Sync changes to SLFO-1.2 branch

OBS-URL: https://build.opensuse.org/request/show/1248138
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ffmpeg-7?expand=0&rev=10

0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch

@@ -0,0 +1,33 @@
+From d1ed5c06e3edc5f2b5f3664c80121fa55b0baa95 Mon Sep 17 00:00:00 2001
+From: Gyan Doshi <ffmpeg@gyani.pro>
+Date: Sat, 22 Feb 2025 10:38:53 +0530
+Subject: [PATCH] avcodec/libsvtav1: unbreak build with latest svtav1
+
+SVT-AV1 made a change in their public API in 988e930c but without a
+version bump or any other accessible marker, thus breaking ffmpeg build
+with current versions of SVT-AV1.
+
+They have finally bumped versions a month later, so check added.
+---
+ libavcodec/libsvtav1.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libavcodec/libsvtav1.c b/libavcodec/libsvtav1.c
+index 79b28eb4df..43fe531fde 100644
+--- a/libavcodec/libsvtav1.c
++++ b/libavcodec/libsvtav1.c
+@@ -435,7 +435,11 @@ static av_cold int eb_enc_init(AVCodecContext *avctx)
+ 
+     svt_enc->eos_flag = EOS_NOT_REACHED;
+ 
++#if SVT_AV1_CHECK_VERSION(3, 0, 0)
++    svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, &svt_enc->enc_params);
++#else
+     svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, svt_enc, &svt_enc->enc_params);
++#endif
+     if (svt_ret != EB_ErrorNone) {
+         return svt_print_error(avctx, svt_ret, "Error initializing encoder handle");
+     }
+-- 
+2.48.1
+

ffmpeg-7.1.1.tar.xz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmfE+J4YHGZmbXBlZy1k
+ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYNAwH/3i5n8X6+6Gw+1U+k6Lfwe4t
+d1AmG/XyJd3ZkqnSXmtpW/p/DoHaRQLTJMHq/5jWi0Dcpr8M8VD0pZxzEksfy0XY
+xHEqKXRG37/SyoiH39+BXWOSry4shIhzTVfmQi9QGZ0i69J+ZOpP1cImWz2c6QBM
+Q2FMPv1QMVNR2UWHDGgYAvvg2qfJfGgIdQQtvAQe1q3co6LuaZC0ndgoNmNyuPLV
+nNmsoetZucoNC4M7kcevyssrRMDi+yHk5X86LfV/cBY+BKP9X8u8pieXrnctSYAh
+qqBnsg4jSj3fB96QvsFsdbUWEECKm4/gWJngMQTMk2Tg0RpQAwfHvp21Lppo/xw=
+=xzGf
+-----END PGP SIGNATURE-----

ffmpeg-7.1.2.tar.xz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmjHGF0YHGZmbXBlZy1k
-ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYY+0IAI4Haqz3h9AMEPwppJTY/R+A
-3FKY3HqPZXfCiF5V7q6R76ejk4ZheiEmNWw/FGq9mrvhEBDBmfYWHastaizo2ER6
-8ckOv+u/cA7YUYYdxvw7RQZqSGTrnpO9g3A/z84bjmCKW4DvSsM0Epg50E8oJsQo
-xojOwk5EVmEOnyNbroUHAOKXDux2C8QpxFkKP6HLHme1SlTQTfVZn2G38tN4KmaN
-T/p7HaR/nnLMnWC6IYWd0ss70AbRBNaIOdjPu7scA67HSS8Vb6WLOmcMjA9umrbI
-MftDxyx771uKc/pLMfEFFc6Pq1Ajy/qhrVesjTzXVyp9IUwP6wbjCDW7aKvkGKQ=
-=ew1G
------END PGP SIGNATURE-----

ffmpeg-7.changes

@@ -1,28 +1,3 @@
--------------------------------------------------------------------
-Fri Sep 19 18:44:35 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
-
-- Update to version 7.1.2:
-  * avcodec/librsvgdec: fix compilation with librsvg 2.50.3
-  * libavfilter/af_firequalizer: Add check for av_malloc_array()
-  * avcodec/libsvtav1: unbreak build with latest svtav1
-  * avformat/hls: Fix Youtube AAC
-  * Various bugfixes.
-- Drop patches fixed upstream:
-  * 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
-  * ffmpeg-CVE-2025-7700.patch
-
--------------------------------------------------------------------
-Wed Jul 23 13:28:49 UTC 2025 - Hans-Peter Jansen <hp@urpla.net>
-
-- Add vvenc build conditional
-
--------------------------------------------------------------------
-Wed Jul 23 07:01:22 UTC 2025 - SongChuan Kang <sckang@suse.com>
-
-- Add ffmpeg-CVE-2025-7700.patch: Add check for the return value
-  of av_malloc_array() and av_calloc() to avoid potential NULL
-  pointer dereference(CVE-2025-7700, bsc#1246790).
-
 -------------------------------------------------------------------
 Wed Jun 25 08:40:15 UTC 2025 - Yifan Jiang <yfjiang@suse.com>
 

