diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo index a1a658e..e555e11 100644 --- a/_scmsync.obsinfo +++ b/_scmsync.obsinfo @@ -1,4 +1,4 @@ -mtime: 1724842934 -commit: 9e43e5445b98d8995b81b0fc26eca3b5334fb0e654fa27f34d5f3cd90ff11654 +mtime: 1726314299 +commit: 79e46abe5636072004aa47101b1fe0b5408a73862b22b9beadc828972944d9f3 url: https://src.opensuse.org/jengelh/ffmpeg-4 revision: master diff --git a/build.specials.obscpio b/build.specials.obscpio index 69b6afd..20184ec 100644 --- a/build.specials.obscpio +++ b/build.specials.obscpio @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b212150063cce6a2f3c114d5989271b8ece2cda01a3f77a84846e9ebd73afca1 +oid sha256:187e6df75a478c0231365522d22a39b7a977ae8cd33a18a23f08bd8c655960d7 size 256 diff --git a/ffmpeg-4-CVE-2024-7055.patch b/ffmpeg-4-CVE-2024-7055.patch new file mode 100644 index 0000000..3bf12aa --- /dev/null +++ b/ffmpeg-4-CVE-2024-7055.patch @@ -0,0 +1,29 @@ +From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Thu, 18 Jul 2024 21:12:54 +0200 +Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check +References: CVE-2024-7055 +References: bsc#1229026 +Upstream: Backport from upstream + +Fixes: out of array read +Fixes: poc3 + +Reported-by: VulDB CNA Team +Found-by: CookedMelon +Signed-off-by: Michael Niedermayer +--- + libavcodec/pnmdec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- ffmpeg-4.4.4/libavcodec/pnmdec.c ++++ ffmpeg-4.4.4_new/libavcodec/pnmdec.c +@@ -256,7 +256,7 @@ + } + break; + case AV_PIX_FMT_GBRPF32: +- if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream) ++ if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream) + return AVERROR_INVALIDDATA; + scale = 1.f / s->scale; + if (s->endian) { diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes index 4bb592a..8c69dad 100644 --- a/ffmpeg-4.changes +++ b/ffmpeg-4.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Fri Sep 6 15:06:21 UTC 2024 - Cliff Zhao + +- Add ffmpeg-4-CVE-2024-7055.patch: + Backporting 3faadbe2 from upstream, Use 64bit for input size check, + Fixes: out of array read, Fixes: poc3. + (CVE-2024-7055, bsc#1229026) + ------------------------------------------------------------------- Wed Aug 28 10:42:38 UTC 2024 - Jan Engelhardt @@ -22,7 +30,7 @@ Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao - Add ffmpeg-CVE-2023-50010.patch: Backporting e4d2666b from upstream, fixes the out of array access. - (CVE-2023-50010 bsc#1223256) + (CVE-2023-a50010, bsc#1223256) ------------------------------------------------------------------- Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt @@ -35,7 +43,7 @@ Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao - Add ffmpeg-CVE-2023-51793.patch: Backporting 0ecc1f0e from upstream, Fix odd height handling. - (CVE-2023-51793 bsc#1223272) + (CVE-2023-51793, bsc#1223272) ------------------------------------------------------------------- Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao @@ -43,7 +51,7 @@ Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao - Add ffmpeg-CVE-2023-49502.patch: Backporting 737ede40 from upstream, account for chroma sub-sampling in min size calculation. - (CVE-2023-49502 bsc#1223235) + (CVE-2023-49502, bsc#1223235) ------------------------------------------------------------------- Tue Apr 23 14:25:53 UTC 2024 - Jan Engelhardt diff --git a/ffmpeg-4.spec b/ffmpeg-4.spec index f7bbaca..f65735d 100644 --- a/ffmpeg-4.spec +++ b/ffmpeg-4.spec @@ -134,6 +134,7 @@ Patch20: ffmpeg-CVE-2023-50010.patch Patch21: ffmpeg-4-CVE-2024-32230.patch Patch22: ffmpeg-c99.patch Patch23: 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch +Patch24: ffmpeg-4-CVE-2024-7055.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel