Accepting request 1248138 from multimedia:libs

OBS-URL: https://build.opensuse.org/request/show/1248138
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ffmpeg-7?expand=0&rev=10

0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch

@@ -1,33 +0,0 @@
-From d1ed5c06e3edc5f2b5f3664c80121fa55b0baa95 Mon Sep 17 00:00:00 2001
-From: Gyan Doshi <ffmpeg@gyani.pro>
-Date: Sat, 22 Feb 2025 10:38:53 +0530
-Subject: [PATCH] avcodec/libsvtav1: unbreak build with latest svtav1
-
-SVT-AV1 made a change in their public API in 988e930c but without a
-version bump or any other accessible marker, thus breaking ffmpeg build
-with current versions of SVT-AV1.
-
-They have finally bumped versions a month later, so check added.
----
- libavcodec/libsvtav1.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/libavcodec/libsvtav1.c b/libavcodec/libsvtav1.c
-index 79b28eb4df..43fe531fde 100644
---- a/libavcodec/libsvtav1.c
-+++ b/libavcodec/libsvtav1.c
-@@ -435,7 +435,11 @@ static av_cold int eb_enc_init(AVCodecContext *avctx)
- 
-     svt_enc->eos_flag = EOS_NOT_REACHED;
- 
-+#if SVT_AV1_CHECK_VERSION(3, 0, 0)
-+    svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, &svt_enc->enc_params);
-+#else
-     svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, svt_enc, &svt_enc->enc_params);
-+#endif
-     if (svt_ret != EB_ErrorNone) {
-         return svt_print_error(avctx, svt_ret, "Error initializing encoder handle");
-     }
--- 
-2.48.1
-

_scmsync.obsinfo

@@ -0,0 +1,4 @@
+mtime: 1740402399
+commit: fba0c8d5aee6456fbfe57c31817aaff4ce7ba3d31509ca778be2c36ad4b1dff5
+url: https://src.opensuse.org/jengelh/ffmpeg-7
+revision: master

build.specials.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c08a9ee6a2b95485bf422f6ab6a45a88265efba437ed791fb71cc8d906764f28
+size 256

ffmpeg-7-CVE-2025-0518.patch

@@ -0,0 +1,29 @@
+From b5b6391d64807578ab872dc58fb8aa621dcfc38a Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 6 Jan 2025 22:01:39 +0100
+Subject: [PATCH] avfilter/af_pan: Fix sscanf() use
+
+Fixes: Memory Data Leak
+
+Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavfilter/af_pan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
+index 0d20b0307b..5feb2439c7 100644
+--- a/libavfilter/af_pan.c
++++ b/libavfilter/af_pan.c
+@@ -196,7 +196,7 @@ static av_cold int init(AVFilterContext *ctx)
+         sign = 1;
+         while (1) {
+             gain = 1;
+-            if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
++            if (sscanf(arg, "%lf%n *%n", &gain, &len, &len) >= 1)
+                 arg += len;
+             if (parse_channel_name(&arg, &in_ch_id, &named)){
+                 av_log(ctx, AV_LOG_ERROR,
+-- 
+2.44.0
+

ffmpeg-7-CVE-2025-22919.patch

@@ -0,0 +1,34 @@
+From 1446e37d3d032e1452844778b3e6ba2c20f0c322 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Mon, 30 Dec 2024 00:25:41 -0300
+Subject: [PATCH] avfilter/buffersrc: check for valid sample rate
+
+A sample rate <= 0 is invalid.
+
+Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
+Fixes ticket #11385.
+
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavfilter/buffersrc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c
+index bdf8b14451..c921803c67 100644
+--- a/libavfilter/buffersrc.c
++++ b/libavfilter/buffersrc.c
+@@ -421,6 +421,11 @@ static av_cold int init_audio(AVFilterContext *ctx)
+         av_channel_layout_describe(&s->ch_layout, buf, sizeof(buf));
+     }
+ 
++    if (s->sample_rate <= 0) {
++        av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n");
++        return AVERROR(EINVAL);
++    }
++
+     if (!s->time_base.num)
+         s->time_base = (AVRational){1, s->sample_rate};
+ 
+-- 
+2.44.0
+

ffmpeg-7.1.1.tar.xz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmfE+J4YHGZmbXBlZy1k
-ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYNAwH/3i5n8X6+6Gw+1U+k6Lfwe4t
-d1AmG/XyJd3ZkqnSXmtpW/p/DoHaRQLTJMHq/5jWi0Dcpr8M8VD0pZxzEksfy0XY
-xHEqKXRG37/SyoiH39+BXWOSry4shIhzTVfmQi9QGZ0i69J+ZOpP1cImWz2c6QBM
-Q2FMPv1QMVNR2UWHDGgYAvvg2qfJfGgIdQQtvAQe1q3co6LuaZC0ndgoNmNyuPLV
-nNmsoetZucoNC4M7kcevyssrRMDi+yHk5X86LfV/cBY+BKP9X8u8pieXrnctSYAh
-qqBnsg4jSj3fB96QvsFsdbUWEECKm4/gWJngMQTMk2Tg0RpQAwfHvp21Lppo/xw=
-=xzGf
------END PGP SIGNATURE-----

