move metadata into patch

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=89

ffmpeg-5.spec

@@ -121,13 +121,9 @@ Patch16:        0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
 Patch90:        ffmpeg-chromium.patch
 Patch91:        ffmpeg-dlopen-openh264.patch
 Patch93:        soname.diff
-# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50007.patch CVE-2023-50007 bsc#1223253 qzhao@suse.com -- Fix crash with EOF handling.
 Patch94:        ffmpeg-CVE-2023-50007.patch
-# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50008.patch CVE-2023-50008 bsc#1223254 qzhao@suse.com -- Fix memory leaks.
 Patch95:        ffmpeg-CVE-2023-50008.patch
-# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-49502.patch CVE-2023-49502 bsc#1223235 qzhao@suse.com -- Account for chroma sub-sampling in min size calculation.
 Patch96:        ffmpeg-CVE-2023-49502.patch
-# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-51793.patch CVE-2023-51793 bsc#1223272 qzhao@suse.com -- Fix odd height handling.
 Patch97:        ffmpeg-CVE-2023-51793.patch
 %if %{with amf_sdk}
 BuildRequires:  AMF-devel

ffmpeg-CVE-2023-49502.patch

@@ -1,22 +1,23 @@
-commit 737ede405b11a37fdd61d19cf25df296a0cb0b75
+From 737ede405b11a37fdd61d19cf25df296a0cb0b75
-Author: Cosmin Stejerean <cosmin@cosmin.at>
+From: Cosmin Stejerean <cosmin@cosmin.at>
-Date:   Wed Dec 6 18:39:32 2023 +0800
+Date: Wed Dec 6 18:39:32 2023 +0800
+Subject: avfilter/bwdif: account for chroma sub-sampling in min size calculation
+References: https://bugzilla.opensuse.org/1223235
+References: CVE-2023-49502
 
-    avfilter/bwdif: account for chroma sub-sampling in min size calculation
+The current logic for detecting frames that are too small for the
-    
+algorithm does not account for chroma sub-sampling, and so a sample
-    The current logic for detecting frames that are too small for the
+where the luma plane is large enough, but the chroma planes are not
-    algorithm does not account for chroma sub-sampling, and so a sample
+will not be rejected. In that event, a heap overflow will occur.
-    where the luma plane is large enough, but the chroma planes are not
+
-    will not be rejected. In that event, a heap overflow will occur.
+This change adjusts the logic to consider the chroma planes and makes
-    
+the change to all three bwdif implementations.
-    This change adjusts the logic to consider the chroma planes and makes
+
-    the change to all three bwdif implementations.
+Fixes #10688
-    
+
-    Fixes #10688
+Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
-    
+Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
-    Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
+Signed-off-by: Philip Langdale <philipl@overt.org>
-    Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
-    Signed-off-by: Philip Langdale <philipl@overt.org>
 
 diff -Nura ffmpeg-5.1.4/libavfilter/vf_bwdif.c ffmpeg-5.1.4_new/libavfilter/vf_bwdif.c
 --- ffmpeg-5.1.4/libavfilter/vf_bwdif.c	2023-11-10 07:38:51.000000000 +0800

ffmpeg-CVE-2023-50007.patch

@@ -1,8 +1,9 @@
-commit b1942734c7cbcdc9034034373abcc9ecb9644c47
+From b1942734c7cbcdc9034034373abcc9ecb9644c47
-Author: Paul B Mahol <onemda@gmail.com>
+From: Paul B Mahol <onemda@gmail.com>
-Date:   Mon Nov 27 11:45:34 2023 +0100
+Date: Mon Nov 27 11:45:34 2023 +0100
-
+Subject: avfilter/af_afwtdn: fix crash with EOF handling
-    avfilter/af_afwtdn: fix crash with EOF handling
+References: https://bugzilla.opensuse.org/1223253
+References: CVE-2023-50007
 
 diff -Nura ffmpeg-5.1.4/libavfilter/af_afwtdn.c ffmpeg-5.1.4_new/libavfilter/af_afwtdn.c
 --- ffmpeg-5.1.4/libavfilter/af_afwtdn.c	2023-11-10 07:38:51.000000000 +0800

ffmpeg-CVE-2023-50008.patch

@@ -1,8 +1,9 @@
-commit 5f87a68cf70dafeab2fb89b42e41a4c29053b89b
+From 5f87a68cf70dafeab2fb89b42e41a4c29053b89b
-Author: Paul B Mahol <onemda@gmail.com>
+From: Paul B Mahol <onemda@gmail.com>
-Date:   Mon Nov 27 12:08:20 2023 +0100
+Date: Mon Nov 27 12:08:20 2023 +0100
-
+Subject: avfilter/vf_colorcorrect: fix memory leaks
-    avfilter/vf_colorcorrect: fix memory leaks
+References: https://bugzilla.opensuse.org/1223254
+References: CVE-2023-50008
 
 diff -Nura ffmpeg-5.1.4/libavfilter/vf_colorcorrect.c ffmpeg-5.1.4_new/libavfilter/vf_colorcorrect.c
 --- ffmpeg-5.1.4/libavfilter/vf_colorcorrect.c	2023-11-10 07:38:51.000000000 +0800

ffmpeg-CVE-2023-51793.patch

@@ -1,14 +1,15 @@
-commit 0ecc1f0e48930723d7a467761b66850811c23e62
+From 0ecc1f0e48930723d7a467761b66850811c23e62
-Author: Michael Niedermayer <michael@niedermayer.cc>
+From: Michael Niedermayer <michael@niedermayer.cc>
-Date:   Fri Dec 22 12:31:35 2023 +0100
+Date: Fri Dec 22 12:31:35 2023 +0100
+Subject: avfilter/vf_weave: Fix odd height handling
+References: https://bugzilla.opensuse.org/1223272
+References: CVE-2023-51793
+    
+Fixes: out of array access
+Fixes: tickets/10743/poc10ffmpeg
 
-    avfilter/vf_weave: Fix odd height handling
+Found-by: Zeng Yunxiang and Li Zeyuan
-    
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-    Fixes: out of array access
-    Fixes: tickets/10743/poc10ffmpeg
-    
-    Found-by: Zeng Yunxiang and Li Zeyuan
-    Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 
 diff -Nura ffmpeg-5.1.4/libavfilter/vf_weave.c ffmpeg-5.1.4_new/libavfilter/vf_weave.c
 --- ffmpeg-5.1.4/libavfilter/vf_weave.c	2023-11-10 07:38:51.000000000 +0800