ch_layout)
-         s-> in.ch_count  = s->in_ch_layout.nb_channels;
-+
-+    if (!(ret = av_channel_layout_check(&s->in_ch_layout)) || s->in_ch_layout.nb_channels > SWR_CH_MAX) {
-+        if (ret)
-+            av_channel_layout_describe(&s->in_ch_layout, l1, sizeof(l1));
-+        av_log(s, AV_LOG_WARNING, "Input channel layout \"%s\" is invalid or unsupported.\n", ret ? l1 : "");
-+        return AVERROR(EINVAL);
-+    }
-+
-+    if (!(ret = av_channel_layout_check(&s->out_ch_layout)) || s->out_ch_layout.nb_channels > SWR_CH_MAX) {
-+        if (ret)
-+            av_channel_layout_describe(&s->out_ch_layout, l2, sizeof(l2));
-+        av_log(s, AV_LOG_WARNING, "Output channel layout \"%s\" is invalid or unsupported.\n", ret ? l2 : "");
-+        return AVERROR(EINVAL);
-+    }
- #else
-     s->out.ch_count  = s-> user_out_chlayout.nb_channels;
-     s-> in.ch_count  = s->  user_in_chlayout.nb_channels;
- 
-+    if (!(ret = av_channel_layout_check(&s->user_in_chlayout)) || s->user_in_chlayout.nb_channels > SWR_CH_MAX) {
-+        if (ret)
-+            av_channel_layout_describe(&s->user_in_chlayout, l1, sizeof(l1));
-+        av_log(s, AV_LOG_WARNING, "Input channel layout \"%s\" is invalid or unsupported.\n", ret ? l1 : "");
-+        return AVERROR(EINVAL);
-+    }
-+
-+    if (!(ret = av_channel_layout_check(&s->user_out_chlayout)) || s->user_out_chlayout.nb_channels > SWR_CH_MAX) {
-+        if (ret)
-+            av_channel_layout_describe(&s->user_out_chlayout, l2, sizeof(l2));
-+        av_log(s, AV_LOG_WARNING, "Output channel layout \"%s\" is invalid or unsupported.\n", ret ? l2 : "");
-+        return AVERROR(EINVAL);
-+    }
-+
-     ret  = av_channel_layout_copy(&s->in_ch_layout, &s->user_in_chlayout);
-     ret |= av_channel_layout_copy(&s->out_ch_layout, &s->user_out_chlayout);
-     if (ret < 0)
-@@ -261,18 +289,6 @@ av_cold int swr_init(struct SwrContext *s){
- 
-     s->dither.method = s->user_dither_method;
- 
--    if (!av_channel_layout_check(&s->in_ch_layout) || s->in_ch_layout.nb_channels > SWR_CH_MAX) {
--        av_channel_layout_describe(&s->in_ch_layout, l1, sizeof(l1));
--        av_log(s, AV_LOG_WARNING, "Input channel layout \"%s\" is invalid or unsupported.\n", l1);
--        av_channel_layout_uninit(&s->in_ch_layout);
--    }
--
--    if (!av_channel_layout_check(&s->out_ch_layout) || s->out_ch_layout.nb_channels > SWR_CH_MAX) {
--        av_channel_layout_describe(&s->out_ch_layout, l2, sizeof(l2));
--        av_log(s, AV_LOG_WARNING, "Output channel layout \"%s\" is invalid or unsupported.\n", l2);
--        av_channel_layout_uninit(&s->out_ch_layout);
--    }
--
-     switch(s->engine){
- #if CONFIG_LIBSOXR
-         case SWR_ENGINE_SOXR: s->resampler = &swri_soxr_resampler; break;
-@@ -291,9 +307,9 @@ av_cold int swr_init(struct SwrContext *s){
-         av_channel_layout_uninit(&s->in_ch_layout);
-     }
- 
--    if (!s->in_ch_layout.nb_channels || s->in_ch_layout.order == AV_CHANNEL_ORDER_UNSPEC)
-+    if (s->in_ch_layout.order == AV_CHANNEL_ORDER_UNSPEC)
-         av_channel_layout_default(&s->in_ch_layout, s->used_ch_count);
--    if (!s->out_ch_layout.nb_channels || s->out_ch_layout.order == AV_CHANNEL_ORDER_UNSPEC)
-+    if (s->out_ch_layout.order == AV_CHANNEL_ORDER_UNSPEC)
-         av_channel_layout_default(&s->out_ch_layout, s->out.ch_count);
- 
-     s->rematrix = av_channel_layout_compare(&s->out_ch_layout, &s->in_ch_layout) ||
--- 
-2.41.0
-