ffmpeg-7.1.tar.xz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmb549IYHGZmbXBlZy1k
+ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYilgH/2sKAFBy8ojPrYxVy7i+O3WO
+bE5lu2yhE6gHkHnxZga5k1uuhkRhapgTiUs9foG0zmL6Qfsg7lJ2EjrieD+hSWsw
+ApqHVW5SUUSrtY0kO9Z/2jQIRBH5JaMPSar6YNPTdXuSUcun784gPgwIGYwzAM/S
+14tkOZpq+X4nSJ4JezJDWeIsdz8zK4gIOuo0eCPbUgZ/A7wUMdypGZ9LOqk/mCc8
+RnErz36HlZzUnGrL73gxsGCQ2PXL+1oMHnt0antF90T4YNusOX9FprclH/jb+RLl
+jTb8RVb/4xJKV96ScMiwy2GaozzXFjzY1X7Gq8WN5NGRlbso6WQpqt8yunD7ib4=
+=A/aU
+-----END PGP SIGNATURE-----

ffmpeg-7.changes

@@ -1,85 +1,8 @@
--------------------------------------------------------------------
-Wed Jul 23 13:28:49 UTC 2025 - Hans-Peter Jansen <hp@urpla.net>
-
-- Add vvenc build conditional
-
--------------------------------------------------------------------
-Wed Jul 23 07:01:22 UTC 2025 - SongChuan Kang <sckang@suse.com>
-
-- Add ffmpeg-CVE-2025-7700.patch: Add check for the return value
-  of av_malloc_array() and av_calloc() to avoid potential NULL
-  pointer dereference(CVE-2025-7700, bsc#1246790).
-
--------------------------------------------------------------------
-Wed Jun 25 08:40:15 UTC 2025 - Yifan Jiang <yfjiang@suse.com>
-
-- Built with noopenh264, drop ffmpeg-dlopen-openh264.patch
-  (jsc#PED-12607)
-
--------------------------------------------------------------------
-Thu Jun 12 17:48:49 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
-
-- Enable libiec61883 integration [boo#1244453]
-
--------------------------------------------------------------------
-Fri Apr  4 09:34:14 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
-
-- Disable OpenVINO, too many dependencies for Factory ring1.
-
--------------------------------------------------------------------
-Tue Apr  1 23:38:08 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
-
-- Update to release 7.1.1
-  * avformat/wavdec: Fix overflow of intermediate in
-    block_align check
-  * avformat/dvdvideodec: drop packets with unset PTS or DTS
-  * avutil/timecode: Avoid fps overflow in
-    av_timecode_get_smpte_from_framenum()
-  * avcodec/mjpegdec: Disallow progressive bayer images
-  * avformat/mov: don't unconditionally set all audio packets
-    in fragments as key frames
-  * avcodec/libx265: resolve build failure for
-    libx265.so.n, n >= 213
-  * avfilter/buffersrc: check for valid sample rate.
-    (CVE-2025-22919, bsc#1237371)
-  * avfilter/af_pan: Fix sscanf() use.
-    (CVE-2025-0518, bsc#1236007)   
-  * avformat/iamf_parse: add missing constrains for num_parameters
-    in audio_element_oub().
-    (CVE-2025-1816, bsc#1238728)
-- Delete ffmpeg-7-CVE-2025-22919.patch,
-  ffmpeg-7-CVE-2025-0518.patch, ffmpeg-7-CVE-2025-1816.patch
-  (merged)
-
--------------------------------------------------------------------
-Tue Mar 25 11:48:21 UTC 2025 - Adrian Schröter <adrian@suse.de>
-
-- Move BcntSync tag to the %else part where the mini package gets defined
-
--------------------------------------------------------------------
-Sun Mar 23 23:21:26 UTC 2025 - Mia Herkt <mia@0x0.st>
-
-- Build with OpenVINO support in libavfilter
-
--------------------------------------------------------------------
-Sun Mar 23 15:33:59 UTC 2025 - Cliff Zhao <qzhao@suse.com>
-
-- Add ffmpeg-7-CVE-2025-1816.patch:
-  Backport 0526535c from upstream, add missing constrains for
-  num_parameters in audio_element_oub().
-  (CVE-2025-1816, bsc#1238728)
-
--------------------------------------------------------------------
-Wed Mar  5 09:46:09 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
-
-- Add 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
-  to build with SVT-AV1 3.0.0.
-
 -------------------------------------------------------------------
 Fri Feb 19 05:17:22 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2025-22921.patch:
-  Backport 7f9c7f98 from upstream, clear array length when
+  Backporting 7f9c7f98 from upstream, clear array length when
   freeing it.
   (CVE-2025-22921, bsc#1237382)
 
@@ -87,7 +10,7 @@ Fri Feb 19 05:17:22 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 Fri Feb 19 04:27:06 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2025-25473.patch:
-  Backport c08d3004 from upstream, clear FFFormatContext packet.
+  Backporting c08d3004 from upstream, clear FFFormatContext packet.
   When packet_buffer is used in mux.c, and if a muxing process fails
   at a point where packets remained in said queue.
   (CVE-2025-25473, bsc#1237351)
@@ -96,7 +19,7 @@ Fri Feb 19 04:27:06 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 Fri Feb 19 03:18:02 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2025-0518.patch:
-  Backport b5b6391d from upstream, fixes memory data leak when
+  Backporting b5b6391d from upstream, fixes memory data leak when
   use sscanf().
   (CVE-2025-0518, bsc#1236007)
 
