From 1789da811ccbcee4995df35316b41e27a948e52d Mon Sep 17 00:00:00 2001
From: lzq11122 <lzq02303433@alibaba-inc.com>
Date: Tue, 11 Nov 2025 11:29:59 +0800
Subject: [PATCH] Add patch to fix CVE-2025-22919

---
 1000-add-patch-to-CVE-2025-22919.patch | 28 ++++++++++++++++++++++++++
 ffmpeg.spec                            |  7 ++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 1000-add-patch-to-CVE-2025-22919.patch

diff --git a/1000-add-patch-to-CVE-2025-22919.patch b/1000-add-patch-to-CVE-2025-22919.patch
new file mode 100644
index 0000000..9c5d711
--- /dev/null
+++ b/1000-add-patch-to-CVE-2025-22919.patch
@@ -0,0 +1,28 @@
+From 594e73a52f82ade9eb0eb781f7c4a65d8e722234 Mon Sep 17 00:00:00 2001
+From: lzq11122 <lzq02303433@alibaba-inc.com>
+Date: Tue, 11 Nov 2025 11:14:43 +0800
+Subject: [PATCH 1/1] add patch to CVE-2025-22919
+
+---
+ libavfilter/buffersrc.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c
+index 453fc0f..bc0e054 100644
+--- a/libavfilter/buffersrc.c
++++ b/libavfilter/buffersrc.c
+@@ -400,7 +400,10 @@ FF_ENABLE_DEPRECATION_WARNINGS
+         s->ch_layout = FF_COUNT2LAYOUT(s->channels);
+         av_channel_layout_describe(&s->ch_layout, buf, sizeof(buf));
+     }
+-
++    if (s->sample_rate <= 0) {
++	av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n");
++	return AVERROR(EINVAL);
++    }
+     if (!s->time_base.num)
+         s->time_base = (AVRational){1, s->sample_rate};
+ 
+-- 
+2.43.5
+
diff --git a/ffmpeg.spec b/ffmpeg.spec
index 58bde38..ce868e8 100644
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@@ -1,4 +1,4 @@
-%define anolis_release 7
+%define anolis_release 8
 
 %global av_codec_soversion 60
 %global av_device_soversion 60
@@ -28,6 +28,8 @@ Patch0003:      0003-fix-CVE-2023-49501.patch
 Patch0004:      0004-fix-CVE-2024-31578.patch
 # https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2
 Patch0005:      0005-fix-CVE-2024-31582.patch
+# https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/a01eaecf6325cefab5b26e0d905df6662db37be1
+Patch0006:      1000-add-patch-to-CVE-2025-22919.patch
 
 BuildRequires: lame-devel >= 3.98.3
 BuildRequires: libtool
@@ -412,6 +414,9 @@ rm -rf %{buildroot}%{_datadir}/%{name}/examples
 
 
 %changelog
+* Tue Nov 11 2025 lzq11122 <lzq02303433@alibaba-inc.com> - 6.1.1-8
+- Add patch to fix CVE-2025-22919
+
 * Thu Jul 3 2025 lzq11122 <lzq02303433@alibaba-inc.com> - 6.1.1-7
 - Rebuild for dav1d 1.4.0
 
-- 
Gitee