ffmpeg-5.changes

@@ -1,45 +1,13 @@
--------------------------------------------------------------------
-Tue Oct 15 08:18:54 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
-
-- Adjust bconds to build the package in SLFO without xvidcore.
-
--------------------------------------------------------------------
-Fri Sep  6 15:06:21 UTC 2024 - Cliff Zhao <qzhao@suse.com>
-
-- Add ffmpeg-5-CVE-2024-7055.patch:
-  Backporting 3faadbe2 from upstream, Use 64bit for input size check,
-  Fixes: out of array read, Fixes: poc3.
-  (CVE-2024-7055, bsc#1229026)
-
--------------------------------------------------------------------
-Sun Sep  1 18:04:27 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
-
-- Add 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
-  [boo#1229338]
-- Add 0001-avutil-hwcontext_vaapi-use-the-correct-type-for-VASu.patch
-  (resolve FTBFS on i586)
-
--------------------------------------------------------------------
-Sun Aug 18 01:42:12 UTC 2024 - Cliff Zhao <qzhao@suse.com>
-
-- Add ffmpeg-5-CVE-2024-7272.patch:
-  Backporting 9903ba28 from upstream, error out on invalid layouts,
-  * If it's unsupported or invalid, then there's no point trying to
-  rebuild it using a value that may have been derived from the same
-  layout to begin with.
-  * Move the checks before the attempts at copying the layout while
-  at it.
-  (CVE-2024-7272, bsc#1229261)
-
 -------------------------------------------------------------------
 Thu Aug 15 09:56:01 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
-
 - Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
-  which fails to build with BUILD_ORIG=1. (`HEVCSEI` has no
+  which does not build on Packman. Following errors are generated:
-  member named `common`; implicit declaration of function
+  * AV_FRAME_FLAG_KEY undeclared
-  `ff_h274_film_grain_params_supported`,
+  * 'HEVCSEI' has no member named 'common'
-  `av_film_grain_params_select`; `HEVCContext` has no member
+  * implicit declaration of function 'ff_h274_film_grain_params_supported'
-  named `film_grain_warning_shown`)
+  * implicit declaration of function 'av_film_grain_params_select'
+  * 'HEVCContext' has no member named 'film_grain_warning_shown'
+- Renumber patches
 
 -------------------------------------------------------------------
 Tue Jul  2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
@@ -61,7 +29,7 @@ Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-50010.patch:
   Backporting e4d2666b from upstream, fixes the out of array access.
-  (CVE-2023-50010, bsc#1223256)
+  (CVE-2023-50010 bsc#1223256)
 
 -------------------------------------------------------------------
 Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
@@ -75,7 +43,7 @@ Tue Apr 26 12:18:26 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 - Add ffmpeg-CVE-2023-50009.patch:
   Backporting c443658d from upstream, Fix small inputs with
    gaussian_blur().
-  (CVE-2023-50009, bsc#1223255)
+  (CVE-2023-50009 bsc#1223255)
 
 -------------------------------------------------------------------
 Tue Apr 24 10:48:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
@@ -83,14 +51,14 @@ Tue Apr 24 10:48:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 - Add ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch:
   Backporting cf1f5744 from upstream, Templatify function
   ff_gaussian_blur and ff_sobel to prepare fix support for CVE-2023-50009.
-  (CVE-2023-50009, bsc#1223255)
+  (CVE-2023-50009 bsc#1223255)
 
 -------------------------------------------------------------------
 Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-51793.patch:
   Backporting 0ecc1f0e from upstream, Fix odd height handling.
-  (CVE-2023-51793, bsc#1223272)
+  (CVE-2023-51793 bsc#1223272)
 
 -------------------------------------------------------------------
 Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
@@ -98,21 +66,21 @@ Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 - Add ffmpeg-CVE-2023-49502.patch:
   Backporting 737ede40 from upstream, account for chroma sub-sampling
   in min size calculation.
-  (CVE-2023-49502, bsc#1223235)
+  (CVE-2023-49502 bsc#1223235)
 
 -------------------------------------------------------------------
 Thu Apr 23 14:05:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-50008.patch:
   Backporting 5f87a68c from upstream, Fix memory leaks.
-  (CVE-2023-50008, bsc#1223254)
+  (CVE-2023-50008 bsc#1223254)
 
 -------------------------------------------------------------------
 Thu Apr 23 12:22:53 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-50007.patch:
   Backporting b1942734 from upstream, Fix crash with EOF handling.
-  (CVE-2023-50007, bsc#1223253)
+  (CVE-2023-50007 bsc#1223253)
 
 -------------------------------------------------------------------
 Mon Apr 22 23:10:31 UTC 2024 - Jan Engelhardt <jengelh@inai.de>

ffmpeg-5.spec

@@ -61,7 +61,7 @@
 %bcond_with    x265
 %bcond_with    xvid
 
-%if 0%{?suse_version} > 1600
+%if 0%{?suse_version} > 1500
 %bcond_without mysofa
 %bcond_without vidstab
 %bcond_without codec2
@@ -71,22 +71,12 @@
 %bcond_without opencore
 %bcond_without xvid
 %else
-%if 0%{?suse_version} > 1500
-%bcond_without mysofa
-%bcond_without vidstab
-%bcond_without codec2
-%bcond_without rubberband
-%bcond_without vulkan
-%bcond_without amrwb
-%bcond_without opencore
-%else
 %bcond_with mysofa
 %bcond_with vidstab
 %bcond_with codec2
 %bcond_with rubberband
 %bcond_with vulkan
 %endif
-%endif
 
 %define _name ffmpeg
 %define _major_version 5
@@ -123,8 +113,6 @@ Patch14:        0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
 Patch15:        0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
 Patch16:        0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
 Patch17:        0001-avfilter-af_stereowiden-Check-length.patch
-Patch18:        0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
-Patch19:        0001-avutil-hwcontext_vaapi-use-the-correct-type-for-VASu.patch
 Patch90:        ffmpeg-chromium.patch
 Patch91:        ffmpeg-dlopen-openh264.patch
 Patch93:        soname.diff
@@ -135,9 +123,7 @@ Patch97:        ffmpeg-CVE-2023-51793.patch
 Patch98:        ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch
 Patch99:        ffmpeg-CVE-2023-50009.patch
 Patch100:       ffmpeg-CVE-2023-50010.patch
-Patch102:       ffmpeg-5-CVE-2024-32230.patch
+Patch101:       ffmpeg-5-CVE-2024-32230.patch
-Patch103:       ffmpeg-5-CVE-2024-7272.patch
-Patch104:       ffmpeg-5-CVE-2024-7055.patch
 #
 # preamble is present twice, watch out
 #
@@ -865,8 +851,6 @@ Patch14:        0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
 Patch15:        0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
 Patch16:        0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
 Patch17:        0001-avfilter-af_stereowiden-Check-length.patch
-Patch18:        0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
-Patch19:        0001-avutil-hwcontext_vaapi-use-the-correct-type-for-VASu.patch
 Patch90:        ffmpeg-chromium.patch
 Patch91:        ffmpeg-dlopen-openh264.patch
 Patch93:        soname.diff
@@ -877,8 +861,7 @@ Patch97:        ffmpeg-CVE-2023-51793.patch
 Patch98:        ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch
 Patch99:        ffmpeg-CVE-2023-50009.patch
 Patch100:       ffmpeg-CVE-2023-50010.patch
-Patch102:       ffmpeg-5-CVE-2024-32230.patch
+Patch101:       ffmpeg-5-CVE-2024-32230.patch
-Patch103:       ffmpeg-5-CVE-2024-7272.patch
 BuildRequires:  c_compiler
 Requires:       this-is-only-for-build-envs