qzhao/ffmpeg-4
SHA256
1
0
Fork 0
forked from jengelh/ffmpeg-4
Code Pull Requests Activity

Compare commits

base: qzhao:master
Branches Tags
qzhao:master qzhao:Devel qzhao:ffmpeg-4_adjust_bconds jengelh:master
..
compare: qzhao:ffmpeg-4_adjust_bconds
Branches Tags
qzhao:master qzhao:Devel qzhao:ffmpeg-4_adjust_bconds jengelh:master

1 Commits
master ... ffmpeg-4_a

Author SHA256 Message Date
ZhaoQiang
90d276f7fb orting Antonio's commit to ffmpeg-4 to adjust bconds to build the package in SLFO without xvidcore. 2025-02-21 12:39:09 +08:00
15 changed files with 154 additions and 393 deletions
Expand all files Collapse all files

33
0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
View File

@@ -1,33 +0,0 @@
From d1ed5c06e3edc5f2b5f3664c80121fa55b0baa95 Mon Sep 17 00:00:00 2001
From: Gyan Doshi <ffmpeg@gyani.pro>
Date: Sat, 22 Feb 2025 10:38:53 +0530
Subject: [PATCH] avcodec/libsvtav1: unbreak build with latest svtav1
SVT-AV1 made a change in their public API in 988e930c but without a
version bump or any other accessible marker, thus breaking ffmpeg build
with current versions of SVT-AV1.
They have finally bumped versions a month later, so check added.
---
libavcodec/libsvtav1.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libavcodec/libsvtav1.c b/libavcodec/libsvtav1.c
index 79b28eb4df..43fe531fde 100644
--- a/libavcodec/libsvtav1.c
+++ b/libavcodec/libsvtav1.c
@@ -435,7 +435,11 @@ static av_cold int eb_enc_init(AVCodecContext *avctx)
svt_enc->eos_flag = EOS_NOT_REACHED;
+#if SVT_AV1_CHECK_VERSION(3, 0, 0)
+ svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, &svt_enc->enc_params);
+#else
svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, svt_enc, &svt_enc->enc_params);
+#endif
if (svt_ret != EB_ErrorNone) {
return svt_print_error(avctx, svt_ret, "Error initializing encoder handle");
}
--
2.48.1

58
0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch Normal file
View File

@@ -0,0 +1,58 @@
From 654bd47716c4f36719fb0f3f7fd8386d5ed0b916 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Fri, 9 Aug 2024 11:32:00 +0100
Subject: [PATCH] libavcodec/arm/mlpdsp_armv5te: fix label format to work with
binutils 2.43
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
binutils 2.43 has stricter validation for labels[1] and results in errors
when building ffmpeg for armv5:
src/libavcodec/arm/mlpdsp_armv5te.S:232: Error: junk at end of line, first unrecognized character is `0'
Remove the leading zero in the "01" label to resolve this error.
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c607d6428d6c81e1e7e7a994b
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
---
libavcodec/arm/mlpdsp_armv5te.S | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libavcodec/arm/mlpdsp_armv5te.S b/libavcodec/arm/mlpdsp_armv5te.S
index 4f9aa485fd..d31568611c 100644
--- a/libavcodec/arm/mlpdsp_armv5te.S
+++ b/libavcodec/arm/mlpdsp_armv5te.S
@@ -229,7 +229,7 @@ A .endif
.endif
// Begin loop
-01:
+1:
.if TOTAL_TAPS == 0
// Things simplify a lot in this case
// In fact this could be pipelined further if it's worth it...
@@ -241,7 +241,7 @@ A .endif
str ST0, [PST, #-4]!
str ST0, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
str ST0, [PSAMP], #4 * MAX_CHANNELS
- bne 01b
+ bne 1b
.else
.if \fir_taps & 1
.set LOAD_REG, 1
@@ -333,7 +333,7 @@ T orr AC0, AC0, AC1
str ST3, [PST, #-4]!
str ST2, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
str ST3, [PSAMP], #4 * MAX_CHANNELS
- bne 01b
+ bne 1b
.endif
b 99f
--
2.46.0

