diff --git a/CVE-2020-35964.patch b/CVE-2020-35964.patch deleted file mode 100644 index 7840f270d89ab6ca4968ff1a340b8fc2497c3ff9..0000000000000000000000000000000000000000 --- a/CVE-2020-35964.patch +++ /dev/null @@ -1,68 +0,0 @@ -diff -Naru ffmpeg-4.2.4/libavformat/vividas.c ffmpeg-4.2.4-new/libavformat/vividas.c ---- ffmpeg-4.2.4/libavformat/vividas.c 2022-05-24 10:57:25.967425000 +0800 -+++ ffmpeg-4.2.4-new/libavformat/vividas.c 2022-05-24 11:07:17.698072000 +0800 -@@ -27,7 +27,7 @@ - * @author Andrzej Szombierski [qq at kuku eu org] (2010-07) - * @sa http://wiki.multimedia.cx/index.php?title=Vividas_VIV - */ -- -+#include "libavutil/avassert.h" - #include "libavutil/intreadwrite.h" - #include "avio_internal.h" - #include "avformat.h" -@@ -278,7 +278,7 @@ - - static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *buf, int size) - { -- int i,j; -+ int i, j, ret; - int64_t off; - int val_1; - int num_video; -@@ -372,7 +372,7 @@ - - if (avio_tell(pb) < off) { - int num_data; -- int xd_size = 0; -+ int xd_size = 1; - int data_len[256]; - int offset = 1; - uint8_t *p; -@@ -387,24 +387,19 @@ - return AVERROR_INVALIDDATA; - } - data_len[j] = len; -- xd_size += len; -+ xd_size += len + 1 + len/255; - } - -- st->codecpar->extradata_size = 64 + xd_size + xd_size / 255; -- if (ff_alloc_extradata(st->codecpar, st->codecpar->extradata_size)) { -- av_free(pb); -- return AVERROR(ENOMEM); -- } -+ ret = ff_alloc_extradata(st->codecpar, xd_size); -+ if (ret < 0) -+ return ret; - - p = st->codecpar->extradata; - p[0] = 2; - - for (j = 0; j < num_data - 1; j++) { - unsigned delta = av_xiphlacing(&p[offset], data_len[j]); -- if (delta > data_len[j]) { -- av_free(pb); -- return AVERROR_INVALIDDATA; -- } -+ av_assert0(delta <= xd_size - offset); - offset += delta; - } - -@@ -415,6 +410,7 @@ - av_freep(&st->codecpar->extradata); - break; - } -+ av_assert0(data_len[j] <= xd_size - offset); - offset += data_len[j]; - } - diff --git a/CVE-2021-3566.patch b/CVE-2021-3566.patch deleted file mode 100644 index 2a2ae050f7034b6daa10790c58c66bed0817486e..0000000000000000000000000000000000000000 --- a/CVE-2021-3566.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 3bce9e9b3ea35c54bacccc793d7da99ea5157532 Mon Sep 17 00:00:00 2001 -From: Paul B Mahol -Date: Mon, 27 Jan 2020 21:53:08 +0100 -Subject: [PATCH] avformat/tty: add probe function - ---- - libavformat/tty.c | 21 ++++++++++++++++++++- - 1 file changed, 20 insertions(+), 1 deletion(-) - -diff --git a/libavformat/tty.c b/libavformat/tty.c -index 8d48f2c45c12..60f7e9f87ee7 100644 ---- a/libavformat/tty.c -+++ b/libavformat/tty.c -@@ -34,6 +34,13 @@ - #include "internal.h" - #include "sauce.h" - -+static int isansicode(int x) -+{ -+ return x == 0x1B || x == 0x0A || x == 0x0D || (x >= 0x20 && x < 0x7f); -+} -+ -+static const char tty_extensions[31] = "ans,art,asc,diz,ice,nfo,txt,vt"; -+ - typedef struct TtyDemuxContext { - AVClass *class; - int chars_per_frame; -@@ -42,6 +49,17 @@ typedef struct TtyDemuxContext { - AVRational framerate; /**< Set by a private option. */ - } TtyDemuxContext; - -+static int read_probe(const AVProbeData *p) -+{ -+ int cnt = 0; -+ -+ for (int i = 0; i < p->buf_size; i++) -+ cnt += !!isansicode(p->buf[i]); -+ -+ return (cnt * 100LL / p->buf_size) * (cnt > 400) * -+ !!av_match_ext(p->filename, tty_extensions); -+} -+ - /** - * Parse EFI header - */ -@@ -153,8 +171,9 @@ AVInputFormat ff_tty_demuxer = { - .name = "tty", - .long_name = NULL_IF_CONFIG_SMALL("Tele-typewriter"), - .priv_data_size = sizeof(TtyDemuxContext), -+ .read_probe = read_probe, - .read_header = read_header, - .read_packet = read_packet, -- .extensions = "ans,art,asc,diz,ice,nfo,txt,vt", -+ .extensions = tty_extensions, - .priv_class = &tty_demuxer_class, - }; diff --git a/CVE-2021-38114.patch b/CVE-2021-38114.patch deleted file mode 100644 index 5477bea16f64bb6a0ae6e2f0a8a7909490815c1c..0000000000000000000000000000000000000000 --- a/CVE-2021-38114.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff -Naru ffmpeg-4.2.4/libavcodec/dnxhddec.c ffmpeg-4.2.4-new/libavcodec/dnxhddec.c ---- ffmpeg-4.2.4/libavcodec/dnxhddec.c 2022-05-24 10:57:19.937425000 +0800 -+++ ffmpeg-4.2.4-new/libavcodec/dnxhddec.c 2022-05-24 10:59:49.141810000 +0800 -@@ -111,6 +111,7 @@ - - static int dnxhd_init_vlc(DNXHDContext *ctx, uint32_t cid, int bitdepth) - { -+ int ret; - if (cid != ctx->cid) { - int index; - -@@ -130,19 +131,26 @@ - ff_free_vlc(&ctx->dc_vlc); - ff_free_vlc(&ctx->run_vlc); - -- init_vlc(&ctx->ac_vlc, DNXHD_VLC_BITS, 257, -+ if ((ret = init_vlc(&ctx->ac_vlc, DNXHD_VLC_BITS, 257, - ctx->cid_table->ac_bits, 1, 1, -- ctx->cid_table->ac_codes, 2, 2, 0); -- init_vlc(&ctx->dc_vlc, DNXHD_DC_VLC_BITS, bitdepth > 8 ? 14 : 12, -+ ctx->cid_table->ac_codes, 2, 2, 0)) < 0) -+ goto out; -+ if ((ret = init_vlc(&ctx->dc_vlc, DNXHD_DC_VLC_BITS, bitdepth > 8 ? 14 : 12, - ctx->cid_table->dc_bits, 1, 1, -- ctx->cid_table->dc_codes, 1, 1, 0); -- init_vlc(&ctx->run_vlc, DNXHD_VLC_BITS, 62, -+ ctx->cid_table->dc_codes, 1, 1, 0)) < 0) -+ goto out; -+ if ((ret = init_vlc(&ctx->run_vlc, DNXHD_VLC_BITS, 62, - ctx->cid_table->run_bits, 1, 1, -- ctx->cid_table->run_codes, 2, 2, 0); -+ ctx->cid_table->run_codes, 2, 2, 0)) < 0) -+ goto out; - - ctx->cid = cid; - } -- return 0; -+ ret = 0; -+out: -+ if (ret < 0) -+ av_log(ctx->avctx, AV_LOG_ERROR, "init_vlc failed\n"); -+ return ret; - } - - static av_cold int dnxhd_decode_init_thread_copy(AVCodecContext *avctx) diff --git a/CVE-2021-38291.patch b/CVE-2021-38291.patch deleted file mode 100644 index 3fbe2ba45899f4f08fe037a38d49aeccb2ca3350..0000000000000000000000000000000000000000 --- a/CVE-2021-38291.patch +++ /dev/null @@ -1,50 +0,0 @@ -From e01d306c647b5827102260b885faa223b646d2d1 Mon Sep 17 00:00:00 2001 -From: James Almer -Date: Wed, 21 Jul 2021 01:02:44 -0300 -Subject: [PATCH] avcodec/utils: don't return negative values in - av_get_audio_frame_duration() - -In some extrme cases, like with adpcm_ms samples with an extremely high channel -count, get_audio_frame_duration() may return a negative frame duration value. -Don't propagate it, and instead return 0, signaling that a duration could not -be determined. - -Fixes ticket #9312 - -Signed-off-by: James Almer ---- - libavcodec/utils.