From 32083452007930a19f6845ff9dabd64715f2bca36f8a20c936c161f6f8480517 Mon Sep 17 00:00:00 2001 From: ZhaoQiang Date: Wed, 31 Jul 2024 01:59:16 +0800 Subject: [PATCH] Add ffmpeg-4-CVE-2024-32230.patch to fix CVE issue. --- ffmpeg-4-CVE-2024-32230.patch | 23 +++++++++++++++++++++++ ffmpeg-4.changes | 7 +++++++ ffmpeg-4.spec | 3 ++- 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 ffmpeg-4-CVE-2024-32230.patch diff --git a/ffmpeg-4-CVE-2024-32230.patch b/ffmpeg-4-CVE-2024-32230.patch new file mode 100644 index 0000000..c4058f0 --- /dev/null +++ b/ffmpeg-4-CVE-2024-32230.patch @@ -0,0 +1,23 @@ +commit 96449cfeaeb95fcfd7a2b8d9ccf7719e97471ed1 +Author: Michael Niedermayer +Date: Mon Apr 8 18:38:42 2024 +0200 + + avcodec/mpegvideo_enc: Fix 1 line and one column images + + Fixes: Ticket10952 + Fixes: poc21ffmpeg + Signed-off-by: Michael Niedermayer + +--- ffmpeg-4.4.4/libavcodec/mpegvideo_enc.c ++++ ffmpeg-4.4.4_new/libavcodec/mpegvideo_enc.c +@@ -1263,8 +1263,8 @@ + int dst_stride = i ? s->uvlinesize : s->linesize; + int h_shift = i ? h_chroma_shift : 0; + int v_shift = i ? v_chroma_shift : 0; +- int w = s->width >> h_shift; +- int h = s->height >> v_shift; ++ int w = AV_CEIL_RSHIFT(s->width , h_shift); ++ int h = AV_CEIL_RSHIFT(s->height, v_shift); + uint8_t *src = pic_arg->data[i]; + uint8_t *dst = pic->f->data[i]; + int vpad = 16; diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes index 89fb6f3..be8559c 100644 --- a/ffmpeg-4.changes +++ b/ffmpeg-4.changes @@ -4,6 +4,13 @@ Fri Jul 26 13:19:42 UTC 2024 - Filip Kastl - Add ffmpeg-c99.patch so that the package conforms to the C99 standard and builds on i586 with GCC 14. +------------------------------------------------------------------- +Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao + +- Add ffmpeg-4-CVE-2024-32230.patch: + Backporting 96449cfe from upstream, Fix 1 line and one column images. + (CVE-2024-32230, bsc#1227296) + ------------------------------------------------------------------- Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao diff --git a/ffmpeg-4.spec b/ffmpeg-4.spec index a9af490..463007c 100644 --- a/ffmpeg-4.spec +++ b/ffmpeg-4.spec @@ -131,7 +131,8 @@ Patch17: ffmpeg-CVE-2023-49502.patch Patch18: ffmpeg-CVE-2023-51793.patch Patch19: 0001-avfilter-af_stereowiden-Check-length.patch Patch20: ffmpeg-CVE-2023-50010.patch -Patch21: ffmpeg-c99.patch +Patch21: ffmpeg-4-CVE-2024-32230.patch +Patch22: ffmpeg-c99.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel