Update changelog to add CVE fix entry for CVE-2024-36618 CVE-2024-36617 CVE-2024-36616 CVE-2024-36619 CVE-2024-36615

References: https://bugzilla.opensuse.org/1242310

0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch

@@ -0,0 +1,33 @@
+From d1ed5c06e3edc5f2b5f3664c80121fa55b0baa95 Mon Sep 17 00:00:00 2001
+From: Gyan Doshi <ffmpeg@gyani.pro>
+Date: Sat, 22 Feb 2025 10:38:53 +0530
+Subject: [PATCH] avcodec/libsvtav1: unbreak build with latest svtav1
+
+SVT-AV1 made a change in their public API in 988e930c but without a
+version bump or any other accessible marker, thus breaking ffmpeg build
+with current versions of SVT-AV1.
+
+They have finally bumped versions a month later, so check added.
+---
+ libavcodec/libsvtav1.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libavcodec/libsvtav1.c b/libavcodec/libsvtav1.c
+index 79b28eb4df..43fe531fde 100644
+--- a/libavcodec/libsvtav1.c
++++ b/libavcodec/libsvtav1.c
+@@ -435,7 +435,11 @@ static av_cold int eb_enc_init(AVCodecContext *avctx)
+ 
+     svt_enc->eos_flag = EOS_NOT_REACHED;
+ 
++#if SVT_AV1_CHECK_VERSION(3, 0, 0)
++    svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, &svt_enc->enc_params);
++#else
+     svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, svt_enc, &svt_enc->enc_params);
++#endif
+     if (svt_ret != EB_ErrorNone) {
+         return svt_print_error(avctx, svt_ret, "Error initializing encoder handle");
+     }
+-- 
+2.48.1
+

0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch

@@ -1,58 +0,0 @@
-From 654bd47716c4f36719fb0f3f7fd8386d5ed0b916 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@arm.com>
-Date: Fri, 9 Aug 2024 11:32:00 +0100
-Subject: [PATCH] libavcodec/arm/mlpdsp_armv5te: fix label format to work with
- binutils 2.43
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-binutils 2.43 has stricter validation for labels[1] and results in errors
-when building ffmpeg for armv5:
-
-src/libavcodec/arm/mlpdsp_armv5te.S:232: Error: junk at end of line, first unrecognized character is `0'
-
-Remove the leading zero in the "01" label to resolve this error.
-
-[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c607d6428d6c81e1e7e7a994b
-
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-Signed-off-by: Martin Storsjö <martin@martin.st>
----
- libavcodec/arm/mlpdsp_armv5te.S | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/libavcodec/arm/mlpdsp_armv5te.S b/libavcodec/arm/mlpdsp_armv5te.S
-index 4f9aa485fd..d31568611c 100644
---- a/libavcodec/arm/mlpdsp_armv5te.S
-+++ b/libavcodec/arm/mlpdsp_armv5te.S
-@@ -229,7 +229,7 @@ A .endif
-   .endif
- 
-         // Begin loop
--01:
-+1:
-   .if TOTAL_TAPS == 0
-         // Things simplify a lot in this case
-         // In fact this could be pipelined further if it's worth it...
-@@ -241,7 +241,7 @@ A .endif
-         str     ST0, [PST, #-4]!
-         str     ST0, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
-         str     ST0, [PSAMP], #4 * MAX_CHANNELS
--        bne     01b
-+        bne     1b
-   .else
-     .if \fir_taps & 1
-       .set LOAD_REG, 1
-@@ -333,7 +333,7 @@ T       orr     AC0, AC0, AC1
-         str     ST3, [PST, #-4]!
-         str     ST2, [PST, #4 * (MAX_BLOCKSIZE + MAX_FIR_ORDER)]
-         str     ST3, [PSAMP], #4 * MAX_CHANNELS
--        bne     01b
-+        bne     1b
-   .endif
-         b       99f
- 
--- 
-2.46.0
-

11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch

@@ -0,0 +1,27 @@
+From: François Cartegnie <fcvlcdev@free.fr>
+Date: Mon, 13 May 2024 11:37:27 +0000
+Subject: avcodec/decode: clean-up if get_hw_frames_parameters fails
+
+https://trac.ffmpeg.org/ticket/11013
+https://code.videolan.org/videolan/vlc/-/issues/28811
+
+Fixes the following assert:
+
+[00007f1df83d17e0] vaapi generic error: avcodec_get_hw_frames_parameters failed: -22
+Assertion p_dst->hwaccel_threadsafe || (!dst->hwaccel && !dst->internal->hwaccel_priv_data) failed at libavcodec/pthread_frame.c:349
+
+Reproduced from VLC with VAAPI, when fallbacking from hw to sw.
+
+--- a/libavcodec/pthread_frame.c
++++ b/libavcodec/pthread_frame.c
+@@ -344,6 +344,10 @@ FF_ENABLE_DEPRECATION_WARNINGS
+                 return err;
+         }
+ 
++       // hwaccel could have failed init due to some params
++       if(!dst->hwaccel && dst->internal->hwaccel_priv_data)
++           ff_hwaccel_uninit(dst);
++
+         // reset dst hwaccel state if needed
+         av_assert0(p_dst->hwaccel_threadsafe ||
+                    (!dst->hwaccel && !dst->internal->hwaccel_priv_data));