@@ -104,7 +27,7 @@ Fri Feb 19 03:18:02 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 Fri Feb 19 02:58:01 UTC 2025 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2025-22919.patch:
-  Backport 1446e37d from upstream, check for valid sample rate
+  Backporting 1446e37d from upstream, check for valid sample rate
   As the sample rate <= 0 is invalid.
   (CVE-2025-22919, bsc#1237371)
 
@@ -134,9 +57,6 @@ Wed Oct  2 08:20:18 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
   * LCEVC filter
   * avcodec/mpegvideo_enc: Add check for av_packet_new_side_data (CVE-2024-12361, bsc#1237358)
   * avformat/dump: print only the actual streams in a tile grid group (CVE-2025-22920, bsc#1237380)
-  * avcodec/rkmppdec: Fix double-free on error (CVE-2024-35368, bsc#1234028)
-  * avcodec/wavarc: fix signed integer overflow in block type 6/19 (CVE-2024-36619, bsc#1234023)
-  * avcodec/vp9: Fix race when attaching side-data for show-existing frame (CVE-2024-36615, bsc#1234017)
 - Delete patches/ffmpeg-7-fix-crashes.patch,
   0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (merged)
 
@@ -151,16 +71,7 @@ Mon Sep 30 12:34:56 UTC 2024 - olaf@aepfle.de
 Thu Sep 26 10:02:20 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
 
 - no longer build against libmfx; build also 15.5 against libvpl
- (boo#1230983, boo#1219494)
-
-- dropping support for libmfx below covers:
-  * libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
-  * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
-  * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
-  * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
-  * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
-  * Multiple vulnerabilities in the Intel Media SDK (libmfx1) (bsc#1226892)
-  * Drop libmfx dependency from our product (jira #PED-10024)
+ (boo#1230983)
 
 -------------------------------------------------------------------
 Wed Aug 21 09:58:42 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
@@ -196,14 +107,6 @@ Wed Aug  7 07:37:24 UTC 2024 - Cliff Zhao <qzhao@suse.com>
   * avcodec/pnmdec: Use 64bit for input size check (CVE-2024-7055, bsc#1229026)
   * fftools/ffmpeg_mux_init: Fix double-free on error (CVE-2024-35365, bsc#1235091)
   * avformat/dxa: Adjust order of operations around block align (CVE-2024-36613, bsc#1235092)
-  * avfilter/vf_minterpolate: Check pts before division (CVE-2023-51798, bsc#1223304)
-  * avfilter/vf_weave: Fix odd height handling (CVE-2023-51793, bsc#1223272)
-  * avfilter/vf_gradfun: Do not overread last line (CVE-2023-50010, bsc#1223256)
-  * avfilter/af_stereowiden: Check length (CVE-2023-51794, bsc#1223437)
-  * avutil/hwcontext: Don't assume frames_uninit is reentrant (CVE-2024-31578, bsc#1223070)
-  * avformat/avidec: Fix integer overflow iff ULONG_MAX < INT64_MAX (CVE-2024-36618, bsc#1234020)
-  * avformat/cafdec: dont seek beyond 64bit (CVE-2024-36617, bsc#1234019)
-  * avformat/westwood_vqa: Fix 2g packets (CVE-2024-36616, bsc#1234018)
 - Drop ffmpeg-7-CVE-2024-32228.patch:
   The fix has been merged.
 - Drop ffmpeg-7-CVE-2024-32229.patch:
@@ -215,14 +118,14 @@ Wed Aug  7 07:37:24 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 Sat Aug  3 08:52:26 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-fix-crashes.patch:
-  Backport 5b87869c from upstream, fix track handling when mixing
+  Backporting 5b87869c from upstream, fix track handling when mixing
   IAMF and video tracks, Fixes crashes when muxing the two together.
 
 -------------------------------------------------------------------
 Tue Jul  5 14:18:52 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32229.patch:
-  Backport a528a54e from upstream, Fix buffer offset for yuv422p
+  Backporting a528a54e from upstream, Fix buffer offset for yuv422p
   input.
   (CVE-2024-32229, bsc#1227295)
 
@@ -230,14 +133,14 @@ Tue Jul  5 14:18:52 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 Tue Jul  2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32230.patch:
-  Backport 96449cfe from upstream, Fix 1 line and one column images.
+  Backporting 96449cfe from upstream, Fix 1 line and one column images.
   (CVE-2024-32230, bsc#1227296)
 
 -------------------------------------------------------------------
 Tue Jul  2 11:57:01 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32228.patch:
-  Backport 45964876 from upstream, Fix segfault on invalid film
+  Backporting 45964876 from upstream, Fix segfault on invalid film
   grain metadata.
   (CVE-2024-32228, bsc#1227277)
 

ffmpeg-7.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package ffmpeg-7
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -60,7 +60,6 @@
 %bcond_with    fdk_aac_dlopen
 %bcond_with    opencore
 %bcond_with    smbclient
-%bcond_with    vvenc
 %bcond_with    x264
 %bcond_with    x265
 %bcond_with    xvid
@@ -97,7 +96,7 @@
 %define _major_expected 8
 
