diff --git a/1000-add-patch-to-CVE-2025-22919.patch b/1000-add-patch-to-CVE-2025-22919.patch new file mode 100644 index 0000000000000000000000000000000000000000..9c5d711da78d132bbd589330751aeb078c6b9156 --- /dev/null +++ b/1000-add-patch-to-CVE-2025-22919.patch @@ -0,0 +1,28 @@ +From 594e73a52f82ade9eb0eb781f7c4a65d8e722234 Mon Sep 17 00:00:00 2001 +From: lzq11122 +Date: Tue, 11 Nov 2025 11:14:43 +0800 +Subject: [PATCH 1/1] add patch to CVE-2025-22919 + +--- + libavfilter/buffersrc.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c +index 453fc0f..bc0e054 100644 +--- a/libavfilter/buffersrc.c ++++ b/libavfilter/buffersrc.c +@@ -400,7 +400,10 @@ FF_ENABLE_DEPRECATION_WARNINGS + s->ch_layout = FF_COUNT2LAYOUT(s->channels); + av_channel_layout_describe(&s->ch_layout, buf, sizeof(buf)); + } +- ++ if (s->sample_rate <= 0) { ++ av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n"); ++ return AVERROR(EINVAL); ++ } + if (!s->time_base.num) + s->time_base = (AVRational){1, s->sample_rate}; + +-- +2.43.5 + diff --git a/ffmpeg.spec b/ffmpeg.spec index 58bde38117de8afd229a4946273e7ba8bf23acdd..ce868e8adafad31a4d5cebda32cae883a2d8ab2c 100644 --- a/ffmpeg.spec +++ b/ffmpeg.spec @@ -1,4 +1,4 @@ -%define anolis_release 7 +%define anolis_release 8 %global av_codec_soversion 60 %global av_device_soversion 60 @@ -28,6 +28,8 @@ Patch0003: 0003-fix-CVE-2023-49501.patch Patch0004: 0004-fix-CVE-2024-31578.patch # https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2 Patch0005: 0005-fix-CVE-2024-31582.patch +# https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/a01eaecf6325cefab5b26e0d905df6662db37be1 +Patch0006: 1000-add-patch-to-CVE-2025-22919.patch BuildRequires: lame-devel >= 3.98.3 BuildRequires: libtool @@ -412,6 +414,9 @@ rm -rf %{buildroot}%{_datadir}/%{name}/examples %changelog +* Tue Nov 11 2025 lzq11122 - 6.1.1-8 +- Add patch to fix CVE-2025-22919 + * Thu Jul 3 2025 lzq11122 - 6.1.1-7 - Rebuild for dav1d 1.4.0