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/libavcodec/utils.c b/libavcodec/utils.c -index 5fad782f5a..cfc07cbcb8 100644 ---- a/libavcodec/utils.c -+++ b/libavcodec/utils.c -@@ -810,20 +810,22 @@ static int get_audio_frame_duration(enum AVCodecID id, int sr, int ch, int ba, - - int av_get_audio_frame_duration(AVCodecContext *avctx, int frame_bytes) - { -- return get_audio_frame_duration(avctx->codec_id, avctx->sample_rate, -+ int duration = get_audio_frame_duration(avctx->codec_id, avctx->sample_rate, - avctx->channels, avctx->block_align, - avctx->codec_tag, avctx->bits_per_coded_sample, - avctx->bit_rate, avctx->extradata, avctx->frame_size, - frame_bytes); -+ return FFMAX(0, duration); - } - - int av_get_audio_frame_duration2(AVCodecParameters *par, int frame_bytes) - { -- return get_audio_frame_duration(par->codec_id, par->sample_rate, -+ int duration = get_audio_frame_duration(par->codec_id, par->sample_rate, - par->channels, par->block_align, - par->codec_tag, par->bits_per_coded_sample, - par->bit_rate, par->extradata, par->frame_size, - frame_bytes); -+ return FFMAX(0, duration); - } - - #if !HAVE_THREADS --- -2.20.1 - diff --git a/ffmpeg-4.2.4.tar.xz b/ffmpeg-4.2.9.tar.xz similarity index 53% rename from ffmpeg-4.2.4.tar.xz rename to ffmpeg-4.2.9.tar.xz index a27b389bc2b0c4e25a3fc95c363f55d3c802b8c1..06f46575146bb065e14d7212a5347057c701d3c0 100644 Binary files a/ffmpeg-4.2.4.tar.xz and b/ffmpeg-4.2.9.tar.xz differ diff --git a/ffmpeg.spec b/ffmpeg.spec index 297e25bcc67e9bfa4add8f4326bf3d80e2395411..1bfc6652b0589a9572b513bcdf57790f0d127d07 100644 --- a/ffmpeg.spec +++ b/ffmpeg.spec @@ -60,8 +60,8 @@ ExclusiveArch: armv7hnl Summary: Digital VCR and streaming server Name: ffmpeg%{?flavor} -Version: 4.2.4 -Release: 6 +Version: 4.2.9 +Release: 1 License: GPL-3.0-or-later URL: http://ffmpeg.org/ %if 0%{?date} @@ -71,11 +71,7 @@ Source0: http://ffmpeg.org/releases/ffmpeg-%{version}.tar.xz %endif Patch0: fix_ppc_build.patch Patch1: fix-vmaf-model-path.patch -Patch2: CVE-2021-3566.patch -Patch3: CVE-2021-38291.patch -Patch4: CVE-2021-38114.patch -Patch5: CVE-2020-35964.patch -Patch6: fix-build-error-about-srt.patch +Patch2: fix-build-error-about-srt.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel} @@ -409,6 +405,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir} %changelog +* Tue Nov 14 2023 ouuleilei - 4.2.9-1 +- Upgrade to 4.2.9 + * Tue Aug 15 2023 peijiankang - 4.2.4-6 - add ix-build-error-about-srt.patch