Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ffmpeg-7 for openSUSE:Factory checked in at 2026-05-13 17:53:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ffmpeg-7 (Old) and /work/SRC/openSUSE:Factory/.ffmpeg-7.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ffmpeg-7" Wed May 13 17:53:35 2026 rev:24 rq:1353059 version:7.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/ffmpeg-7/ffmpeg-7.changes 2026-04-04 19:08:32.587894332 +0200 +++ /work/SRC/openSUSE:Factory/.ffmpeg-7.new.1966/ffmpeg-7.changes 2026-05-13 17:53:57.365028928 +0200 @@ -1,0 +2,6 @@ +Wed May 13 07:13:19 UTC 2026 - Alynx Zhou <[email protected]> + +- Add ffmpeg-7-CVE-2026-40962.patch: Use 64bit in CENC subsample + bounds checks. (CVE-2026-40962, bsc#1262237) + +------------------------------------------------------------------- New: ---- ffmpeg-7-CVE-2026-40962.patch ----------(New B)---------- New: - Add ffmpeg-7-CVE-2026-40962.patch: Use 64bit in CENC subsample bounds checks. (CVE-2026-40962, bsc#1262237) ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ffmpeg-7.spec ++++++ --- /var/tmp/diff_new_pack.VSsw8N/_old 2026-05-13 17:53:59.553118999 +0200 +++ /var/tmp/diff_new_pack.VSsw8N/_new 2026-05-13 17:53:59.553118999 +0200 @@ -121,6 +121,7 @@ Patch10: ffmpeg-chromium.patch Patch15: 11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch Patch19: ffmpeg-7-CVE-2025-22921.patch +Patch20: ffmpeg-7-CVE-2026-40962.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: nasm ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.VSsw8N/_old 2026-05-13 17:53:59.669123775 +0200 +++ /var/tmp/diff_new_pack.VSsw8N/_new 2026-05-13 17:53:59.677124103 +0200 @@ -1,5 +1,5 @@ -mtime: 1775214444 -commit: 0d0c7cbc8065b1d7db6280adcc676031b2120ed5f98c1a9be344e7ec7e87d03f +mtime: 1778657185 +commit: 43e181fcb8cd65cb7140d84770b3b30efb0bb223c852f8207abb9b7310e810c1 url: https://src.opensuse.org/jengelh/ffmpeg-7 revision: master ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-05-13 09:26:25.000000000 +0200 @@ -0,0 +1 @@ +.osc ++++++ ffmpeg-7-CVE-2026-40962.patch ++++++ diff --unified --recursive --text --new-file --color ffmpeg-7.1.3.old/libavformat/mov.c ffmpeg-7.1.3/libavformat/mov.c --- ffmpeg-7.1.3.old/libavformat/mov.c 2025-11-21 09:15:18.000000000 +0800 +++ ffmpeg-7.1.3/libavformat/mov.c 2026-05-13 15:25:48.766746834 +0800 @@ -7905,7 +7905,7 @@ } for (i = 0; i < sample->subsample_count; i++) { - if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) { + if (sample->subsamples[i].bytes_of_clear_data + (int64_t)sample->subsamples[i].bytes_of_protected_data > size) { av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n"); return AVERROR_INVALIDDATA; } @@ -7960,7 +7960,7 @@ } for (i = 0; i < sample->subsample_count; i++) { - if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) { + if (sample->subsamples[i].bytes_of_clear_data + (int64_t)sample->subsamples[i].bytes_of_protected_data > size) { av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n"); return AVERROR_INVALIDDATA; } @@ -8022,7 +8022,7 @@ } for (i = 0; i < sample->subsample_count; i++) { - if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) { + if (sample->subsamples[i].bytes_of_clear_data + (int64_t)sample->subsamples[i].bytes_of_protected_data > size) { av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n"); return AVERROR_INVALIDDATA; } @@ -8087,7 +8087,7 @@ } for (i = 0; i < sample->subsample_count; i++) { - if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) { + if (sample->subsamples[i].bytes_of_clear_data + (int64_t)sample->subsamples[i].bytes_of_protected_data > size) { av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n"); return AVERROR_INVALIDDATA; }
