forked from jengelh/ffmpeg-5
add bugrefs and explanation
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=92
This commit is contained in:
parent
651f9ba2dd
commit
ccf5285d75
@ -1,15 +1,17 @@
|
||||
commit c443658d26d2b8e19901f9507a890e0efca79056 (HEAD -> 20231222_CVE-2023-50009_c443658d26d2b8e19901f9507a890e0efca79056)
|
||||
Author: Michael Niedermayer <michael@niedermayer.cc>
|
||||
Date: Fri Dec 22 11:54:24 2023 +0100
|
||||
References: CVE-2023-50009
|
||||
References: https://bugzilla.opensuse.org/1172423
|
||||
|
||||
avfilter/edge_template: Fix small inputs with gaussian_blur()
|
||||
|
||||
Fixes: out of array access
|
||||
Fixes: Ticket10699
|
||||
Fixes: poc5ffmpeg
|
||||
|
||||
Found-by: Zeng Yunxiang
|
||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
||||
avfilter/edge_template: Fix small inputs with gaussian_blur()
|
||||
|
||||
Fixes: out of array access
|
||||
Fixes: Ticket10699
|
||||
Fixes: poc5ffmpeg
|
||||
|
||||
Found-by: Zeng Yunxiang
|
||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
||||
|
||||
diff --git a/libavfilter/edge_template.c b/libavfilter/edge_template.c
|
||||
index 14635c25af..ce45e579db 100644
|
||||
|
@ -1,18 +1,20 @@
|
||||
commit e4d2666bdc3dbd177a81bbf428654a5f2fa3787a (20231224_CVE-2023-50010_e4d2666bdc3dbd177a81bbf428654a5f2fa3787a)
|
||||
Author: Michael Niedermayer <michael@niedermayer.cc>
|
||||
Date: Sun Dec 24 20:50:51 2023 +0100
|
||||
References: CVE-2023-50009
|
||||
References: https://bugzilla.opensuse.org/1172423
|
||||
|
||||
avfilter/vf_gradfun: Do not overread last line
|
||||
|
||||
The code works in steps of 2 lines and lacks support for odd height
|
||||
Implementing odd height support is better but for now this fixes the
|
||||
out of array access
|
||||
|
||||
Fixes: out of array access
|
||||
Fixes: tickets/10702/poc6ffmpe
|
||||
|
||||
Found-by: Zeng Yunxiang
|
||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
||||
avfilter/vf_gradfun: Do not overread last line
|
||||
|
||||
The code works in steps of 2 lines and lacks support for odd height
|
||||
Implementing odd height support is better but for now this fixes the
|
||||
out of array access
|
||||
|
||||
Fixes: out of array access
|
||||
Fixes: tickets/10702/poc6ffmpe
|
||||
|
||||
Found-by: Zeng Yunxiang
|
||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
||||
|
||||
diff -Nura ffmpeg-5.1.4/libavfilter/vf_gradfun.c ffmpeg-5.1.4_new/libavfilter/vf_gradfun.c
|
||||
--- ffmpeg-5.1.4/libavfilter/vf_gradfun.c 2023-11-10 07:38:51.000000000 +0800
|
||||
|
@ -1,8 +1,13 @@
|
||||
commit cf1f57443158bcbe84a213e8dc631a302993f9a2
|
||||
Author: Thilo Borgmann <thilo.borgmann@mail.de>
|
||||
Date: Mon Jul 18 16:09:46 2022 +0200
|
||||
References: CVE-2023-50009
|
||||
References: https://bugzilla.opensuse.org/1172423
|
||||
|
||||
lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel
|
||||
lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel
|
||||
|
||||
[Backport cf1f5744 from upstream, Templatify function ff_gaussian_blur
|
||||
and ff_sobel to prepare fix support for CVE-2023-50009. -qzhao]
|
||||
|
||||
diff --git a/libavfilter/edge_common.c b/libavfilter/edge_common.c
|
||||
index d72e8521cd..ebd47d7c53 100644
|
||||
|
Loading…
Reference in New Issue
Block a user