 Name:           ffmpeg-7
-Version:        7.1.1
+Version:        7.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later
@@ -119,15 +118,17 @@ Patch3:         ffmpeg-codec-choice.diff
 Patch4:         ffmpeg-4.2-dlopen-fdk_aac.patch
 Patch5:         work-around-abi-break.patch
 Patch10:        ffmpeg-chromium.patch
+Patch91:        ffmpeg-dlopen-openh264.patch
 Patch15:        11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
+Patch16:        ffmpeg-7-CVE-2025-22919.patch
+Patch17:        ffmpeg-7-CVE-2025-0518.patch
 Patch18:        ffmpeg-7-CVE-2025-25473.patch
 Patch19:        ffmpeg-7-CVE-2025-22921.patch
-Patch20:        0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
-Patch21:        ffmpeg-CVE-2025-7700.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
+BuildRequires:  libmp3lame-devel >= 3.98.3
 BuildRequires:  nasm
-BuildRequires:  pkg-config
+BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(alsa)
 BuildRequires:  pkgconfig(aom) >= 1.0.0
 BuildRequires:  pkgconfig(dav1d) >= 0.5.0
@@ -138,7 +139,6 @@ BuildRequires:  pkgconfig(fribidi) >= 0.19.0
 BuildRequires:  pkgconfig(gnutls)
 BuildRequires:  pkgconfig(jack)
 BuildRequires:  pkgconfig(libass) >= 0.11.0
-BuildRequires:  pkgconfig(libavc1394)
 BuildRequires:  pkgconfig(libbluray)
 BuildRequires:  pkgconfig(libbs2b)
 BuildRequires:  pkgconfig(libcdio)
@@ -146,8 +146,6 @@ BuildRequires:  pkgconfig(libcdio_paranoia)
 BuildRequires:  pkgconfig(libdc1394-2)
 BuildRequires:  pkgconfig(libdrm)
 BuildRequires:  pkgconfig(libgme)
-BuildRequires:  pkgconfig(libiec61883)
-BuildRequires:  pkgconfig(libmp3lame) >= 3.98.3
 BuildRequires:  pkgconfig(libopenjp2) >= 2.1.0
 BuildRequires:  pkgconfig(libopenmpt) >= 0.2.6557
 BuildRequires:  pkgconfig(libpng)
@@ -164,7 +162,6 @@ BuildRequires:  pkgconfig(libxml-2.0)
 BuildRequires:  pkgconfig(libzmq) >= 4.2.1
 BuildRequires:  pkgconfig(lilv-0)
 BuildRequires:  pkgconfig(ogg)
-BuildRequires:  pkgconfig(openh264)
 BuildRequires:  pkgconfig(opus)
 BuildRequires:  pkgconfig(sdl2) >= 2.0.1
 BuildRequires:  pkgconfig(soxr)
@@ -189,7 +186,7 @@ BuildRequires:  pkgconfig(zvbi-0.2) >= 0.2.28
 BuildRequires:  AMF-devel
 %endif
 %if %{with mysofa}
-BuildRequires:  pkgconfig(libmysofa)
+BuildRequires:  libmysofa-devel
 %endif
 %if %{with codec2}
 BuildRequires:  pkgconfig(codec2)
@@ -223,9 +220,6 @@ BuildRequires:  pkgconfig(opencore-amrnb)
 %if %{with amrwb}
 BuildRequires:  pkgconfig(vo-amrwbenc)
 %endif
-%if %{with vvenc}
-BuildRequires:  vvenc-devel
-%endif
 %if %{with x264}
 BuildRequires:  pkgconfig(x264)
 %endif
@@ -267,6 +261,14 @@ Requires:       (libavutil59 = %version-%release or ffmpeg-7-mini-libs = %versio
 Requires:       (libpostproc58 = %version-%release or ffmpeg-7-mini-libs = %version-%release)
 Requires:       (libswresample5 = %version-%release or ffmpeg-7-mini-libs = %version-%release)
 Requires:       (libswscale8 = %version-%release or ffmpeg-7-mini-libs = %version-%release)
+%if "%flavor" == "ffmpeg-7-mini"
+# Patches may subtly change internal APIs, so we're sticking %%release in
+# Requires lines. It also conveniently blocks openSUSE libav* being combined
+# with Packman libav*, due to PM's unique %%release numbers.
+# This use of %%release with %flavor however requires bcnt synchro:
+#
+#!BcntSyncTag:  ffmpeg-7
+%endif
 
 %description
 FFmpeg is a multimedia framework, able to decode, encode,
@@ -597,7 +599,6 @@ LDFLAGS="%_lto_cflags" \
 	--enable-libfreetype \
 	--enable-libfribidi \
 	--enable-libgsm \
-	--enable-libiec61883 \
 	--enable-libjack \
 %if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150700
 	--enable-libjxl \
@@ -609,7 +610,7 @@ LDFLAGS="%_lto_cflags" \
 %endif
 	--enable-libopenjpeg \
 	--enable-libopenmpt \
-	--enable-libopenh264 \
+	--enable-libopenh264-dlopen \
 	--enable-libopus \
 	--enable-libpulse \
 %if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400
@@ -666,9 +667,6 @@ LDFLAGS="%_lto_cflags" \
 %if %{with amrwb}
 	--enable-libvo-amrwbenc \
 %endif
-%if %{with vvenc}
-	--enable-libvvenc \
-%endif
 %if %{with x264}
 	--enable-libx264 \
 %endif
@@ -821,14 +819,8 @@ done
 
 %else
 %define _name ffmpeg
-# Patches may subtly change internal APIs, so we're sticking %%release in
-# Requires lines. It also conveniently blocks openSUSE libav* being combined
-# with Packman libav*, due to PM's unique %%release numbers.
-# This use of %%release with %flavor however requires bcnt synchro:
-#
-#!BcntSyncTag:  ffmpeg-7
 Name:           ffmpeg-7-mini
-Version:        7.1.1
+Version:        7.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later
@@ -843,9 +835,9 @@ Patch3:         ffmpeg-codec-choice.diff
 Patch4:         ffmpeg-4.2-dlopen-fdk_aac.patch
 Patch5:         work-around-abi-break.patch
 Patch10:        ffmpeg-chromium.patch
+Patch91:        ffmpeg-dlopen-openh264.patch
 Patch15:        11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
 BuildRequires:  c_compiler
-BuildRequires:  pkgconfig(openh264)
 Requires:       this-is-only-for-build-envs
 
 %description

ffmpeg-CVE-2025-7700.patch

@@ -1,45 +0,0 @@
-From 35a6de137a39f274d5e01ed0e0e6c4f04d0aaf07 Mon Sep 17 00:00:00 2001
-From: Jiasheng Jiang <jiashengjiangcool@gmail.com>
-Date: Thu, 10 Jul 2025 16:26:39 +0000
-Subject: [PATCH] libavcodec/alsdec.c: Add check for av_malloc_array() and
- av_calloc()
-
-Add check for the return value of av_malloc_array() and av_calloc()
-to avoid potential NULL pointer dereference.
-
-Fixes: dcfd24b10c ("avcodec/alsdec: Implement floating point sample data decoding")
-Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavcodec/alsdec.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c
-index 734eec8bf8..97b04a95f9 100644
---- a/libavcodec/alsdec.c
-+++ b/libavcodec/alsdec.c
-@@ -2119,8 +2119,8 @@ static av_cold int decode_init(AVCodecContext *avctx)
-         ctx->nbits  = av_malloc_array(ctx->cur_frame_length, sizeof(*ctx->nbits));
-         ctx->mlz    = av_mallocz(sizeof(*ctx->mlz));
- 
--        if (!ctx->mlz || !ctx->acf || !ctx->shift_value || !ctx->last_shift_value
--            || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
-+        if (!ctx->larray || !ctx->nbits || !ctx->mlz || !ctx->acf || !ctx->shift_value
-+            || !ctx->last_shift_value || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
-             av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
-             return AVERROR(ENOMEM);
-         }
-@@ -2132,6 +2132,10 @@ static av_cold int decode_init(AVCodecContext *avctx)
- 
-         for (c = 0; c < channels; ++c) {
-             ctx->raw_mantissa[c] = av_calloc(ctx->cur_frame_length, sizeof(**ctx->raw_mantissa));
-+            if (!ctx->raw_mantissa[c]) {
-+                av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
-+                return AVERROR(ENOMEM);
-+            }
-         }
-     }
- 
--- 
-2.25.1
-

