From 9cb41539acef944a6b1e3d1505743cbc1d6b1ed0259a1f703087784bde07f417 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Sat, 27 Jul 2024 05:52:27 +0000 Subject: [PATCH] [info=8d0c8d913bcd3d35e147ea6abcc1badd002106e9e45fe7b785e2af977a5eb2e3] OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=99 --- _scmsync.obsinfo | 4 +-- ...6.patch => ffmpeg-4.4-CVE-2020-22046.patch | 0 ffmpeg-5.changes | 13 -------- ffmpeg-5.spec | 31 ++++++++++--------- ...49502.patch => ffmpeg-CVE-2023-49502.patch | 0 ...50007.patch => ffmpeg-CVE-2023-50007.patch | 0 ...50008.patch => ffmpeg-CVE-2023-50008.patch | 0 ...50009.patch => ffmpeg-CVE-2023-50009.patch | 0 ...50010.patch => ffmpeg-CVE-2023-50010.patch | 0 ...51793.patch => ffmpeg-CVE-2023-51793.patch | 0 ...ify-ff_gaussian_blur-and-ff-function.patch | 13 +++++--- 11 files changed, 26 insertions(+), 35 deletions(-) rename ffmpeg-4-CVE-2020-22046.patch => ffmpeg-4.4-CVE-2020-22046.patch (100%) rename ffmpeg-5-CVE-2023-49502.patch => ffmpeg-CVE-2023-49502.patch (100%) rename ffmpeg-5-CVE-2023-50007.patch => ffmpeg-CVE-2023-50007.patch (100%) rename ffmpeg-5-CVE-2023-50008.patch => ffmpeg-CVE-2023-50008.patch (100%) rename ffmpeg-5-CVE-2023-50009.patch => ffmpeg-CVE-2023-50009.patch (100%) rename ffmpeg-5-CVE-2023-50010.patch => ffmpeg-CVE-2023-50010.patch (100%) rename ffmpeg-5-CVE-2023-51793.patch => ffmpeg-CVE-2023-51793.patch (100%) rename ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch => ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch (97%) diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo index 128cae4..9e475d7 100644 --- a/_scmsync.obsinfo +++ b/_scmsync.obsinfo @@ -1,3 +1,3 @@ -mtime: 1721891049 -commit: e2830ed12e00286d56f1b39819ffdd7f9ef1b0ab2baeba53966412f7b9b8887a +mtime: 1722059753 +commit: 8d0c8d913bcd3d35e147ea6abcc1badd002106e9e45fe7b785e2af977a5eb2e3 url: https://src.opensuse.org/jengelh/ffmpeg-5.git diff --git a/ffmpeg-4-CVE-2020-22046.patch b/ffmpeg-4.4-CVE-2020-22046.patch similarity index 100% rename from ffmpeg-4-CVE-2020-22046.patch rename to ffmpeg-4.4-CVE-2020-22046.patch diff --git a/ffmpeg-5.changes b/ffmpeg-5.changes index 8bf01b4..a1e6968 100644 --- a/ffmpeg-5.changes +++ b/ffmpeg-5.changes @@ -13,19 +13,6 @@ Tue Jul 2 11:57:01 UTC 2024 - Cliff Zhao grain metadata. (CVE-2024-32228, bsc#1227277) -------------------------------------------------------------------- -Tue Jul 2 11:28:10 UTC 2024 - Cliff Zhao - -- Rename CVE patches as SUSE CVE standard:(package name)-%(CVE number) - ffmpeg-4.4-CVE-2020-22046.patch - ffmpeg-5-CVE-2023-50007.patch - ffmpeg-5-CVE-2023-50008.patch - ffmpeg-5-CVE-2023-49502.patch - ffmpeg-5-CVE-2023-51793.patch - ffmpeg-5-CVE-2023-50009.patch - ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch - ffmpeg-5-CVE-2023-50010.patch - ------------------------------------------------------------------- Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao diff --git a/ffmpeg-5.spec b/ffmpeg-5.spec index 742cb9a..e867491 100644 --- a/ffmpeg-5.spec +++ b/ffmpeg-5.spec @@ -17,9 +17,6 @@ %define flavor @BUILD_FLAVOR@%{nil} -# -# preamble is present twice, watch out -# %if "%{flavor}" != "ffmpeg-5-mini" # Create proper conflicts to make sure we require all from one version @@ -107,7 +104,7 @@ Patch2: ffmpeg-new-coder-errors.diff Patch3: ffmpeg-codec-choice.diff Patch4: ffmpeg-4.2-dlopen-fdk_aac.patch Patch5: work-around-abi-break.patch -Patch9: ffmpeg-4-CVE-2020-22046.patch +Patch9: ffmpeg-4.4-CVE-2020-22046.patch Patch10: 0001-avfilter-af_dialoguenhance-fix-overreads.patch Patch11: 0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch Patch12: 0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch @@ -119,15 +116,18 @@ Patch17: 0001-avfilter-af_stereowiden-Check-length.patch Patch90: ffmpeg-chromium.patch Patch91: ffmpeg-dlopen-openh264.patch Patch93: soname.diff -Patch94: ffmpeg-5-CVE-2023-50007.patch -Patch95: ffmpeg-5-CVE-2023-50008.patch -Patch96: ffmpeg-5-CVE-2023-49502.patch -Patch97: ffmpeg-5-CVE-2023-51793.patch -Patch98: ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch -Patch99: ffmpeg-5-CVE-2023-50009.patch -Patch100: ffmpeg-5-CVE-2023-50010.patch +Patch94: ffmpeg-CVE-2023-50007.patch +Patch95: ffmpeg-CVE-2023-50008.patch +Patch96: ffmpeg-CVE-2023-49502.patch +Patch97: ffmpeg-CVE-2023-51793.patch +Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch +Patch99: ffmpeg-CVE-2023-50009.patch +Patch100: ffmpeg-CVE-2023-50010.patch Patch101: ffmpeg-5-CVE-2024-32228.patch Patch102: ffmpeg-5-CVE-2024-32230.patch +# +# preamble is present twice, watch out +# %if %{with amf_sdk} BuildRequires: AMF-devel %endif @@ -855,14 +855,15 @@ Patch17: 0001-avfilter-af_stereowiden-Check-length.patch Patch90: ffmpeg-chromium.patch Patch91: ffmpeg-dlopen-openh264.patch Patch93: soname.diff -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50007.patch CVE-2023-50007 bsc#1223253 qzhao@suse.com -- Fix crash with EOF handling. Patch94: ffmpeg-CVE-2023-50007.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50008.patch CVE-2023-50008 bsc#1223254 qzhao@suse.com -- Fix memory leaks. Patch95: ffmpeg-CVE-2023-50008.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-49502.patch CVE-2023-49502 bsc#1223235 qzhao@suse.com -- Account for chroma sub-sampling in min size calculation. Patch96: ffmpeg-CVE-2023-49502.patch -# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-51793.patch CVE-2023-51793 bsc#1223272 qzhao@suse.com -- Fix odd height handling. Patch97: ffmpeg-CVE-2023-51793.patch +Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch +Patch99: ffmpeg-CVE-2023-50009.patch +Patch100: ffmpeg-CVE-2023-50010.patch +Patch101: ffmpeg-5-CVE-2024-32228.patch +Patch102: ffmpeg-5-CVE-2024-32230.patch BuildRequires: c_compiler Requires: this-is-only-for-build-envs diff --git a/ffmpeg-5-CVE-2023-49502.patch b/ffmpeg-CVE-2023-49502.patch similarity index 100% rename from ffmpeg-5-CVE-2023-49502.patch rename to ffmpeg-CVE-2023-49502.patch diff --git a/ffmpeg-5-CVE-2023-50007.patch b/ffmpeg-CVE-2023-50007.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50007.patch rename to ffmpeg-CVE-2023-50007.patch diff --git a/ffmpeg-5-CVE-2023-50008.patch b/ffmpeg-CVE-2023-50008.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50008.patch rename to ffmpeg-CVE-2023-50008.patch diff --git a/ffmpeg-5-CVE-2023-50009.patch b/ffmpeg-CVE-2023-50009.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50009.patch rename to ffmpeg-CVE-2023-50009.patch diff --git a/ffmpeg-5-CVE-2023-50010.patch b/ffmpeg-CVE-2023-50010.patch similarity index 100% rename from ffmpeg-5-CVE-2023-50010.patch rename to ffmpeg-CVE-2023-50010.patch diff --git a/ffmpeg-5-CVE-2023-51793.patch b/ffmpeg-CVE-2023-51793.patch similarity index 100% rename from ffmpeg-5-CVE-2023-51793.patch rename to ffmpeg-CVE-2023-51793.patch diff --git a/ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch b/ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch similarity index 97% rename from ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch rename to ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch index e7e64a7..a796a16 100644 --- a/ffmpeg-5-CVE-2023-50009-shim-cf1f5744.patch +++ b/ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch @@ -1,14 +1,16 @@ commit cf1f57443158bcbe84a213e8dc631a302993f9a2 Author: Thilo Borgmann Date: Mon Jul 18 16:09:46 2022 +0200 -Subject: lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel References: CVE-2023-50009 -References: bsc#1172423 -Upstream: Backport from upstream +References: https://bugzilla.opensuse.org/1172423 -Backport cf1f5744 from upstream, Templatify function ff_gaussian_blur -and ff_sobel to prepare fix support for CVE-2023-50009. -qzhao +lavfi/edge_common: Templatify ff_gaussian_blur and ff_sobel +[Backport cf1f5744 from upstream, Templatify function ff_gaussian_blur +and ff_sobel to prepare fix support for CVE-2023-50009. -qzhao] + +diff --git a/libavfilter/edge_common.c b/libavfilter/edge_common.c +index d72e8521cd..ebd47d7c53 100644 --- a/libavfilter/edge_common.c +++ b/libavfilter/edge_common.c @@ -46,33 +46,13 @@ static int get_rounded_direction(int gx, int gy) @@ -310,3 +312,4 @@ index 90390ceb3e..603f06f141 100644 * ignore the rest, so we need a clean output buffer */ -- 2.41.0 +