ffmpeg-7-CVE-2025-22921.patch

@@ -0,0 +1,29 @@
+From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Wed, 1 Jan 2025 23:58:39 -0300
+Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
+
+Fixes NULL pointer dereferences.
+Fixes ticket #11393.
+
+Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavcodec/jpeg2000dec.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
+index e5e897a29f..b82d85d5ee 100644
+--- a/libavcodec/jpeg2000dec.c
++++ b/libavcodec/jpeg2000dec.c
+@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
+                 }
+             }
+             av_freep(&cblk->lengthinc);
++            cblk->nb_lengthinc = 0;
+         }
+     }
+     // Save state of stream
+-- 
+2.44.0
+

ffmpeg-7-CVE-2025-25473.patch

@@ -0,0 +1,26 @@
+From c08d300481b8ebb846cd43a473988fdbc6793d1b Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Fri, 17 Jan 2025 00:05:31 -0300
+Subject: [PATCH] avformat/avformat: also clear FFFormatContext packet queue
+ when closing a muxer
+
+packet_buffer is used in mux.c, and if a muxing process fails at a point where
+packets remained in said queue, they will leak.
+
+Fixes ticket #11419
+
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavformat/avformat.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/libavformat/avformat.c
++++ b/libavformat/avformat.c
+@@ -184,6 +184,7 @@
+     av_dict_free(&si->id3v2_meta);
+     av_packet_free(&si->pkt);
+     av_packet_free(&si->parse_pkt);
++    avpriv_packet_list_free(&si->packet_buffer);
+     av_freep(&s->streams);
+     av_freep(&s->stream_groups);
+     ff_flush_packet_queue(s);

ffmpeg-7-fix-crashes.patch

@@ -1,113 +0,0 @@
-From 5b87869c09cece1583e74b6f796aa825a4765631 Mon Sep 17 00:00:00 2001
-From: James Almer <jamrial@gmail.com>
-Date: Wed, 31 Jul 2024 22:19:53 -0300
-Subject: [PATCH] avformat/mov: fix track handling when mixing IAMF and video
- tracks
-
-Fixes crashes when muxing the two together.
-
-Signed-off-by: James Almer <jamrial@gmail.com>
----
- libavformat/movenc.c | 37 ++++++++++++++++++++++++++++---------
- 1 file changed, 28 insertions(+), 9 deletions(-)
-
-diff --git a/libavformat/movenc.c b/libavformat/movenc.c
-index e40948edb8..d20d0bc064 100644
---- a/libavformat/movenc.c
-+++ b/libavformat/movenc.c
-@@ -7149,7 +7149,9 @@ static int mov_create_dvd_sub_decoder_specific_info(MOVTrack *track,
- static int mov_init_iamf_track(AVFormatContext *s)
- {
-     MOVMuxContext *mov = s->priv_data;
--    MOVTrack *track = &mov->tracks[0]; // IAMF if present is always the first track
-+    MOVTrack *track;
-+    IAMFContext *iamf;
-+    int first_iamf_idx = INT_MAX, last_iamf_idx = 0;
-     int nb_audio_elements = 0, nb_mix_presentations = 0;
-     int ret;
- 
-@@ -7171,24 +7173,24 @@ static int mov_init_iamf_track(AVFormatContext *s)
-         return AVERROR(EINVAL);
-     }
- 
--    track->iamf = av_mallocz(sizeof(*track->iamf));
--    if (!track->iamf)
-+    iamf = av_mallocz(sizeof(*iamf));
-+    if (!iamf)
-         return AVERROR(ENOMEM);
- 
-+
-     for (int i = 0; i < s->nb_stream_groups; i++) {
-         const AVStreamGroup *stg = s->stream_groups[i];
-         switch(stg->type) {
-         case AV_STREAM_GROUP_PARAMS_IAMF_AUDIO_ELEMENT:
-             for (int j = 0; j < stg->nb_streams; j++) {
--                track->first_iamf_idx = FFMIN(stg->streams[j]->index, track->first_iamf_idx);
--                track->last_iamf_idx  = FFMAX(stg->streams[j]->index, track->last_iamf_idx);
--                stg->streams[j]->priv_data = track;
-+                first_iamf_idx = FFMIN(stg->streams[j]->index, first_iamf_idx);
-+                last_iamf_idx  = FFMAX(stg->streams[j]->index, last_iamf_idx);
-             }
- 
--            ret = ff_iamf_add_audio_element(track->iamf, stg, s);
-+            ret = ff_iamf_add_audio_element(iamf, stg, s);
-             break;
-         case AV_STREAM_GROUP_PARAMS_IAMF_MIX_PRESENTATION:
--            ret = ff_iamf_add_mix_presentation(track->iamf, stg, s);
-+            ret = ff_iamf_add_mix_presentation(iamf, stg, s);
-             break;
-         default:
-             av_assert0(0);
-@@ -7197,8 +7199,20 @@ static int mov_init_iamf_track(AVFormatContext *s)
-             return ret;
-     }
- 
-+    track = &mov->tracks[first_iamf_idx];
-+    track->iamf = iamf;
-+    track->first_iamf_idx = first_iamf_idx;
-+    track->last_iamf_idx = last_iamf_idx;
-     track->tag = MKTAG('i','a','m','f');
- 
-+    for (int i = 0; i < s->nb_stream_groups; i++) {
-+        AVStreamGroup *stg = s->stream_groups[i];
-+        if (stg->type != AV_STREAM_GROUP_PARAMS_IAMF_AUDIO_ELEMENT)
-+            continue;
-+        for (int j = 0; j < stg->nb_streams; j++)
-+            stg->streams[j]->priv_data = track;
-+    }
-+
-     ret = avio_open_dyn_buf(&track->iamf_buf);
-     if (ret < 0)
-         return ret;
-@@ -7209,6 +7223,7 @@ static int mov_init_iamf_track(AVFormatContext *s)
- static int mov_init(AVFormatContext *s)
- {
-     MOVMuxContext *mov = s->priv_data;
-+    int has_iamf = 0;
-     int i, ret;
- 
-     mov->fc = s;
-@@ -7359,6 +7374,7 @@ static int mov_init(AVFormatContext *s)
-             }
-             st->priv_data = st;
-         }
-+        has_iamf = 1;
- 
-         if (!mov->nb_tracks) // We support one track for the entire IAMF structure
-             mov->nb_tracks++;
-@@ -7455,8 +7471,11 @@ static int mov_init(AVFormatContext *s)
-     for (int j = 0, i = 0; j < s->nb_streams; j++) {
-         AVStream *st = s->streams[j];
- 
--        if (st != st->priv_data)
-+        if (st != st->priv_data) {
-+            if (has_iamf)
-+                i += has_iamf--;
-             continue;
-+        }
-         st->priv_data = &mov->tracks[i++];
-     }
- 
--- 
-2.41.0
-

ffmpeg-7.0.2.tar.xz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmatZQYYHGZmbXBlZy1k
-ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYIlcIAKF1VWqnhhKkBHSxEnH8ipUH
-nlJmPitKaJTwgtAtHGH8DL4XlgUwxfws9YohJ6V2fz/LjD+4rcU1BB9lMKNTaEW3
-g27lIRHXC571OGgBKJFadhsbULtUu9oUOIcqS28zOl3fsok/G7NVd3ajkpiRUPhu
-LRXUXNbCIwtXbIdS0yECpiRcHMj/hX6nkY3yHrmWXAts/TtmIQyaNTbnC4ervA1s
-Ijc4cY/unb6OD9DpmC6DznVykyfzc2GjjCiNxRXrljp+MaZ7jBEMwjXfOIATwBwj
-gCN+N6nlxc5e3gMOGcAJy93iD9HpbgVDAn6S6jnB/z5+Tyv6ZeP+sytsgOCNjlQ=
-=R372
------END PGP SIGNATURE-----

ffmpeg-7.1.1.tar.xz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQFMBAABCgA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmfE+J4YHGZmbXBlZy1k
+ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYNAwH/3i5n8X6+6Gw+1U+k6Lfwe4t
+d1AmG/XyJd3ZkqnSXmtpW/p/DoHaRQLTJMHq/5jWi0Dcpr8M8VD0pZxzEksfy0XY
+xHEqKXRG37/SyoiH39+BXWOSry4shIhzTVfmQi9QGZ0i69J+ZOpP1cImWz2c6QBM
+Q2FMPv1QMVNR2UWHDGgYAvvg2qfJfGgIdQQtvAQe1q3co6LuaZC0ndgoNmNyuPLV
+nNmsoetZucoNC4M7kcevyssrRMDi+yHk5X86LfV/cBY+BKP9X8u8pieXrnctSYAh
+qqBnsg4jSj3fB96QvsFsdbUWEECKm4/gWJngMQTMk2Tg0RpQAwfHvp21Lppo/xw=
+=xzGf
+-----END PGP SIGNATURE-----

ffmpeg-7.changes

@@ -1,3 +1,144 @@
+-------------------------------------------------------------------
+Fri Apr  4 09:34:14 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
+
+- Disable OpenVINO, too many dependencies for Factory ring1.
+
+-------------------------------------------------------------------
+Tue Apr  1 23:38:08 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 7.1.1
+  * avformat/wavdec: Fix overflow of intermediate in
+    block_align check
+  * avformat/dvdvideodec: drop packets with unset PTS or DTS
+  * avutil/timecode: Avoid fps overflow in
+    av_timecode_get_smpte_from_framenum()
+  * avcodec/mjpegdec: Disallow progressive bayer images
+  * avformat/mov: don't unconditionally set all audio packets
+    in fragments as key frames
+  * avcodec/libx265: resolve build failure for
+    libx265.so.n, n >= 213
+  * avfilter/buffersrc: check for valid sample rate.
+    (CVE-2025-22919, bsc#1237371)
+  * avfilter/af_pan: Fix sscanf() use.
+    (CVE-2025-0518, bsc#1236007)   
+  * avformat/iamf_parse: add missing constrains for num_parameters
+    in audio_element_oub().
+    (CVE-2025-1816, bsc#1238728)
+- Delete ffmpeg-7-CVE-2025-22919.patch,
+  ffmpeg-7-CVE-2025-0518.patch, ffmpeg-7-CVE-2025-1816.patch
+  (merged)
+
+-------------------------------------------------------------------
+Tue Mar 25 11:48:21 UTC 2025 - Adrian Schröter <adrian@suse.de>
+
+- Move BcntSync tag to the %else part where the mini package gets defined
+
+-------------------------------------------------------------------
+Sun Mar 23 23:21:26 UTC 2025 - Mia Herkt <mia@0x0.st>
+
+- Build with OpenVINO support in libavfilter
+
+-------------------------------------------------------------------
+Sun Mar 23 15:33:59 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-7-CVE-2025-1816.patch:
+  Backport 0526535c from upstream, add missing constrains for
+  num_parameters in audio_element_oub().
+  (CVE-2025-1816, bsc#1238728)
+
+-------------------------------------------------------------------
+Wed Mar  5 09:46:09 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
+
+- Add 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
+  to build with SVT-AV1 3.0.0.
+
+-------------------------------------------------------------------
+Fri Feb 19 05:17:22 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-7-CVE-2025-22921.patch:
+  Backport 7f9c7f98 from upstream, clear array length when
+  freeing it.
+  (CVE-2025-22921, bsc#1237382)
+
+-------------------------------------------------------------------
+Fri Feb 19 04:27:06 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-7-CVE-2025-25473.patch:
+  Backport c08d3004 from upstream, clear FFFormatContext packet.
+  When packet_buffer is used in mux.c, and if a muxing process fails
+  at a point where packets remained in said queue.
+  (CVE-2025-25473, bsc#1237351)
+
+-------------------------------------------------------------------
+Fri Feb 19 03:18:02 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-7-CVE-2025-0518.patch:
+  Backport b5b6391d from upstream, fixes memory data leak when
+  use sscanf().
+  (CVE-2025-0518, bsc#1236007)
+
+-------------------------------------------------------------------
+Fri Feb 19 02:58:01 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-7-CVE-2025-22919.patch:
+  Backport 1446e37d from upstream, check for valid sample rate
+  As the sample rate <= 0 is invalid.
+  (CVE-2025-22919, bsc#1237371)
+
+-------------------------------------------------------------------
+Tue Oct 15 08:18:54 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
+
+- Adjust bconds to build the package in SLFO without xvidcore.
+
+-------------------------------------------------------------------
+Wed Oct  2 08:20:18 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 7.1
+  * ffmpeg CLI filtergraph chaining
+  * pad_vaapi, drawbox_vaapi filters
+  * vf_scale supports secondary ref input and framesync options
+  * vf_scale2ref deprecated
+  * removed DEC Alpha DSP and support code
+  * perlin video source
+  * Cropping metadata parsing and writing in Matroska and MP4/MOV
+    de/muxers
+  * YUV colorspace negotiation for codecs and filters, obsoleting
+    the YUVJ pixel format
+  * Vulkan H.264 and H.265 encoders
+  * stream specifiers in fftools can now match by stream
+    disposition
+  * LCEVC enhancement data exporting in H.26x and MP4/ISOBMFF
+  * LCEVC filter
+  * avcodec/mpegvideo_enc: Add check for av_packet_new_side_data (CVE-2024-12361, bsc#1237358)
+  * avformat/dump: print only the actual streams in a tile grid group (CVE-2025-22920, bsc#1237380)
+  * avcodec/rkmppdec: Fix double-free on error (CVE-2024-35368, bsc#1234028)
+  * avcodec/wavarc: fix signed integer overflow in block type 6/19 (CVE-2024-36619, bsc#1234023)
+  * avcodec/vp9: Fix race when attaching side-data for show-existing frame (CVE-2024-36615, bsc#1234017)
+- Delete patches/ffmpeg-7-fix-crashes.patch,
+  0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (merged)
+
+-------------------------------------------------------------------
+Mon Sep 30 12:34:56 UTC 2024 - olaf@aepfle.de
+
+- Fix assertion due to missing priv_data cleanup on failed VAAPI
+  acceleration with 11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
+  (ffmpeg#11013, vlc#28811)
+
+-------------------------------------------------------------------
+Thu Sep 26 10:02:20 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
+
+- no longer build against libmfx; build also 15.5 against libvpl
+ (boo#1230983, boo#1219494)
+
+- dropping support for libmfx below covers:
+  * libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
+  * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
+  * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
+  * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
+  * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
+  * Multiple vulnerabilities in the Intel Media SDK (libmfx1) (bsc#1226892)
+  * Drop libmfx dependency from our product (jira #PED-10024)
+
 -------------------------------------------------------------------
 Wed Aug 21 09:58:42 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
 
@@ -29,6 +170,17 @@ Wed Aug  7 07:37:24 UTC 2024 - Cliff Zhao <qzhao@suse.com>
   * avcodec/hevcdec: fix segfault on invalid film grain metadata (CVE-2024-32228, bsc#1227277)
   * avfilter/vf_tiltandshift: fix buffer offset for yuv422p input (CVE-2024-32229, bsc#1227295)
   * avcodec/mpegvideo_enc: Fix 1 line and one column images (CVE-2024-32230, bsc#1227296)
+  * avcodec/pnmdec: Use 64bit for input size check (CVE-2024-7055, bsc#1229026)
+  * fftools/ffmpeg_mux_init: Fix double-free on error (CVE-2024-35365, bsc#1235091)
+  * avformat/dxa: Adjust order of operations around block align (CVE-2024-36613, bsc#1235092)
+  * avfilter/vf_minterpolate: Check pts before division (CVE-2023-51798, bsc#1223304)
+  * avfilter/vf_weave: Fix odd height handling (CVE-2023-51793, bsc#1223272)
+  * avfilter/vf_gradfun: Do not overread last line (CVE-2023-50010, bsc#1223256)
+  * avfilter/af_stereowiden: Check length (CVE-2023-51794, bsc#1223437)
+  * avutil/hwcontext: Don't assume frames_uninit is reentrant (CVE-2024-31578, bsc#1223070)
+  * avformat/avidec: Fix integer overflow iff ULONG_MAX < INT64_MAX (CVE-2024-36618, bsc#1234020)
+  * avformat/cafdec: dont seek beyond 64bit (CVE-2024-36617, bsc#1234019)
+  * avformat/westwood_vqa: Fix 2g packets (CVE-2024-36616, bsc#1234018)
 - Drop ffmpeg-7-CVE-2024-32228.patch:
   The fix has been merged.
 - Drop ffmpeg-7-CVE-2024-32229.patch:
@@ -40,14 +192,14 @@ Wed Aug  7 07:37:24 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 Sat Aug  3 08:52:26 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-fix-crashes.patch:
-  Backporting 5b87869c from upstream, fix track handling when mixing
+  Backport 5b87869c from upstream, fix track handling when mixing
   IAMF and video tracks, Fixes crashes when muxing the two together.
 
 -------------------------------------------------------------------
 Tue Jul  5 14:18:52 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32229.patch:
-  Backporting a528a54e from upstream, Fix buffer offset for yuv422p
+  Backport a528a54e from upstream, Fix buffer offset for yuv422p
   input.
   (CVE-2024-32229, bsc#1227295)
 
@@ -55,14 +207,14 @@ Tue Jul  5 14:18:52 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 Tue Jul  2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32230.patch:
-  Backporting 96449cfe from upstream, Fix 1 line and one column images.
+  Backport 96449cfe from upstream, Fix 1 line and one column images.
   (CVE-2024-32230, bsc#1227296)
 
 -------------------------------------------------------------------
 Tue Jul  2 11:57:01 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-7-CVE-2024-32228.patch:
-  Backporting 45964876 from upstream, Fix segfault on invalid film
+  Backport 45964876 from upstream, Fix segfault on invalid film
   grain metadata.
   (CVE-2024-32228, bsc#1227277)
 

ffmpeg-7.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package ffmpeg-7
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -64,7 +64,7 @@
 %bcond_with    x265
 %bcond_with    xvid
 