ffmpeg-dlopen-openh264.patch

@@ -0,0 +1,354 @@
+From 4739b0c97b3378bdaf737171777fe9a71a53eff1 Mon Sep 17 00:00:00 2001
+From: Neal Gompa <ngompa@fedoraproject.org>
+Date: Wed, 12 Oct 2022 09:41:27 -0400
+Subject: [PATCH] avcodec/openh264: Add the ability to dlopen() OpenH264
+
+We can't directly depend on OpenH264, but we can weakly link to it
+and gracefully expose the capability.
+
+Co-authored-by: Andreas Schneider <asn@cryptomilk.org>
+Co-authored-by: Neal Gompa <ngompa@fedoraproject.org>
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
+---
+ configure                       |    3 
+ libavcodec/Makefile             |    1 
+ libavcodec/libopenh264.c        |    5 +
+ libavcodec/libopenh264_dlopen.c |  147 ++++++++++++++++++++++++++++++++++++++++
+ libavcodec/libopenh264_dlopen.h |   58 +++++++++++++++
+ libavcodec/libopenh264dec.c     |    8 ++
+ libavcodec/libopenh264enc.c     |    8 ++
+ 7 files changed, 230 insertions(+)
+ create mode 100644 libavcodec/libopenh264_dlopen.c
+ create mode 100644 libavcodec/libopenh264_dlopen.h
+
+Index: ffmpeg-7.1/configure
+===================================================================
+--- ffmpeg-7.1.orig/configure
++++ ffmpeg-7.1/configure
+@@ -255,6 +255,7 @@ External library support:
+   --enable-libopencore-amrwb enable AMR-WB decoding via libopencore-amrwb [no]
+   --enable-libopencv       enable video filtering via libopencv [no]
+   --enable-libopenh264     enable H.264 encoding via OpenH264 [no]
++  --enable-libopenh264-dlopen  enable H.264 encoding via dlopen()'ed OpenH264 [no]
+   --enable-libopenjpeg     enable JPEG 2000 encoding via OpenJPEG [no]
+   --enable-libopenmpt      enable decoding tracked files via libopenmpt [no]
+   --enable-libopenvino     enable OpenVINO as a DNN module backend
+@@ -1939,6 +1940,7 @@ EXTERNAL_LIBRARY_LIST="
+     libmysofa
+     libopencv
+     libopenh264
++    libopenh264_dlopen
+     libopenjpeg
+     libopenmpt
+     libopenvino
+@@ -6966,6 +6968,7 @@ enabled libopencv         && { check_hea
+                                  require libopencv opencv2/core/core_c.h cvCreateImageHeader -lopencv_core -lopencv_imgproc; } ||
+                                require_pkg_config libopencv opencv opencv/cxcore.h cvCreateImageHeader; }
+ enabled libopenh264       && require_pkg_config libopenh264 "openh264 >= 1.3.0" wels/codec_api.h WelsGetCodecVersion
++enabled libopenh264_dlopen && enable libopenh264 && add_cppflags "-I$(dirname $(readlink -f "$0"))/ffdlopenhdrs/include -DCONFIG_LIBOPENH264_DLOPEN=1"
+ enabled libopenjpeg       && { check_pkg_config libopenjpeg "libopenjp2 >= 2.1.0" openjpeg.h opj_version ||
+                                { require_pkg_config libopenjpeg "libopenjp2 >= 2.1.0" openjpeg.h opj_version -DOPJ_STATIC && add_cppflags -DOPJ_STATIC; } }
+ enabled libopenmpt        && require_pkg_config libopenmpt "libopenmpt >= 0.2.6557" libopenmpt/libopenmpt.h openmpt_module_create -lstdc++ && append libopenmpt_extralibs "-lstdc++"
+Index: ffmpeg-7.1/libavcodec/Makefile
+===================================================================
+--- ffmpeg-7.1.orig/libavcodec/Makefile
++++ ffmpeg-7.1/libavcodec/Makefile
+@@ -1138,6 +1138,7 @@ OBJS-$(CONFIG_LIBMP3LAME_ENCODER)
+ OBJS-$(CONFIG_LIBOPENCORE_AMRNB_DECODER)  += libopencore-amr.o
+ OBJS-$(CONFIG_LIBOPENCORE_AMRNB_ENCODER)  += libopencore-amr.o
+ OBJS-$(CONFIG_LIBOPENCORE_AMRWB_DECODER)  += libopencore-amr.o
++OBJS-$(CONFIG_LIBOPENH264_DLOPEN)         += libopenh264_dlopen.o
+ OBJS-$(CONFIG_LIBOPENH264_DECODER)        += libopenh264dec.o libopenh264.o
+ OBJS-$(CONFIG_LIBOPENH264_ENCODER)        += libopenh264enc.o libopenh264.o
+ OBJS-$(CONFIG_LIBOPENJPEG_ENCODER)        += libopenjpegenc.o
+Index: ffmpeg-7.1/libavcodec/libopenh264.c
+===================================================================
+--- ffmpeg-7.1.orig/libavcodec/libopenh264.c
++++ ffmpeg-7.1/libavcodec/libopenh264.c
+@@ -20,8 +20,13 @@
+  */
+ 
+ #include <string.h>
++
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++#include "libopenh264_dlopen.h"
++#else
+ #include <wels/codec_api.h>
+ #include <wels/codec_ver.h>
++#endif
+ 
+ #include "libavutil/error.h"
+ #include "libavutil/log.h"
+Index: ffmpeg-7.1/libavcodec/libopenh264_dlopen.c
+===================================================================
+--- /dev/null
++++ ffmpeg-7.1/libavcodec/libopenh264_dlopen.c
+@@ -0,0 +1,147 @@
++/*
++ * OpenH264 dlopen code
++ *
++ * Copyright (C) 2022 Andreas Schneider <asn@cryptomilk.org>
++ *
++ * This file is part of FFmpeg.
++ *
++ * FFmpeg is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU Lesser General Public
++ * License as published by the Free Software Foundation; either
++ * version 2.1 of the License, or (at your option) any later version.
++ *