32
ffmpeg-4-CVE-2024-12361.patch
View File

@@ -1,32 +0,0 @@
From 4065ff69a2ed49872f8694a03d0642b18c9d977c Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiashengjiangcool@outlook.com>
Date: Mon, 10 Jun 2024 14:18:11 +0000
Subject: [PATCH] avcodec/mpegvideo_enc: Add check for
av_packet_new_side_data()
Add check for av_packet_new_side_data() to avoid null pointer
dereference if allocation fails.
Fixes: bdc1220eeb ("h263enc: Add an option for outputting info about MBs as side data")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
---
libavcodec/mpegvideo_enc.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
index 620ca08869..d33754d115 100644
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@@ -1825,6 +1825,8 @@ int ff_mpv_encode_picture(AVCodecContext *avctx, AVPacket *pkt,
s->mb_info_ptr = av_packet_new_side_data(pkt,
AV_PKT_DATA_H263_MB_INFO,
s->mb_width*s->mb_height*12);
+ if (!s->mb_info_ptr)
+ return AVERROR(ENOMEM);
s->prev_mb_info = s->last_mb_info = s->mb_info_size = 0;
}
--
2.44.0

31
ffmpeg-4-CVE-2024-35368.patch
View File

@@ -1,31 +0,0 @@
From 4513300989502090c4fd6560544dce399a8cd53c Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Sun, 24 Sep 2023 13:15:48 +0200
Subject: [PATCH] avcodec/rkmppdec: Fix double-free on error
After having created the AVBuffer that is put into frame->buf[0],
ownership of several objects (namely an AVDRMFrameDescriptor,
an MppFrame and some AVBufferRefs framecontextref and decoder_ref)
has passed to the AVBuffer and therefore to the frame.
Yet it has nevertheless been freed manually on error
afterwards, which would lead to a double-free as soon
as the AVFrame is unreferenced.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavcodec/rkmppdec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/libavcodec/rkmppdec.c
+++ b/libavcodec/rkmppdec.c
@@ -460,8 +460,8 @@
frame->hw_frames_ctx = av_buffer_ref(decoder->frames_ref);
if (!frame->hw_frames_ctx) {
- ret = AVERROR(ENOMEM);
- goto fail;
+ av_frame_unref(frame);
+ return AVERROR(ENOMEM);
}
return 0;

23
ffmpeg-4-CVE-2024-36618.patch
View File

@@ -1,23 +0,0 @@
commit 7a089ed8e049e3bfcb22de1250b86f2106060857
Author: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Tue Mar 12 23:23:17 2024 +0100
avformat/avidec: Fix integer overflow iff ULONG_MAX < INT64_MAX
Affects many FATE-tests, see
https://fate.ffmpeg.org/report.cgi?time=20240312011016&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -1694,7 +1694,7 @@
int *idx = av_mallocz_array(s->nb_streams, sizeof(*idx));
if (!idx)
return AVERROR(ENOMEM);
- for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1LU) {
+ for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1ULL) {
int64_t max_dts = INT64_MIN / 2;
int64_t min_dts = INT64_MAX / 2;
int64_t max_buffer = 0;

29
ffmpeg-4-CVE-2025-22921.patch
View File

@@ -1,29 +0,0 @@
From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Wed, 1 Jan 2025 23:58:39 -0300
Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
Fixes NULL pointer dereferences.
Fixes ticket #11393.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
---
libavcodec/jpeg2000dec.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index e5e897a29f..b82d85d5ee 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
}
}
av_freep(&cblk->lengthinc);
+ cblk->nb_lengthinc = 0;
}
}
// Save state of stream
--
2.44.0

26
ffmpeg-4-CVE-2025-25473.patch
View File

@@ -1,26 +0,0 @@
From c08d300481b8ebb846cd43a473988fdbc6793d1b Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Fri, 17 Jan 2025 00:05:31 -0300
Subject: [PATCH] avformat/avformat: also clear FFFormatContext packet queue
when closing a muxer
packet_buffer is used in mux.c, and if a muxing process fails at a point where
packets remained in said queue, they will leak.
Fixes ticket #11419
Signed-off-by: James Almer <jamrial@gmail.com>
---
libavformat/avformat.c | 1 +
1 file changed, 1 insertion(+)
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -4478,6 +4478,7 @@
av_dict_free(&s->internal->id3v2_meta);
av_packet_free(&s->internal->pkt);
av_packet_free(&s->internal->parse_pkt);
+ avpriv_packet_list_free(&s->internal->packet_buffer, &s->internal->packet_buffer_end);
av_freep(&s->streams);
flush_packet_queue(s);
av_freep(&s->internal);

