From fcdcadb49c0ad4480659531566e7a478d16ee71335e87e9d2288710ffac9055b Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Mon, 22 Apr 2024 15:53:34 +0000 Subject: [PATCH] update patches with issue report links OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-6?expand=0&rev=32 --- 0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch | 2 ++ 0001-avfilter-af_dialoguenhance-fix-overreads.patch | 2 ++ 0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch | 2 ++ 0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch | 2 ++ 0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch | 2 ++ 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch | 2 ++ 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch | 2 ++ 7 files changed, 14 insertions(+) diff --git a/0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch b/0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch index b858bcc..bfd6f74 100644 --- a/0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch +++ b/0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch @@ -2,6 +2,8 @@ From f1f973313b6edc460339c2dfa4675dd3ad72fe98 Mon Sep 17 00:00:00 2001 From: Paul B Mahol Date: Mon, 27 Nov 2023 11:52:37 +0100 Subject: [PATCH] avfilter/af_dialoguenhance: do output scaling once +References: https://bugzilla.opensuse.org/1222730 +References: CVE-2023-49528 --- libavfilter/af_dialoguenhance.c | 11 ++++------- diff --git a/0001-avfilter-af_dialoguenhance-fix-overreads.patch b/0001-avfilter-af_dialoguenhance-fix-overreads.patch index 0a0df78..591bfad 100644 --- a/0001-avfilter-af_dialoguenhance-fix-overreads.patch +++ b/0001-avfilter-af_dialoguenhance-fix-overreads.patch @@ -2,6 +2,8 @@ From 2d9ed64859c9887d0504cd71dbd5b2c15e14251a Mon Sep 17 00:00:00 2001 From: Paul B Mahol Date: Sat, 25 Nov 2023 12:54:28 +0100 Subject: [PATCH] avfilter/af_dialoguenhance: fix overreads +References: https://bugzilla.opensuse.org/1222730 +References: CVE-2023-49528 --- libavfilter/af_dialoguenhance.c | 17 +++++++++-------- diff --git a/0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch b/0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch index 76cc5b2..3f7bebf 100644 --- a/0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch +++ b/0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch @@ -2,6 +2,8 @@ From 4671fb7dfb8e72b228e04f3b81da7f2003c62240 Mon Sep 17 00:00:00 2001 From: Paul B Mahol Date: Mon, 27 Nov 2023 00:38:56 +0100 Subject: [PATCH] avfilter/af_dialoguenhance: simplify channels copy +References: https://bugzilla.opensuse.org/1222730 +References: CVE-2023-49528 --- libavfilter/af_dialoguenhance.c | 32 +++++++++++++++++--------------- diff --git a/0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch b/0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch index b504767..474b5e3 100644 --- a/0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch +++ b/0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch @@ -3,6 +3,8 @@ From: Paul B Mahol Date: Thu, 23 Nov 2023 14:58:35 +0100 Subject: [PATCH] avfilter/asrc_afirsrc: fix by one smaller allocation of buffer +References: https://bugzilla.opensuse.org/1223215 +References: CVE-2023-49501 --- libavfilter/asrc_afirsrc.c | 2 +- diff --git a/0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch b/0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch index 6567a58..44941a7 100644 --- a/0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch +++ b/0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch @@ -3,6 +3,8 @@ From: Cosmin Stejerean Date: Wed, 6 Dec 2023 18:39:32 +0800 Subject: [PATCH] avfilter/bwdif: account for chroma sub-sampling in min size calculation +References: https://bugzilla.opensuse.org/1223235 +References: CVE-2023-49502 The current logic for detecting frames that are too small for the algorithm does not account for chroma sub-sampling, and so a sample diff --git a/0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch b/0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch index 09ac8bc..00b9203 100644 --- a/0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch +++ b/0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch @@ -2,6 +2,8 @@ From 99debe5f823f45a482e1dc08de35879aa9c74bd2 Mon Sep 17 00:00:00 2001 From: Zhao Zhili Date: Fri, 29 Dec 2023 05:56:43 +0800 Subject: [PATCH] avfilter/vf_codecview: fix heap buffer overflow +References: https://bugzilla.opensuse.org/1223085 +References: CVE-2024-31582 And improve the performance by a little bit. diff --git a/0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch b/0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch index 8700084..6501dad 100644 --- a/0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch +++ b/0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch @@ -2,6 +2,8 @@ From 3bb00c0a420c3ce83c6fafee30270d69622ccad7 Mon Sep 17 00:00:00 2001 From: Zhao Zhili Date: Tue, 20 Feb 2024 20:08:55 +0800 Subject: [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant +References: https://bugzilla.opensuse.org/1223070 +References: CVE-2024-31578 Fix heap use after free when vulkan_frames_init failed.