++ * FFmpeg is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with FFmpeg; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
++ */
++
++#include <dlfcn.h>
++
++#include "libopenh264_dlopen.h"
++
++/*
++ * The symbol binding makes sure we do not run into strict aliasing issues which
++ * can lead into segfaults.
++ */
++typedef int (*__oh264_WelsCreateSVCEncoder)(ISVCEncoder **);
++typedef void (*__oh264_WelsDestroySVCEncoder)(ISVCEncoder *);
++typedef int (*__oh264_WelsGetDecoderCapability)(SDecoderCapability *);
++typedef long (*__oh264_WelsCreateDecoder)(ISVCDecoder **);
++typedef void (*__oh264_WelsDestroyDecoder)(ISVCDecoder *);
++typedef OpenH264Version (*__oh264_WelsGetCodecVersion)(void);
++typedef void (*__oh264_WelsGetCodecVersionEx)(OpenH264Version *);
++
++#define OH264_SYMBOL_ENTRY(i)                                                  \
++  union {                                                                      \
++    __oh264_##i f;                                                             \
++    void *obj;                                                                 \
++  } _oh264_##i
++
++struct oh264_symbols {
++  OH264_SYMBOL_ENTRY(WelsCreateSVCEncoder);
++  OH264_SYMBOL_ENTRY(WelsDestroySVCEncoder);
++  OH264_SYMBOL_ENTRY(WelsGetDecoderCapability);
++  OH264_SYMBOL_ENTRY(WelsCreateDecoder);
++  OH264_SYMBOL_ENTRY(WelsDestroyDecoder);
++  OH264_SYMBOL_ENTRY(WelsGetCodecVersion);
++  OH264_SYMBOL_ENTRY(WelsGetCodecVersionEx);
++};
++
++/* Symbols are bound by loadLibOpenH264() */
++static struct oh264_symbols openh264_symbols;
++
++int oh264_WelsCreateSVCEncoder(ISVCEncoder **ppEncoder) {
++  return openh264_symbols._oh264_WelsCreateSVCEncoder.f(ppEncoder);
++}
++
++void oh264_WelsDestroySVCEncoder(ISVCEncoder *pEncoder) {
++  return openh264_symbols._oh264_WelsDestroySVCEncoder.f(pEncoder);
++}
++
++int oh264_WelsGetDecoderCapability(SDecoderCapability *pDecCapability) {
++  return openh264_symbols._oh264_WelsGetDecoderCapability.f(pDecCapability);
++}
++
++long oh264_WelsCreateDecoder(ISVCDecoder **ppDecoder) {
++  return openh264_symbols._oh264_WelsCreateDecoder.f(ppDecoder);
++}
++
++void oh264_WelsDestroyDecoder(ISVCDecoder *pDecoder) {
++  return openh264_symbols._oh264_WelsDestroyDecoder.f(pDecoder);
++}
++
++OpenH264Version oh264_WelsGetCodecVersion(void) {
++  return openh264_symbols._oh264_WelsGetCodecVersion.f();
++}
++
++void oh264_WelsGetCodecVersionEx(OpenH264Version *pVersion) {
++  openh264_symbols._oh264_WelsGetCodecVersionEx.f(pVersion);
++}
++
++static void *_oh264_bind_symbol(AVCodecContext *avctx,
++                                void *handle,
++                                const char *sym_name) {
++    void *sym = NULL;
++
++    sym = dlsym(handle, sym_name);
++    if (sym == NULL) {
++        const char *err = dlerror();
++        av_log(avctx,
++               AV_LOG_WARNING,
++               "%s: Failed to bind %s\n",
++               err,
++               sym_name);
++        return NULL;
++    }
++
++    return sym;
++}
++
++#define oh264_bind_symbol(avctx, handle, sym_name)                           \
++  if (openh264_symbols._oh264_##sym_name.obj == NULL) {                      \
++    openh264_symbols._oh264_##sym_name.obj = _oh264_bind_symbol(avctx, handle, #sym_name); \
++    if (openh264_symbols._oh264_##sym_name.obj == NULL) {                    \
++      return 1;                                                              \
++    }                                                                        \
++  }
++
++int loadLibOpenH264(AVCodecContext *avctx) {
++  static bool initialized = false;
++  void *libopenh264 = NULL;
++  const char *err = NULL;
++
++  if (initialized) {
++      return 0;
++  }
++
++#define OPENH264_LIB "libopenh264.so.7"
++  libopenh264 = dlopen(OPENH264_LIB, RTLD_LAZY);
++  err = dlerror();
++  if (err != NULL) {
++    av_log(avctx, AV_LOG_WARNING,
++           "%s: %s is missing, openh264 support will be disabled\n", err,
++           OPENH264_LIB);
++
++    if (libopenh264 != NULL) {
++      dlclose(libopenh264);
++    }
++    return 1;
++  }
++
++  oh264_bind_symbol(avctx, libopenh264, WelsCreateSVCEncoder);
++  oh264_bind_symbol(avctx, libopenh264, WelsDestroySVCEncoder);
++  oh264_bind_symbol(avctx, libopenh264, WelsGetDecoderCapability);
++  oh264_bind_symbol(avctx, libopenh264, WelsCreateDecoder);
++  oh264_bind_symbol(avctx, libopenh264, WelsDestroyDecoder);
++  oh264_bind_symbol(avctx, libopenh264, WelsGetCodecVersion);
++  oh264_bind_symbol(avctx, libopenh264, WelsGetCodecVersionEx);
++
++  initialized = true;
++
++  return 0;
++}
+Index: ffmpeg-7.1/libavcodec/libopenh264_dlopen.h
+===================================================================
+--- /dev/null
++++ ffmpeg-7.1/libavcodec/libopenh264_dlopen.h
+@@ -0,0 +1,58 @@
++/*
++ * OpenH264 dlopen code
++ *
++ * Copyright (C) 2022 Andreas Schneider <asn@cryptomilk.org>
++ *
++ * This file is part of FFmpeg.
++ *
++ * FFmpeg is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU Lesser General Public
++ * License as published by the Free Software Foundation; either
++ * version 2.1 of the License, or (at your option) any later version.
++ *
++ * FFmpeg is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with FFmpeg; if not, write to the Free Software
++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
++ */
++
++#ifndef HAVE_LIBOPENH264_DLOPEN_H
++#define HAVE_LIBOPENH264_DLOPEN_H
++
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++
++#include <wels/codec_api.h>
++#include <wels/codec_ver.h>
++
++#include "avcodec.h"
++
++int oh264_WelsCreateSVCEncoder(ISVCEncoder **ppEncoder);
++#define WelsCreateSVCEncoder oh264_WelsCreateSVCEncoder
++
++void oh264_WelsDestroySVCEncoder(ISVCEncoder *pEncoder);
++#define WelsDestroySVCEncoder oh264_WelsDestroySVCEncoder
++
++int oh264_WelsGetDecoderCapability(SDecoderCapability *pDecCapability);
++#define WelsGetDecoderCapability oh264_WelsGetDecoderCapability
++
++long oh264_WelsCreateDecoder(ISVCDecoder **ppDecoder);
++#define WelsCreateDecoder oh264_WelsCreateDecoder
++
++void oh264_WelsDestroyDecoder(ISVCDecoder *pDecoder);
++#define WelsDestroyDecoder oh264_WelsDestroyDecoder
++
++OpenH264Version oh264_WelsGetCodecVersion(void);
++#define WelsGetCodecVersion oh264_WelsGetCodecVersion
++
++void oh264_WelsGetCodecVersionEx(OpenH264Version *pVersion);
++#define WelsGetCodecVersionEx oh264_WelsGetCodecVersionEx
++
++int loadLibOpenH264(AVCodecContext *avctx);
++
++#endif /* CONFIG_LIBOPENH264_DLOPEN */
++
++#endif /* HAVE_LIBOPENH264_DLOPEN_H */
+Index: ffmpeg-7.1/libavcodec/libopenh264dec.c
+===================================================================
+--- ffmpeg-7.1.orig/libavcodec/libopenh264dec.c
++++ ffmpeg-7.1/libavcodec/libopenh264dec.c
+@@ -19,8 +19,12 @@
+  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+  */
+ 
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++#include "libopenh264_dlopen.h"
++#else
+ #include <wels/codec_api.h>
+ #include <wels/codec_ver.h>
++#endif
+ 
+ #include "libavutil/common.h"
+ #include "libavutil/fifo.h"
+@@ -55,6 +59,10 @@ static av_cold int svc_decode_init(AVCod
+     int log_level;
+     WelsTraceCallback callback_function;
+ 
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++    if (loadLibOpenH264(avctx))
++         return AVERROR_DECODER_NOT_FOUND;
++#endif
+     if (WelsCreateDecoder(&s->decoder)) {
+         av_log(avctx, AV_LOG_ERROR, "Unable to create decoder\n");
+         return AVERROR_UNKNOWN;
+Index: ffmpeg-7.1/libavcodec/libopenh264enc.c
+===================================================================
+--- ffmpeg-7.1.orig/libavcodec/libopenh264enc.c
++++ ffmpeg-7.1/libavcodec/libopenh264enc.c
+@@ -19,8 +19,12 @@
+  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+  */
+ 
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++#include "libopenh264_dlopen.h"
++#else
+ #include <wels/codec_api.h>
+ #include <wels/codec_ver.h>
++#endif
+ 
+ #include "libavutil/attributes.h"
+ #include "libavutil/common.h"
+@@ -114,6 +118,10 @@ static av_cold int svc_encode_init(AVCod
+     WelsTraceCallback callback_function;
+     AVCPBProperties *props;
+ 
++#ifdef CONFIG_LIBOPENH264_DLOPEN
++    if (loadLibOpenH264(avctx))
++         return AVERROR_ENCODER_NOT_FOUND;
++#endif
+     if (WelsCreateSVCEncoder(&s->encoder)) {
+         av_log(avctx, AV_LOG_ERROR, "Unable to create encoder\n");
+         return AVERROR_UNKNOWN;

work-around-abi-break.patch

@@ -13,12 +13,11 @@ ffmpeg, which can cause inadvertent mixing of library versions on
 openSUSE, and precompiled Linux distributions in general.
 
 Upstream says "we only add new functions" - which is ok in its own
-right. New symbols must be in a new verdef section though, existing
-sections *must*not* change under *any* circumstances, but that is
-what they broke: the set of symbols included in the "LIBAVFORMAT_59"
-verdef changed between 5.0 and 5.1.
+right. verdefs, if you have them, *must*not* change under any
+circumstances, but that is what they broke: the set of symbols
+included in the "LIBAVFORMAT_59" verdef changed between 5.0 and 5.1.
 
-$ abidiff /usr/lib64/libavformat.so.59.16.100 usr/lib64/libavformat.so.59.27.100
+$ abidiff abidiff /usr/lib64/libavformat.so.59.16.100 usr/lib64/libavformat.so.59.27.100
 Functions changes summary: 0 Removed, 0 Changed, 0 Added function
 Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
 Function symbols changes summary: 0 Removed, 1 Added function symbol not referenced by debug info