ffmpeg-7.spec

@@ -60,7 +60,6 @@
 %bcond_with    fdk_aac_dlopen
 %bcond_with    opencore
 %bcond_with    smbclient
-%bcond_with    vvenc
 %bcond_with    x264
 %bcond_with    x265
 %bcond_with    xvid
@@ -97,7 +96,7 @@
 %define _major_expected 8
 
 Name:           ffmpeg-7
-Version:        7.1.2
+Version:        7.1.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later
@@ -122,10 +121,7 @@ Patch10:        ffmpeg-chromium.patch
 Patch15:        11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
 Patch18:        ffmpeg-7-CVE-2025-25473.patch
 Patch19:        ffmpeg-7-CVE-2025-22921.patch
-Patch20:	ffmpeg-CVE-2025-59728.patch
-Patch21:	ffmpeg-CVE-2025-59731.patch
-Patch22:	ffmpeg-CVE-2025-59732.patch
-Patch23:	ffmpeg-CVE-2025-59733.patch
+Patch20:        0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  nasm
@@ -225,9 +221,6 @@ BuildRequires:  pkgconfig(opencore-amrnb)
 %if %{with amrwb}
 BuildRequires:  pkgconfig(vo-amrwbenc)
 %endif
-%if %{with vvenc}
-BuildRequires:  vvenc-devel
-%endif
 %if %{with x264}
 BuildRequires:  pkgconfig(x264)
 %endif
@@ -668,9 +661,6 @@ LDFLAGS="%_lto_cflags" \
 %if %{with amrwb}
 	--enable-libvo-amrwbenc \
 %endif
-%if %{with vvenc}
-	--enable-libvvenc \
-%endif
 %if %{with x264}
 	--enable-libx264 \
 %endif
@@ -830,7 +820,7 @@ done
 #
 #!BcntSyncTag:  ffmpeg-7
 Name:           ffmpeg-7-mini
-Version:        7.1.2
+Version:        7.1.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later

ffmpeg-CVE-2025-59728.patch

@@ -1,59 +0,0 @@
-From ce0a655f85c1144d19a4acad59afbb92e4997e30 Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Mon, 28 Jul 2025 23:41:56 +0200
-Subject: [PATCH] avformat/dashdec: Allocate space for appended "/"
-
-Fixes: writing 1 byte over the end of the array
-Fixes: BIGSLEEP-433502298/test.xml
-
-Found-by: Google Big Sleep
-
-A prettier solution is welcome!
-A testcase exists only for the baseurl case
-
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavformat/dashdec.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/libavformat/dashdec.c b/libavformat/dashdec.c
-index c3f3d7f3f8..278c70315d 100644
---- a/libavformat/dashdec.c
-+++ b/libavformat/dashdec.c
-@@ -735,7 +735,7 @@ static int resolve_content_path(AVFormatContext *s, const char *url, int *max_ur
-     }
- 
-     tmp_max_url_size = aligned(tmp_max_url_size);
--    text = av_mallocz(tmp_max_url_size);
-+    text = av_mallocz(tmp_max_url_size + 1);
-     if (!text) {
-         updated = AVERROR(ENOMEM);
-         goto end;
-@@ -747,7 +747,7 @@ static int resolve_content_path(AVFormatContext *s, const char *url, int *max_ur
-     }
-     av_free(text);
- 
--    path = av_mallocz(tmp_max_url_size);
-+    path = av_mallocz(tmp_max_url_size + 2);
-     tmp_str = av_mallocz(tmp_max_url_size);
-     if (!tmp_str || !path) {
-         updated = AVERROR(ENOMEM);
-@@ -769,6 +769,15 @@ static int resolve_content_path(AVFormatContext *s, const char *url, int *max_ur
- 
-     node = baseurl_nodes[rootId];
-     baseurl = xmlNodeGetContent(node);
-+    if (baseurl) {
-+        size_t len = xmlStrlen(baseurl)+2;
-+        char *tmp = xmlRealloc(baseurl, len);
-+        if (!tmp) {
-+            updated = AVERROR(ENOMEM);
-+            goto end;
-+        }
-+        baseurl = tmp;
-+    }
-     root_url = (av_strcasecmp(baseurl, "")) ? baseurl : path;
-     if (node) {
-         xmlNodeSetContent(node, root_url);
--- 
-2.51.0
-