BIN
ffmpeg-4.4.5.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

11
ffmpeg-4.4.5.tar.xz.asc Normal file
View File

@@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmamzJUYHGZmbXBlZy1k
ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYZP8H/27rVRh4/NOvhP5JN2FhhWfo
BmAYgHWLag3a8P4yShGGgxhLjnd7LKOdSTIOb67Q7CgqzsQCV7c+VgUp068uhCod
J0TgnefWzw+iR3zupKEVRoFEsy/3A5RWXVWx42B7WTpkkShQWXaPHvUdH9ELwwfK
mq3TQMygmjjzDIa677i3uNUrb2CGyxdUXqGzmatUfrtXm0/mqUtz41neS5tuLQn5
xXcpmtsElkLK4ZaQWRC8w6emEyx49MqyRw7tTjIh/lPN+KTBUtcrYgDeCJt25H9s
2Hm9Obax0z2fPi71eP7GkbVXrGmwL1DcSegFW+TCW5CniWkWaWKe4+qDMepPtIo=
=byXw
-----END PGP SIGNATURE-----

BIN
ffmpeg-4.4.6.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

11
ffmpeg-4.4.6.tar.xz.asc
View File

@@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmgom1oYHGZmbXBlZy1k
ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYtS0H/3h3yGALOlSSjBmZq/+wfw0k
QrgDVTSzILA2xnhPq4d9b6JxcaiJFX2wweid0/JxTwOE8Ky0cU+ErArlmyB1OpNl
KNzy0MXgPHV3X39Tnzgytl8nQSei2aAtg1asOscV6Lwp4e76VQOu2atLHenXq7n7
xSxCqJG65opWi2yRvS89F7PmdF3VDeYNJGaukF4Lunq4OsOa/sybe45pfd/uhC/F
aAh/64/U2mhGzl2q1rdv6WIeTxtRpT+umLuUU93g20gk8Y4L3fmwbWx9UxIjUw0X
A16PQgDw7LmmTxS4NE9cHcTwCGtUvv7ajJs6oj2fPVGScLCLInLc1KkGGkSIqqE=
=sHXx
-----END PGP SIGNATURE-----