-%if 0%{?suse_version} > 1500
+%if 0%{?suse_version} > 1600
 %bcond_without mysofa
 %bcond_without vidstab
 %bcond_without codec2
@@ -74,19 +74,29 @@
 %bcond_without opencore
 %bcond_without xvid
 %else
+%if 0%{?suse_version} > 1500
+%bcond_without mysofa
+%bcond_without vidstab
+%bcond_without codec2
+%bcond_without rubberband
+%bcond_without vulkan
+%bcond_without amrwb
+%bcond_without opencore
+%else
 %bcond_with mysofa
 %bcond_with vidstab
 %bcond_with codec2
 %bcond_with rubberband
 %bcond_with vulkan
 %endif
+%endif
 
 %define _name ffmpeg
 %define _major_version 7
 %define _major_expected 8
 
 Name:           ffmpeg-7
-Version:        7.0.2
+Version:        7.1.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later
@@ -109,8 +119,10 @@ Patch4:         ffmpeg-4.2-dlopen-fdk_aac.patch
 Patch5:         work-around-abi-break.patch
 Patch10:        ffmpeg-chromium.patch
 Patch91:        ffmpeg-dlopen-openh264.patch
-Patch95:        ffmpeg-7-fix-crashes.patch
+Patch15:        11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
-Patch96:        0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
+Patch18:        ffmpeg-7-CVE-2025-25473.patch
+Patch19:        ffmpeg-7-CVE-2025-22921.patch
+Patch20:        0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  libmp3lame-devel >= 3.98.3
@@ -230,11 +242,7 @@ BuildRequires:  pkgconfig(shaderc) >= 2019.1
 BuildRequires:  pkgconfig(vulkan) >= 1.3.255
 %endif
 
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} >= 150200 && 0%{?sle_version} < 150600
+%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150500
-%ifarch x86_64 %x86_64
-BuildRequires:  pkgconfig(libmfx)
-%endif
-%else
 %ifarch x86_64 %x86_64
 BuildRequires:  pkgconfig(vpl) >= 2.6
 %endif
@@ -631,11 +639,7 @@ LDFLAGS="%_lto_cflags" \
 %endif
 %endif
 	--enable-lv2 \
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} >= 150200 && 0%{?sle_version} < 150600
+%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150500
-%ifarch x86_64 %x86_64
-	--enable-libmfx \
-%endif
-%else
 %ifarch x86_64 %x86_64
 	--enable-libvpl \
 %endif
@@ -806,8 +810,14 @@ done
 
 %else
 %define _name ffmpeg
+# Patches may subtly change internal APIs, so we're sticking %%release in
+# Requires lines. It also conveniently blocks openSUSE libav* being combined
+# with Packman libav*, due to PM's unique %%release numbers.
+# This use of %%release with %flavor however requires bcnt synchro:
+#
+#!BcntSyncTag:  ffmpeg-7
 Name:           ffmpeg-7-mini
-Version:        7.0.2
+Version:        7.1.1
 Release:        0
 Summary:        Set of libraries for working with various multimedia formats
 License:        GPL-3.0-or-later
@@ -823,8 +833,7 @@ Patch4:         ffmpeg-4.2-dlopen-fdk_aac.patch
 Patch5:         work-around-abi-break.patch
 Patch10:        ffmpeg-chromium.patch
 Patch91:        ffmpeg-dlopen-openh264.patch
-Patch95:        ffmpeg-7-fix-crashes.patch
+Patch15:        11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
-Patch96:        0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
 BuildRequires:  c_compiler
 Requires:       this-is-only-for-build-envs
 

ffmpeg-chromium.patch

@@ -11,11 +11,11 @@ Add av_stream_get_first_dts for Chromium
  libavformat/utils.c    |    7 +++++++
  2 files changed, 11 insertions(+)
 
-Index: ffmpeg-7.0/libavformat/avformat.h
+Index: ffmpeg-7.1/libavformat/avformat.h
 ===================================================================
---- ffmpeg-7.0.orig/libavformat/avformat.h
+--- ffmpeg-7.1.orig/libavformat/avformat.h
-+++ ffmpeg-7.0/libavformat/avformat.h
++++ ffmpeg-7.1/libavformat/avformat.h
-@@ -1170,6 +1170,10 @@ typedef struct AVStreamGroup {
+@@ -1202,6 +1202,10 @@ typedef struct AVStreamGroup {
  
  struct AVCodecParserContext *av_stream_get_parser(const AVStream *s);
  
@@ -26,13 +26,13 @@ Index: ffmpeg-7.0/libavformat/avformat.h
  #define AV_PROGRAM_RUNNING 1
  