ffmpeg-CVE-2025-59731.patch

@@ -1,79 +0,0 @@
-From 0d9c003d76383e82b57b6d5aa33776709d0cda2c Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Wed, 6 Aug 2025 10:08:14 +0200
-Subject: [PATCH] avcodec/exr: Check rle_raw_data and surroundings
-
-Fixes: out of array read
-
-Fixes: BIGSLEEP-436510153/dwa_uncompress_read.exr
-
-Found-by: Google Big Sleep
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavcodec/exr.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/libavcodec/exr.c b/libavcodec/exr.c
-index 0a6aab662e..504fea0aac 100644
---- a/libavcodec/exr.c
-+++ b/libavcodec/exr.c
-@@ -996,6 +996,7 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-     const int dc_h = td->ysize >> 3;
-     GetByteContext gb, agb;
-     int skip, ret;
-+    int have_rle = 0;
- 
-     if (compressed_size <= 88)
-         return AVERROR_INVALIDDATA;
-@@ -1020,6 +1021,11 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-     )
-         return AVERROR_INVALIDDATA;
- 
-+    if ((uint64_t)rle_raw_size > INT_MAX) {
-+        avpriv_request_sample(s->avctx, "Too big rle_raw_size");
-+        return AVERROR_INVALIDDATA;
-+    }
-+
-     bytestream2_init(&gb, src + 88, compressed_size - 88);
-     skip = bytestream2_get_le16(&gb);
-     if (skip < 2)
-@@ -1090,6 +1096,9 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-     if (rle_raw_size > 0 && rle_csize > 0 && rle_usize > 0) {
-         unsigned long dest_len = rle_usize;
- 
-+        if (2LL * td->xsize * td->ysize > rle_raw_size)
-+            return AVERROR_INVALIDDATA;
-+
-         av_fast_padded_malloc(&td->rle_data, &td->rle_size, rle_usize);
-         if (!td->rle_data)
-             return AVERROR(ENOMEM);
-@@ -1106,6 +1115,8 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-         if (ret < 0)
-             return ret;
-         bytestream2_skip(&gb, rle_csize);
-+
-+        have_rle = 1;
-     }
- 
-     bytestream2_init(&agb, td->ac_data, ac_count * 2);
-@@ -1187,7 +1198,7 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-         return 0;
- 
-     if (s->pixel_type == EXR_HALF) {
--        for (int y = 0; y < td->ysize && td->rle_raw_data; y++) {
-+        for (int y = 0; y < td->ysize && have_rle; y++) {
-             uint16_t *ao = ((uint16_t *)td->uncompressed_data) + y * td->xsize * s->nb_channels;
-             uint8_t *ai0 = td->rle_raw_data + y * td->xsize;
-             uint8_t *ai1 = td->rle_raw_data + y * td->xsize + rle_raw_size / 2;
-@@ -1196,7 +1207,7 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-                 ao[x] = ai0[x] | (ai1[x] << 8);
-         }
-     } else {
--        for (int y = 0; y < td->ysize && td->rle_raw_data; y++) {
-+        for (int y = 0; y < td->ysize && have_rle; y++) {
-             uint32_t *ao = ((uint32_t *)td->uncompressed_data) + y * td->xsize * s->nb_channels;
-             uint8_t *ai0 = td->rle_raw_data + y * td->xsize;
-             uint8_t *ai1 = td->rle_raw_data + y * td->xsize + rle_raw_size / 2;
--- 
-2.51.0
-

