Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ffmpeg-4 for openSUSE:Factory checked in at 2021-07-12 01:24:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ffmpeg-4 (Old) and /work/SRC/openSUSE:Factory/.ffmpeg-4.new.2625 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ffmpeg-4" Mon Jul 12 01:24:48 2021 rev:41 rq:905445 version:4.4 Changes: -------- --- /work/SRC/openSUSE:Factory/ffmpeg-4/ffmpeg-4.changes 2021-06-09 21:51:52.246428614 +0200 +++ /work/SRC/openSUSE:Factory/.ffmpeg-4.new.2625/ffmpeg-4.changes 2021-07-12 01:25:07.957187013 +0200 @@ -1,0 +2,21 @@ +Sat Jul 10 10:11:32 UTC 2021 - Hans-Peter Jansen <[email protected]> + +- Remove second hunk of ffmpeg-CVE-2020-22046.patch, that contains + a goto to a none existing label. In order to distinguish this + patch from the original, I renamed it to + ffmpeg-4.4-CVE-2020-22046.patch +- While at it, refresh the other patches with offsets + +------------------------------------------------------------------- +Thu Jul 8 06:43:28 UTC 2021 - Alynx Zhou <[email protected]> + +- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix + a denial of service vulnerability exists in FFmpeg 4.2 due to a + memory leak in the avpriv_float_dsp_allocl function in + libavutil/float_dsp.c (bsc#1186849). +- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix + dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an + out-of-bounds array access because dc_count is not strictly + checked (bsc#1186865). + +------------------------------------------------------------------- New: ---- ffmpeg-4.4-CVE-2020-22046.patch ffmpeg-CVE-2021-33815.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ffmpeg-4.spec ++++++ --- /var/tmp/diff_new_pack.kM9Ko9/_old 2021-07-12 01:25:08.817180402 +0200 +++ /var/tmp/diff_new_pack.kM9Ko9/_new 2021-07-12 01:25:08.821180370 +0200 @@ -117,6 +117,8 @@ Patch4: ffmpeg-4.2-dlopen-fdk_aac.patch Patch5: soversion.patch Patch8: vmaf-trim-usr-local.patch +Patch9: ffmpeg-4.4-CVE-2020-22046.patch +Patch10: ffmpeg-CVE-2021-33815.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel ++++++ ffmpeg-4.2-dlopen-fdk_aac.patch ++++++ --- /var/tmp/diff_new_pack.kM9Ko9/_old 2021-07-12 01:25:08.881179909 +0200 +++ /var/tmp/diff_new_pack.kM9Ko9/_new 2021-07-12 01:25:08.881179909 +0200 @@ -1,7 +1,7 @@ -Index: ffmpeg-4.2.1/configure +Index: b/configure =================================================================== ---- ffmpeg-4.2.1.orig/configure -+++ ffmpeg-4.2.1/configure +--- a/configure ++++ b/configure @@ -232,6 +232,7 @@ External library support: --enable-libdc1394 enable IIDC-1394 grabbing using libdc1394 and libraw1394 [no] @@ -10,7 +10,7 @@ --enable-libflite enable flite (voice synthesis) support via libflite [no] --enable-libfontconfig enable libfontconfig, useful for drawtext filter [no] --enable-libfreetype enable libfreetype, needed for drawtext filter [no] -@@ -1724,6 +1725,7 @@ EXTERNAL_LIBRARY_GPL_LIST=" +@@ -1735,6 +1736,7 @@ EXTERNAL_LIBRARY_GPL_LIST=" EXTERNAL_LIBRARY_NONFREE_LIST=" decklink libfdk_aac @@ -18,7 +18,7 @@ openssl libtls " -@@ -6203,6 +6205,7 @@ enabled libdrm && require_pkg +@@ -6360,6 +6362,7 @@ enabled libdrm && require_pkg enabled libfdk_aac && { check_pkg_config libfdk_aac fdk-aac "fdk-aac/aacenc_lib.h" aacEncOpen || { require libfdk_aac fdk-aac/aacenc_lib.h aacEncOpen -lfdk-aac && warn "using libfdk without pkg-config"; } } @@ -26,10 +26,10 @@ flite_extralibs="-lflite_cmu_time_awb -lflite_cmu_us_awb -lflite_cmu_us_kal -lflite_cmu_us_kal16 -lflite_cmu_us_rms -lflite_cmu_us_slt -lflite_usenglish -lflite_cmulex -lflite" enabled libflite && require libflite "flite/flite.h" flite_init $flite_extralibs enabled fontconfig && enable libfontconfig -Index: ffmpeg-4.2.1/libavcodec/dlopen.h +Index: b/libavcodec/dlopen.h =================================================================== --- /dev/null -+++ ffmpeg-4.2.1/libavcodec/dlopen.h ++++ b/libavcodec/dlopen.h @@ -0,0 +1,12 @@ +#ifndef LOCALINC_DLOPEN_H +#define LOCALINC_DLOPEN_H @@ -43,10 +43,10 @@ + goto error; + +#endif -Index: ffmpeg-4.2.1/libavcodec/libfdk-aacdec.c +Index: b/libavcodec/libfdk-aacdec.c =================================================================== ---- ffmpeg-4.2.1.orig/libavcodec/libfdk-aacdec.c -+++ ffmpeg-4.2.1/libavcodec/libfdk-aacdec.c +--- a/libavcodec/libfdk-aacdec.c ++++ b/libavcodec/libfdk-aacdec.c @@ -37,6 +37,54 @@ #define AAC_PCM_MAX_OUTPUT_CHANNELS AAC_PCM_OUTPUT_CHANNELS #endif @@ -102,7 +102,7 @@ enum ConcealMethod { CONCEAL_METHOD_SPECTRAL_MUTING = 0, CONCEAL_METHOD_NOISE_SUBSTITUTION = 1, -@@ -224,6 +272,11 @@ static av_cold int fdk_aac_decode_init(A +@@ -229,6 +277,11 @@ static av_cold int fdk_aac_decode_init(A FDKAACDecContext *s = avctx->priv_data; AAC_DECODER_ERROR err; @@ -114,11 +114,11 @@ s->handle = aacDecoder_Open(avctx->extradata_size ? TT_MP4_RAW : TT_MP4_ADTS, 1); if (!s->handle) { av_log(avctx, AV_LOG_ERROR, "Error opening decoder\n"); -Index: ffmpeg-4.2.1/libavcodec/libfdk-aacenc.c +Index: b/libavcodec/libfdk-aacenc.c =================================================================== ---- ffmpeg-4.2.1.orig/libavcodec/libfdk-aacenc.c -+++ ffmpeg-4.2.1/libavcodec/libfdk-aacenc.c -@@ -34,6 +34,48 @@ +--- a/libavcodec/libfdk-aacenc.c ++++ b/libavcodec/libfdk-aacenc.c +@@ -35,6 +35,48 @@ #define FDKENC_VER_AT_LEAST(vl0, vl1) 0 #endif @@ -167,7 +167,7 @@ typedef struct AACContext { const AVClass *class; HANDLE_AACENCODER handle; -@@ -126,6 +168,11 @@ static av_cold int aac_encode_init(AVCod +@@ -128,6 +170,11 @@ static av_cold int aac_encode_init(AVCod int aot = FF_PROFILE_AAC_LOW + 1; int sce = 0, cpe = 0; ++++++ ffmpeg-4.4-CVE-2020-22046.patch ++++++ >From 097c917c147661f5378dae8fe3f7e46f43236426 Mon Sep 17 00:00:00 2001 From: Andreas Rheinhardt <[email protected]> Date: Thu, 17 Oct 2019 11:11:55 +0200 Subject: [PATCH] avcodec/ac3enc: Fix memleak Fixes ticket #8294. Signed-off-by: Andreas Rheinhardt <[email protected]> --- libavcodec/ac3enc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Index: b/libavcodec/ac3enc.c =================================================================== --- a/libavcodec/ac3enc.c +++ b/libavcodec/ac3enc.c @@ -2148,7 +2148,8 @@ av_cold int ff_ac3_encode_close(AVCodecC av_freep(&block->cpl_coord_mant); } - s->mdct_end(s); + if (s->mdct_end) + s->mdct_end(s); return 0; } ++++++ ffmpeg-CVE-2021-33815.patch ++++++ >From 26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <[email protected]> Date: Tue, 25 May 2021 19:29:18 +0200 Subject: [PATCH] avcodec/exr: More strictly check dc_count MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: out of array access Fixes: exr/deneme Found-by: Burak ??ar??k???? <[email protected]> Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/exr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/exr.c b/libavcodec/exr.c index 9377a89169..4648ed7d62 100644 --- a/libavcodec/exr.c +++ b/libavcodec/exr.c @@ -1059,11 +1059,11 @@ static int dwa_uncompress(EXRContext *s, const uint8_t *src, int compressed_size bytestream2_skip(&gb, ac_size); } - if (dc_size > 0) { + { unsigned long dest_len = dc_count * 2LL; GetByteContext agb = gb; - if (dc_count > (6LL * td->xsize * td->ysize + 63) / 64) + if (dc_count != dc_w * dc_h * 3) return AVERROR_INVALIDDATA; av_fast_padded_malloc(&td->dc_data, &td->dc_size, FFALIGN(dest_len, 64) * 2); -- 2.32.0 ++++++ ffmpeg-codec-choice.diff ++++++ --- /var/tmp/diff_new_pack.kM9Ko9/_old 2021-07-12 01:25:08.913179663 +0200 +++ /var/tmp/diff_new_pack.kM9Ko9/_new 2021-07-12 01:25:08.913179663 +0200 @@ -11,11 +11,11 @@ libavformat/matroskaenc.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) -Index: ffmpeg-4.3/libavformat/matroskaenc.c +Index: b/libavformat/matroskaenc.c =================================================================== ---- ffmpeg-4.3.orig/libavformat/matroskaenc.c -+++ ffmpeg-4.3/libavformat/matroskaenc.c -@@ -2805,16 +2805,24 @@ static const AVClass matroska_class = { +--- a/libavformat/matroskaenc.c ++++ b/libavformat/matroskaenc.c +@@ -2834,16 +2834,24 @@ static const AVClass matroska_class = { .version = LIBAVUTIL_VERSION_INT, }; @@ -44,7 +44,7 @@ .init = mkv_init, .deinit = mkv_deinit, .write_header = mkv_write_header, -@@ -2876,8 +2884,7 @@ AVOutputFormat ff_matroska_audio_muxer = +@@ -2905,8 +2913,7 @@ AVOutputFormat ff_matroska_audio_muxer = .mime_type = "audio/x-matroska", .extensions = "mka", .priv_data_size = sizeof(MatroskaMuxContext), ++++++ soversion.patch ++++++ --- /var/tmp/diff_new_pack.kM9Ko9/_old 2021-07-12 01:25:08.921179602 +0200 +++ /var/tmp/diff_new_pack.kM9Ko9/_new 2021-07-12 01:25:08.921179602 +0200 @@ -24,11 +24,11 @@ configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: ffmpeg-4.3.1/configure +Index: b/configure =================================================================== ---- ffmpeg-4.3.1.orig/configure -+++ ffmpeg-4.3.1/configure -@@ -3794,10 +3794,10 @@ SLIBPREF="lib" +--- a/configure ++++ b/configure +@@ -3833,10 +3833,10 @@ SLIBPREF="lib" SLIBSUF=".so" SLIBNAME='$(SLIBPREF)$(FULLNAME)$(SLIBSUF)' SLIBNAME_WITH_VERSION='$(SLIBNAME).$(LIBVERSION)'