  /**
-Index: ffmpeg-7.0/libavformat/utils.c
+Index: ffmpeg-7.1/libavformat/utils.c
 ===================================================================
---- ffmpeg-7.0.orig/libavformat/utils.c
+--- ffmpeg-7.1.orig/libavformat/utils.c
-+++ ffmpeg-7.0/libavformat/utils.c
++++ ffmpeg-7.1/libavformat/utils.c
-@@ -56,6 +56,13 @@ int ff_unlock_avformat(void)
+@@ -44,6 +44,13 @@
-     return ff_mutex_unlock(&avformat_mutex) ? -1 : 0;
+  * various utility functions for use within FFmpeg
- }
+  */
  
 +// Chromium: We use the internal field first_dts vvv
 +int64_t av_stream_get_first_dts(const AVStream *st)

ffmpeg-dlopen-openh264.patch

@@ -23,19 +23,19 @@ Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
  create mode 100644 libavcodec/libopenh264_dlopen.c
  create mode 100644 libavcodec/libopenh264_dlopen.h
 
-Index: ffmpeg-7.0/configure
+Index: ffmpeg-7.1/configure
 ===================================================================
---- ffmpeg-7.0.orig/configure
+--- ffmpeg-7.1.orig/configure
-+++ ffmpeg-7.0/configure
++++ ffmpeg-7.1/configure
-@@ -252,6 +252,7 @@ External library support:
+@@ -255,6 +255,7 @@ External library support:
    --enable-libopencore-amrwb enable AMR-WB decoding via libopencore-amrwb [no]
    --enable-libopencv       enable video filtering via libopencv [no]
    --enable-libopenh264     enable H.264 encoding via OpenH264 [no]
 +  --enable-libopenh264-dlopen  enable H.264 encoding via dlopen()'ed OpenH264 [no]
-   --enable-libopenjpeg     enable JPEG 2000 de/encoding via OpenJPEG [no]
+   --enable-libopenjpeg     enable JPEG 2000 encoding via OpenJPEG [no]
    --enable-libopenmpt      enable decoding tracked files via libopenmpt [no]
    --enable-libopenvino     enable OpenVINO as a DNN module backend
-@@ -1933,6 +1934,7 @@ EXTERNAL_LIBRARY_LIST="
+@@ -1939,6 +1940,7 @@ EXTERNAL_LIBRARY_LIST="
      libmysofa
      libopencv
      libopenh264
@@ -43,7 +43,7 @@ Index: ffmpeg-7.0/configure
      libopenjpeg
      libopenmpt
      libopenvino
-@@ -6921,6 +6923,7 @@ enabled libopencv         && { check_hea
+@@ -6966,6 +6968,7 @@ enabled libopencv         && { check_hea
                                   require libopencv opencv2/core/core_c.h cvCreateImageHeader -lopencv_core -lopencv_imgproc; } ||
                                 require_pkg_config libopencv opencv opencv/cxcore.h cvCreateImageHeader; }
  enabled libopenh264       && require_pkg_config libopenh264 "openh264 >= 1.3.0" wels/codec_api.h WelsGetCodecVersion
@@ -51,11 +51,11 @@ Index: ffmpeg-7.0/configure
  enabled libopenjpeg       && { check_pkg_config libopenjpeg "libopenjp2 >= 2.1.0" openjpeg.h opj_version ||
                                 { require_pkg_config libopenjpeg "libopenjp2 >= 2.1.0" openjpeg.h opj_version -DOPJ_STATIC && add_cppflags -DOPJ_STATIC; } }
  enabled libopenmpt        && require_pkg_config libopenmpt "libopenmpt >= 0.2.6557" libopenmpt/libopenmpt.h openmpt_module_create -lstdc++ && append libopenmpt_extralibs "-lstdc++"
-Index: ffmpeg-7.0/libavcodec/Makefile
+Index: ffmpeg-7.1/libavcodec/Makefile
 ===================================================================
---- ffmpeg-7.0.orig/libavcodec/Makefile
+--- ffmpeg-7.1.orig/libavcodec/Makefile
-+++ ffmpeg-7.0/libavcodec/Makefile
++++ ffmpeg-7.1/libavcodec/Makefile
-@@ -1128,6 +1128,7 @@ OBJS-$(CONFIG_LIBMP3LAME_ENCODER)
+@@ -1138,6 +1138,7 @@ OBJS-$(CONFIG_LIBMP3LAME_ENCODER)
  OBJS-$(CONFIG_LIBOPENCORE_AMRNB_DECODER)  += libopencore-amr.o
  OBJS-$(CONFIG_LIBOPENCORE_AMRNB_ENCODER)  += libopencore-amr.o
  OBJS-$(CONFIG_LIBOPENCORE_AMRWB_DECODER)  += libopencore-amr.o
@@ -63,10 +63,10 @@ Index: ffmpeg-7.0/libavcodec/Makefile
  OBJS-$(CONFIG_LIBOPENH264_DECODER)        += libopenh264dec.o libopenh264.o
  OBJS-$(CONFIG_LIBOPENH264_ENCODER)        += libopenh264enc.o libopenh264.o
  OBJS-$(CONFIG_LIBOPENJPEG_ENCODER)        += libopenjpegenc.o
-Index: ffmpeg-7.0/libavcodec/libopenh264.c
+Index: ffmpeg-7.1/libavcodec/libopenh264.c
 ===================================================================
---- ffmpeg-7.0.orig/libavcodec/libopenh264.c
+--- ffmpeg-7.1.orig/libavcodec/libopenh264.c
-+++ ffmpeg-7.0/libavcodec/libopenh264.c
++++ ffmpeg-7.1/libavcodec/libopenh264.c
 @@ -20,8 +20,13 @@
   */
  