181
ffmpeg-4.changes
View File

@@ -1,114 +1,28 @@
-------------------------------------------------------------------
Fri May 30 14:28:05 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2024-36618.patch:
Backport 7a089ed8 from upstream, avformat/avidec: Fix integer
overflow iff ULONG_MAX < INT64_MAX.
(CVE-2024-36618, bsc#1234020)
-------------------------------------------------------------------
Thu May 29 20:43:43 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
- Update to release 4.4.6
* lavc/libx265: unbreak build for X265_BUILD >= 210
* ARM: vp9mc: Load only 12 pixels in the 4 pixel wide
horizontal filter
* rtmpproto: Avoid rare crashes in the `fail:` codepath in
rtmp_open
* avcodec/snow: Fix off by 1 error in run_buffer
* avcodec/mpegvideo_enc: Check FLV1 resolution limits
- Delete ffmpeg-CVE-2023-49502.patch,
0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch,
ffmpeg-4-CVE-2025-0518.patch, ffmpeg-4-CVE-2025-22919.patch (merged)
-------------------------------------------------------------------
Wed Mar 5 09:46:09 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
- Add 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
to build with SVT-AV1 3.0.0.
-------------------------------------------------------------------
Fri Feb 19 05:17:22 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2025-22921.patch:
Backport 7f9c7f98 from upstream, clear array length when
freeing it.
(CVE-2025-22921, bsc#1237382)
-------------------------------------------------------------------
Fri Feb 19 04:27:06 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2025-25473.patch:
Backport c08d3004 from upstream, clear FFFormatContext packet.
When packet_buffer is used in mux.c, and if a muxing process fails
at a point where packets remained in said queue.
(CVE-2025-25473, bsc#1237351)
-------------------------------------------------------------------
Fri Feb 19 03:18:02 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2025-0518.patch:
Backport b5b6391d from upstream, fixes memory data leak when
use sscanf().
(CVE-2025-0518, bsc#1236007)
-------------------------------------------------------------------
Fri Feb 19 02:58:01 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2025-22919.patch:
Backport 1446e37d from upstream, check for valid sample rate
As the sample rate <= 0 is invalid.
(CVE-2025-22919, bsc#1237371)
-------------------------------------------------------------------
Fri Feb 19 01:48:22 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2024-12361.patch:
Backport 4065ff69 from upstream, add check for av_packet_new_side_data()
to avoid null pointer dereference if allocation fails.
(CVE-2024-12361, bsc#1237358)
-------------------------------------------------------------------
Fri Feb 19 01:11:17 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2024-35368.patch:
Backport 45133009 from upstream, After having created the
AVBuffer that is put into frame->buf[0], ownership of several
objects Fix double-free on the AVFrame is unreferenced.
(CVE-2024-35368, bsc#1234028)
-------------------------------------------------------------------
Mon Jan 6 11:53:32 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
- Update to release 4.4.5
* Reliability/bug fixes
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464
Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int'
(CVE-2024-36613, bsc#1235092)
avformat/cafdec: dont seek beyond 64bit (CVE-2024-36617, bsc#1234019).
avformat/westwood_vqa: Fix 2g packets (CVE-2024-36616, bsc#1234018).
- Delete
0001-avcodec-libsvtav1-remove-compressed_ten_bit_format-a.patch
0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch
0001-avfilter-vf_minterpolate-Check-pts-before-division.patch
ffmpeg-CVE-2023-51793.patch
0001-avfilter-af_stereowiden-Check-length.patch
ffmpeg-fix-new-binutils.patch
ffmpeg-CVE-2023-50010.patch
ffmpeg-4-CVE-2024-32230.patch
ffmpeg-4-CVE-2024-7055.patch (all merged)
(CVE-2023-51798, bsc#1223304)
-------------------------------------------------------------------
Tue Oct 15 08:18:54 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Adjust bconds to build the package in SLFO without xvidcore.
-------------------------------------------------------------------
Mon Jan 6 11:53:32 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
- Update to release 4.4.5
* Reliability/bug fixes
- Delete
0001-avcodec-libsvtav1-remove-compressed_ten_bit_format-a.patch
0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch
0001-avfilter-vf_minterpolate-Check-pts-before-division.patch
ffmpeg-CVE-2023-51793.patch
0001-avfilter-af_stereowiden-Check-length.patch
ffmpeg-CVE-2023-50010.patch
ffmpeg-4-CVE-2024-32230.patch
ffmpeg-4-CVE-2024-7055.patch (all merged)
-------------------------------------------------------------------
Fri Sep 6 15:06:21 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2024-7055.patch:
Backport 3faadbe2 from upstream, Use 64bit for input size check,
Backporting 3faadbe2 from upstream, Use 64bit for input size check,
Fixes: out of array read, Fixes: poc3.
(CVE-2024-7055, bsc#1229026)
@@ -128,15 +42,15 @@ Fri Jul 26 13:19:42 UTC 2024 - Filip Kastl <filip.kastl@suse.com>
Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-4-CVE-2024-32230.patch:
Backport 96449cfe from upstream, Fix 1 line and one column images.
Backporting 96449cfe from upstream, Fix 1 line and one column images.
(CVE-2024-32230, bsc#1227296)
-------------------------------------------------------------------
Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-CVE-2023-50010.patch:
Backport e4d2666b from upstream, fixes the out of array access.
(CVE-2023-50010, bsc#1223256)
Backporting e4d2666b from upstream, fixes the out of array access.