ffmpeg-CVE-2025-59732.patch

@@ -1,52 +0,0 @@
-From f45da79b2c336c5f8f3e563d72b8a22fecdcde0c Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Wed, 6 Aug 2025 10:35:15 +0200
-Subject: [PATCH] avcodec/exr: Dont access outside xsize/ysize
-
-Fixes: out of array access
-Fixes: BIGSLEEP-436510316/dwa_uncompress_write.exr
-
-Found-by: Google Big Sleep
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavcodec/exr.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/libavcodec/exr.c b/libavcodec/exr.c
-index 504fea0aac..dea612a42b 100644
---- a/libavcodec/exr.c
-+++ b/libavcodec/exr.c
-@@ -1127,6 +1127,8 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-             float *yb = td->block[0];
-             float *ub = td->block[1];
-             float *vb = td->block[2];
-+            int bw = FFMIN(8, td->xsize - x);
-+            int bh = FFMIN(8, td->ysize - y);
- 
-             memset(td->block, 0, sizeof(td->block));
- 
-@@ -1151,8 +1153,8 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-                 uint16_t *ro = ((uint16_t *)td->uncompressed_data) +
-                     y * td->xsize * s->nb_channels + td->xsize * (o + 2) + x;
- 
--                for (int yy = 0; yy < 8; yy++) {
--                    for (int xx = 0; xx < 8; xx++) {
-+                for (int yy = 0; yy < bh; yy++) {
-+                    for (int xx = 0; xx < bw; xx++) {
-                         const int idx = xx + yy * 8;
-                         float b, g, r;
- 
-@@ -1175,8 +1177,8 @@ static int dwa_uncompress(const EXRContext *s, const uint8_t *src, int compresse
-                 float *ro = ((float *)td->uncompressed_data) +
-                     y * td->xsize * s->nb_channels + td->xsize * (o + 2) + x;
- 
--                for (int yy = 0; yy < 8; yy++) {
--                    for (int xx = 0; xx < 8; xx++) {
-+                for (int yy = 0; yy < bh; yy++) {
-+                    for (int xx = 0; xx < bw; xx++) {
-                         const int idx = xx + yy * 8;
- 
-                         convert(yb[idx], ub[idx], vb[idx], &bo[xx], &go[xx], &ro[xx]);
--- 
-2.51.0
-

ffmpeg-CVE-2025-59733.patch

@@ -1,39 +0,0 @@
-From 0469d68acb52081ca8385b844b9650398242be0f Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Sat, 9 Aug 2025 14:05:19 +0200
-Subject: [PATCH] avcodec/exr: Check for pixel type consistency in DWA
-
-Fixes: out of array access
-Fixes: BIGSLEEP-436511754/testcase.exr
-
-Found-by: Google Big Sleep
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
----
- libavcodec/exr.c | 11 +++++++++++
- 1 file changed, 11 insertions(+)
-
-diff --git a/libavcodec/exr.c b/libavcodec/exr.c
-index dea612a42b..67f971ff35 100644
---- a/libavcodec/exr.c
-+++ b/libavcodec/exr.c
-@@ -2086,6 +2086,17 @@ static int decode_frame(AVCodecContext *avctx, AVFrame *picture,
-     if ((ret = decode_header(s, picture)) < 0)
-         return ret;
- 
-+    if (s->compression == EXR_DWAA ||
-+        s->compression == EXR_DWAB) {
-+        for (int i = 0; i<s->nb_channels; i++) {
-+            EXRChannel *channel = &s->channels[i];
-+            if (channel->pixel_type != s->pixel_type) {
-+                avpriv_request_sample(s->avctx, "mixed pixel type DWA");
-+                return AVERROR_PATCHWELCOME;
-+            }
-+        }
-+    }
-+
-     switch (s->pixel_type) {
-     case EXR_HALF:
-         if (s->channel_offsets[3] >= 0) {
--- 
-2.51.0
-

work-around-abi-break.patch

@@ -13,12 +13,11 @@ ffmpeg, which can cause inadvertent mixing of library versions on
 openSUSE, and precompiled Linux distributions in general.
 
 Upstream says "we only add new functions" - which is ok in its own
-right. New symbols must be in a new verdef section though, existing
-sections *must*not* change under *any* circumstances, but that is
-what they broke: the set of symbols included in the "LIBAVFORMAT_59"
-verdef changed between 5.0 and 5.1.
+right. verdefs, if you have them, *must*not* change under any
+circumstances, but that is what they broke: the set of symbols
+included in the "LIBAVFORMAT_59" verdef changed between 5.0 and 5.1.
 
-$ abidiff /usr/lib64/libavformat.so.59.16.100 usr/lib64/libavformat.so.59.27.100
+$ abidiff abidiff /usr/lib64/libavformat.so.59.16.100 usr/lib64/libavformat.so.59.27.100
 Functions changes summary: 0 Removed, 0 Changed, 0 Added function
 Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
 Function symbols changes summary: 0 Removed, 1 Added function symbol not referenced by debug info