@@ -81,10 +81,10 @@ Index: ffmpeg-7.0/libavcodec/libopenh264.c
  
  #include "libavutil/error.h"
  #include "libavutil/log.h"
-Index: ffmpeg-7.0/libavcodec/libopenh264_dlopen.c
+Index: ffmpeg-7.1/libavcodec/libopenh264_dlopen.c
 ===================================================================
 --- /dev/null
-+++ ffmpeg-7.0/libavcodec/libopenh264_dlopen.c
++++ ffmpeg-7.1/libavcodec/libopenh264_dlopen.c
 @@ -0,0 +1,147 @@
 +/*
 + * OpenH264 dlopen code
@@ -233,10 +233,10 @@ Index: ffmpeg-7.0/libavcodec/libopenh264_dlopen.c
 +
 +  return 0;
 +}
-Index: ffmpeg-7.0/libavcodec/libopenh264_dlopen.h
+Index: ffmpeg-7.1/libavcodec/libopenh264_dlopen.h
 ===================================================================
 --- /dev/null
-+++ ffmpeg-7.0/libavcodec/libopenh264_dlopen.h
++++ ffmpeg-7.1/libavcodec/libopenh264_dlopen.h
 @@ -0,0 +1,58 @@
 +/*
 + * OpenH264 dlopen code
@@ -296,10 +296,10 @@ Index: ffmpeg-7.0/libavcodec/libopenh264_dlopen.h
 +#endif /* CONFIG_LIBOPENH264_DLOPEN */
 +
 +#endif /* HAVE_LIBOPENH264_DLOPEN_H */
-Index: ffmpeg-7.0/libavcodec/libopenh264dec.c
+Index: ffmpeg-7.1/libavcodec/libopenh264dec.c
 ===================================================================
---- ffmpeg-7.0.orig/libavcodec/libopenh264dec.c
+--- ffmpeg-7.1.orig/libavcodec/libopenh264dec.c
-+++ ffmpeg-7.0/libavcodec/libopenh264dec.c
++++ ffmpeg-7.1/libavcodec/libopenh264dec.c
 @@ -19,8 +19,12 @@
   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
   */
@@ -324,10 +324,10 @@ Index: ffmpeg-7.0/libavcodec/libopenh264dec.c
      if (WelsCreateDecoder(&s->decoder)) {
          av_log(avctx, AV_LOG_ERROR, "Unable to create decoder\n");
          return AVERROR_UNKNOWN;
-Index: ffmpeg-7.0/libavcodec/libopenh264enc.c
+Index: ffmpeg-7.1/libavcodec/libopenh264enc.c
 ===================================================================
---- ffmpeg-7.0.orig/libavcodec/libopenh264enc.c
+--- ffmpeg-7.1.orig/libavcodec/libopenh264enc.c
-+++ ffmpeg-7.0/libavcodec/libopenh264enc.c
++++ ffmpeg-7.1/libavcodec/libopenh264enc.c
 @@ -19,8 +19,12 @@
   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
   */

work-around-abi-break.patch

@@ -37,10 +37,10 @@ releases.
  ffbuild/library.mak |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: ffmpeg-5.1/ffbuild/library.mak
+Index: ffmpeg-7.1/ffbuild/library.mak
 ===================================================================
---- ffmpeg-5.1.orig/ffbuild/library.mak
+--- ffmpeg-7.1.orig/ffbuild/library.mak
-+++ ffmpeg-5.1/ffbuild/library.mak
++++ ffmpeg-7.1/ffbuild/library.mak
 @@ -59,7 +59,7 @@ $(SUBDIR)lib$(FULLNAME).pc: $(SUBDIR)ver
  	$$(M) $$(SRC_PATH)/ffbuild/pkgconfig_generate.sh $(NAME) "$(DESC)"