(CVE-2023-a50010, bsc#1223256)
-------------------------------------------------------------------
Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
@@ -148,53 +62,34 @@ Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-CVE-2023-51793.patch:
Backport 0ecc1f0e from upstream, Fix odd height handling.
Backporting 0ecc1f0e from upstream, Fix odd height handling.
(CVE-2023-51793, bsc#1223272)
-------------------------------------------------------------------
Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-CVE-2023-49502.patch:
Backport 737ede40 from upstream, account for chroma sub-sampling
Backporting 737ede40 from upstream, account for chroma sub-sampling
in min size calculation.
(CVE-2023-49502, bsc#1223235)
-------------------------------------------------------------------
Tue Apr 23 14:25:53 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- Add 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch:
Backport 68146f06 from upstream, Check pts before division.
(CVE-2023-51798, bsc#1223304)
- Address boo#1223304/CVE-2023-51798: add patch
0001-avfilter-vf_minterpolate-Check-pts-before-division.patch
-------------------------------------------------------------------
Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- Add 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch:
Backport 76a48e85 from upstream, Check length.
(CVE-2024-31578, bsc#1223070)
-------------------------------------------------------------------
Mon Feb 12 18:23:41 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
* fixes build against dav1d, which has been updated in
SUSE:SLE-15-SP5:Update (where apparently no rebuild of ffmpeg-4
had been triggered)
- Address boo#1223070/CVE-2024-31578: add patch
0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
-------------------------------------------------------------------
Fri Feb 2 09:34:15 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
- no longer build against libmfx; build also 15.5 against libvpl
(boo#1230983, boo#1219494)
- dropping support for libmfx below covers:
* libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
* libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
* libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
* libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
* libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
* Multiple vulnerabilities in the Intel Media SDK (libmfx1) (bsc#1226892)
* Drop libmfx dependency from our product (jira #PED-10024)
- drop support for libmfx, which is no longer supported upstream
at all (boo#1219494)
-------------------------------------------------------------------
Tue Dec 26 13:36:38 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
@@ -208,13 +103,6 @@ Wed Dec 6 08:50:00 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
- Copy codec list from ffmpeg-6
-------------------------------------------------------------------
Fri Nov 3 08:17:13 UTC 2023 - Marcus Meissner <meissner@suse.com>
- Add ffmpeg-fix-new-binutils.patch:
Backport 01fc3034 from upstream, Fix build with new binutils
(bsc#1215309)
-------------------------------------------------------------------
Mon Oct 30 11:16:43 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
@@ -231,14 +119,6 @@ Tue Jun 27 07:42:23 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
- Add 0001-avcodec-libsvtav1-remove-compressed_ten_bit_format-a.patch
-------------------------------------------------------------------
Thu Apr 27 09:27:53 UTC 2023 - Alynx Zhou <alynx.zhou@suse.com>
- Add ffmpeg-4-CVE-2022-48434.patch:
Backport d4b7b3c0 from upstream, Fix use after free in
libavcodec/pthread_frame.c.
(CVE-2022-48434, bsc#1209934)
-------------------------------------------------------------------
Wed Apr 19 21:00:41 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
@@ -310,9 +190,7 @@ Wed Apr 19 21:00:41 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
* ffmpeg-CVE-2022-3964.patch
* ffmpeg-CVE-2022-3109.patch
* ffmpeg-CVE-2022-3341.patch
* ffmpeg-4-CVE-2022-48434.patch
- Use ldconfig_scriptlets macro.
(CVE-2022-48434, bsc#1209934)
-------------------------------------------------------------------
Thu Mar 16 17:54:51 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
@@ -343,7 +221,6 @@ Mon Oct 10 11:18:30 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 4.4.3:
* Stable bug fix release, mainly codecs, filter and format fixes.
* configure: extend SDL check to accept all 2.x versions (boo#12263080).
- Drop ffmpeg-sdl2-detection.patch: Fixed upstream.
- Refresh patches with quilt:
* ffmpeg-libglslang-detection.patch
@@ -408,8 +285,6 @@ Thu Oct 28 15:58:30 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
* ffmpeg-CVE-2021-38114.patch
* ffmpeg-CVE-2021-38171.patch
* ffmpeg-CVE-2020-22037.patch
- fix avfilter/vf_yadif: Fix handing of tiny images.
(CVE-2020-22021, bsc#1186586)
-------------------------------------------------------------------
Sun Sep 26 02:44:57 UTC 2021 - Alynx Zhou <alynx.zhou@suse.com>
@@ -725,7 +600,6 @@ Tue Aug 6 15:35:35 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
* mov muxer writes tracks with unspecified language instead
of English by default
* added support for using clang to compile CUDA kernels
* avcodec/g729_parser: Check channels (CVE-2022-1475, bsc#1198898)
- Drop ffmpeg-avcodec-libdav1d-AV1-decoder-wrapper.patch, merged
upstream.
- Rebase and rename
@@ -930,6 +804,7 @@ Tue Nov 06 01:39:11 UTC 2018 - sean@suspend.net
remove cve-2017-17555.diff (fixed upstream).
-------------------------------------------------------------------
Sat Nov 03 14:48:35 UTC 2018 - sean@suspend.net
- Remove 0001-avformat-fivenc-Check-audio-packet-size.patch (fixed upstream (bsc#8591d16)

11
ffmpeg-4.spec
View File

@@ -108,7 +108,7 @@
%define _major_version 4
%define _major_expected 5
Name: ffmpeg-4
Version: 4.4.6
Version: 4.4.5
Release: 0
Summary: Set of libraries for working with various multimedia formats
License: GPL-3.0-or-later
@@ -134,14 +134,9 @@ Patch10: ffmpeg-chromium.patch
Patch11: ffmpeg-libglslang-detection.patch
Patch14: ffmpeg-glslang-cxx17.patch
Patch15: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
Patch16: 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
Patch17: ffmpeg-CVE-2023-49502.patch
Patch22: ffmpeg-c99.patch
Patch24: ffmpeg-4-CVE-2024-35368.patch
Patch25: ffmpeg-4-CVE-2024-12361.patch
Patch28: ffmpeg-4-CVE-2025-25473.patch
Patch29: ffmpeg-4-CVE-2025-22921.patch
Patch30: ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
Patch31: ffmpeg-4-CVE-2024-36618.patch
Patch23: 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
BuildRequires: ladspa-devel
BuildRequires: libgsm-devel
BuildRequires: libmp3lame-devel

43
ffmpeg-CVE-2023-49502.patch Normal file
View File

@@ -0,0 +1,43 @@
From 737ede405b11a37fdd61d19cf25df296a0cb0b75
From: Cosmin Stejerean <cosmin@cosmin.at>
Date: Wed Dec 6 18:39:32 2023 +0800
Subject: avfilter/bwdif: account for chroma sub-sampling in min size calculation
References: https://bugzilla.opensuse.org/1223235
References: CVE-2023-49502
The current logic for detecting frames that are too small for the
algorithm does not account for chroma sub-sampling, and so a sample
where the luma plane is large enough, but the chroma planes are not
will not be rejected. In that event, a heap overflow will occur.
This change adjusts the logic to consider the chroma planes and makes
the change to all three bwdif implementations.
Fixes #10688
Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Philip Langdale <philipl@overt.org>
diff -Nura ffmpeg-4.4.4/libavfilter/vf_bwdif.c ffmpeg-4.4.4_new/libavfilter/vf_bwdif.c
--- ffmpeg-4.4.4/libavfilter/vf_bwdif.c 2023-04-13 02:01:50.000000000 +0800
+++ ffmpeg-4.4.4_new/libavfilter/vf_bwdif.c 2024-04-26 02:21:48.162806014 +0800
@@ -343,13 +343,14 @@
if(yadif->mode&1)
link->frame_rate = av_mul_q(link->src->inputs[0]->frame_rate, (AVRational){2,1});
- if (link->w < 3 || link->h < 4) {
- av_log(ctx, AV_LOG_ERROR, "Video of less than 3 columns or 4 lines is not supported\n");
+ yadif->csp = av_pix_fmt_desc_get(link->format);
+ yadif->filter = filter;
+
+ if (AV_CEIL_RSHIFT(link->w, yadif->csp->log2_chroma_w) < 3 || AV_CEIL_RSHIFT(link->h, yadif->csp->log2_chroma_h) < 4) {
+ av_log(ctx, AV_LOG_ERROR, "Video with planes less than 3 columns or 4 lines is not supported\n");
return AVERROR(EINVAL);
}
- yadif->csp = av_pix_fmt_desc_get(link->format);
- yadif->filter = filter;
if (yadif->csp->comp[0].depth > 8) {
s->filter_intra = filter_intra_16bit;
s->filter_line = filter_line_c_16bit;

36
ffmpeg-avcodec-libdav1d-don-t-repeatedly-parse-the-same-seq.patch
View File

@@ -1,36 +0,0 @@
commit e204846ec16c1ab34c7f3a681734cf5190433018
Author: James Almer <jamrial@gmail.com>
Date: Fri Sep 3 13:50:32 2021 -0300
avcodec/libdav1d: fix compilation after recent libdav1d API changes
They were done in preparation for an upcoming 1.0 release.
Keep supporting previous releases for the time being.
Reviewed-by: BBB
Signed-off-by: James Almer <jamrial@gmail.com>
--- a/libavcodec/libdav1d.c
+++ b/libavcodec/libdav1d.c
@@ -202,6 +202,9 @@
Libdav1dContext *dav1d = c->priv_data;
Dav1dData *data = &dav1d->data;
Dav1dPicture pic = { 0 }, *p = &pic;
+#if FF_DAV1D_VERSION_AT_LEAST(5,1)
+ enum Dav1dEventFlags event_flags = 0;
+#endif
int res;
if (!data->sz) {
@@ -280,6 +283,11 @@
frame->linesize[1] = p->stride[1];
frame->linesize[2] = p->stride[1];
+#if FF_DAV1D_VERSION_AT_LEAST(5,1)
+ dav1d_get_event_flags(dav1d->c, &event_flags);
+ if (c->pix_fmt == AV_PIX_FMT_NONE ||
+ event_flags & DAV1D_EVENT_FLAG_NEW_SEQUENCE)
+#endif
c->profile = p->seq_hdr->profile;
c->level = ((p->seq_hdr->operating_points[0].major_level - 2) << 2)
| p->seq_hdr->operating_points[0].minor_level;