Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ffmpeg-7 for openSUSE:Factory checked in at 2024-07-04 16:24:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ffmpeg-7 (Old) and /work/SRC/openSUSE:Factory/.ffmpeg-7.new.2080 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ffmpeg-7" Thu Jul 4 16:24:10 2024 rev:2 rq:1185067 version:7.0 Changes: -------- --- /work/SRC/openSUSE:Factory/ffmpeg-7/ffmpeg-7.changes 2024-04-23 18:56:31.911454027 +0200 +++ /work/SRC/openSUSE:Factory/.ffmpeg-7.new.2080/ffmpeg-7.changes 2024-07-04 16:25:25.556225206 +0200 @@ -1,0 +2,15 @@ +Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com> + +- Add ffmpeg-7-CVE-2024-32230.patch: + Backporting 96449cfe from upstream, Fix 1 line and one column images. + (CVE-2024-32230 bsc#1227296) + +------------------------------------------------------------------- +Tue Jul 2 11:57:01 UTC 2024 - Cliff Zhao <qzhao@suse.com> + +- Add ffmpeg-7-CVE-2024-32228.patch: + Backporting 45964876 from upstream, Fix segfault on invalid film + grain metadata. + (CVE-2024-32228, bsc#1227277) + +------------------------------------------------------------------- New: ---- ffmpeg-7-CVE-2024-32228.patch ffmpeg-7-CVE-2024-32230.patch BETA DEBUG BEGIN: New: - Add ffmpeg-7-CVE-2024-32228.patch: Backporting 45964876 from upstream, Fix segfault on invalid film New: - Add ffmpeg-7-CVE-2024-32230.patch: Backporting 96449cfe from upstream, Fix 1 line and one column images. BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ffmpeg-7.spec ++++++ --- /var/tmp/diff_new_pack.DaKB4k/_old 2024-07-04 16:25:26.236250041 +0200 +++ /var/tmp/diff_new_pack.DaKB4k/_new 2024-07-04 16:25:26.240250187 +0200 @@ -104,7 +104,6 @@ Source92: ffmpeg_get_dlopen_headers.sh Source98: http://ffmpeg.org/ffmpeg-devel.asc#/ffmpeg-7.keyring Source99: baselibs.conf - Patch1: ffmpeg-arm6l.diff Patch2: ffmpeg-new-coder-errors.diff Patch3: ffmpeg-codec-choice.diff @@ -112,7 +111,8 @@ Patch5: work-around-abi-break.patch Patch10: ffmpeg-chromium.patch Patch91: ffmpeg-dlopen-openh264.patch - +Patch92: ffmpeg-7-CVE-2024-32228.patch +Patch93: ffmpeg-7-CVE-2024-32230.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel >= 3.98.3 ++++++ ffmpeg-7-CVE-2024-32228.patch ++++++ From 459648761f5412acdc3317d5bac982ceaa257584 Mon Sep 17 00:00:00 2001 From: Niklas Haas <git@haasn.dev> Date: Sat Apr 6 13:11:09 2024 +0200 Subject: avcodec/hevcdec: fix segfault on invalid film grain metadata References: CVE-2024-32228 References: https://bugzilla.opensuse.org/1227277 Upstream: Backport from upstream Invalid input files may contain film grain metadata which survives ff_h274_film_grain_params_supported() but does not pass av_film_grain_params_select(), leading to a SIGSEGV on hevc_frame_end(). Fix this by duplicating the av_film_grain_params_select() check at frame init time. An alternative solution here would be to defer the incompatibility check to hevc_frame_end(), but this has the downside of allocating a film grain buffer even when we already know we can't apply film grain. Fixes: https://trac.ffmpeg.org/ticket/10951 --- ffmpeg-7.0/libavcodec/hevcdec.c 2024-04-05 07:22:59.000000000 +0800 +++ ffmpeg-7.0_new/libavcodec/hevcdec.c 2024-07-02 22:48:49.293996651 +0800 @@ -2892,10 +2892,16 @@ !(s->avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN) && !s->avctx->hwaccel; + ret = set_side_data(s); + if (ret < 0) + goto fail; + if (s->ref->needs_fg && - s->sei.common.film_grain_characteristics.present && - !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id, - s->ref->frame->format)) { + ( s->sei.common.film_grain_characteristics.present && + !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id, + s->ref->frame->format)) + || !av_film_grain_params_select(s->ref->frame)) { + av_log_once(s->avctx, AV_LOG_WARNING, AV_LOG_DEBUG, &s->film_grain_warning_shown, "Unsupported film grain parameters. Ignoring film grain.\n"); s->ref->needs_fg = 0; @@ -2909,10 +2915,6 @@ goto fail; } - ret = set_side_data(s); - if (ret < 0) - goto fail; - s->frame->pict_type = 3 - s->sh.slice_type; if (!IS_IRAP(s)) ++++++ ffmpeg-7-CVE-2024-32230.patch ++++++ From 96449cfeaeb95fcfd7a2b8d9ccf7719e97471ed1 Mon Sep 17 00:00:00 2001 Author: Michael Niedermayer <michael@niedermayer.cc> Date: Mon Apr 8 18:38:42 2024 +0200 Subject: avcodec/mpegvideo_enc: Fix 1 line and one column images References: CVE-2024-32230 References: https://bugzilla.opensuse.org/1227296 Upstream: Backport from upstream Fixes: Ticket10952 Fixes: poc21ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- ffmpeg-7.0/libavcodec/mpegvideo_enc.c 2024-04-05 07:22:59.000000000 +0800 +++ ffmpeg-7.0_new/libavcodec/mpegvideo_enc.c 2024-07-02 23:24:47.410634866 +0800 @@ -1198,8 +1198,8 @@ ptrdiff_t dst_stride = i ? s->uvlinesize : s->linesize; int h_shift = i ? s->chroma_x_shift : 0; int v_shift = i ? s->chroma_y_shift : 0; - int w = s->width >> h_shift; - int h = s->height >> v_shift; + int w = AV_CEIL_RSHIFT(s->width , h_shift); + int h = AV_CEIL_RSHIFT(s->height, v_shift); const uint8_t *src = pic_arg->data[i]; uint8_t *dst = pic->f->data[i]; int vpad = 16;