|
|
|
|
Changelog for libpostproc55_9-4.4.4-250.3.x86_64.rpm :
* Fri Sep 06 2024 Cliff Zhao - Add ffmpeg-4-CVE-2024-7055.patch: Backporting 3faadbe2 from upstream, Use 64bit for input size check, Fixes: out of array read, Fixes: poc3. (CVE-2024-7055, bsc#1229026) * Wed Aug 28 2024 Jan Engelhardt - Add 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch [boo#1229338] * Fri Jul 26 2024 Filip Kastl - Add ffmpeg-c99.patch so that the package conforms to the C99 standard and builds on i586 with GCC 14. * Tue Jul 02 2024 Cliff Zhao - Add ffmpeg-4-CVE-2024-32230.patch: Backporting 96449cfe from upstream, Fix 1 line and one column images. (CVE-2024-32230, bsc#1227296) * Sat Apr 27 2024 Cliff Zhao - Add ffmpeg-CVE-2023-50010.patch: Backporting e4d2666b from upstream, fixes the out of array access. (CVE-2023-a50010, bsc#1223256) * Fri Apr 26 2024 Jan Engelhardt - Add 0001-avfilter-af_stereowiden-Check-length.patch [boo#1223437, CVE-2023-51794] * Tue Apr 23 2024 Cliff Zhao - Add ffmpeg-CVE-2023-51793.patch: Backporting 0ecc1f0e from upstream, Fix odd height handling. (CVE-2023-51793, bsc#1223272) * Tue Apr 23 2024 Cliff Zhao - Add ffmpeg-CVE-2023-49502.patch: Backporting 737ede40 from upstream, account for chroma sub-sampling in min size calculation. (CVE-2023-49502, bsc#1223235) * Tue Apr 23 2024 Jan Engelhardt - Address boo#1223304/CVE-2023-51798: add patch 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch * Mon Apr 22 2024 Jan Engelhardt - Address boo#1223070/CVE-2024-31578: add patch 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch * Fri Feb 02 2024 Stefan Dirsch - drop support for libmfx, which is no longer supported upstream at all (boo#1219494) * Tue Dec 26 2023 Jan Engelhardt - Update ffmpeg-glslang-cxx17.patch to build with glslang 14- Disable vmaf integration as ffmpeg-4 cannot handle vmaf>=3- Delete vmaf-trim-usr-local.patch * Wed Dec 06 2023 Jan Engelhardt - Copy codec list from ffmpeg-6 * Mon Oct 30 2023 Jan Engelhardt - Add ffmpeg-glslang-cxx17.patch * Wed Oct 04 2023 Jan Engelhardt - Add 0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch to resolve build failure with binutils >= 2.41. [boo#1215945] * Tue Jun 27 2023 Jan Engelhardt - Add 0001-avcodec-libsvtav1-remove-compressed_ten_bit_format-a.patch * Wed Apr 19 2023 Bjørn Lie - Update to version 4.4.4: * avcodec/012v: Order operations for odd size handling * avcodec/alsdec: The minimal block is at least 7 bits * avcodec/bink: - Avoid undefined out of array end pointers in binkb_decode_plane() - Fix off by 1 error in ref end * avcodec/eac3dec: avoid float noise in fixed mode addition to overflow * avcodec/eatgq: : Check index increments in tgq_decode_block() * avcodec/escape124: - Fix signdness of end of input check - Fix some return codes * avcodec/ffv1dec: - Check that num h/v slices is supported - Fail earlier if prior context is corrupted - Restructure slice coordinate reading a bit * avcodec/mjpegenc: take into account component count when writing the SOF header size * avcodec/mlpdec: Check max matrix instead of max channel in noise check * avcodec/motionpixels: Mask pixels to valid values * avcodec/mpeg12dec: Check input size * avcodec/nvenc: - Fix b-frame DTS behavior with fractional framerates - Fix vbv buffer size in cq mode * avcodec/pictordec: Remove mid exit branch * avcodec/pngdec: Check deloco index more exactly * avcodec/rpzaenc: stop accessing out of bounds frame * avcodec/scpr3: Check bx * avcodec/scpr: Test bx before use * avcodec/snowenc: Fix visual weight calculation * avcodec/speedhq: Check buf_size to be big enough for DC * avcodec/sunrast: Fix maplength check * avcodec/tests/snowenc: - Fix 2nd test - Return a failure if DWT/IDWT mismatches - Unbreak DWT tests * avcodec/tiff: Ignore tile_count * avcodec/utils: - Allocate a line more for VC1 and WMV3 - Ensure linesize for SVQ3 - Use 32pixel alignment for bink * avcodec/videodsp_template: Adjust pointers to avoid undefined pointer things * avcodec/vp3: Add missing check for av_malloc * avcodec/wavpack: - Avoid undefined shift in get_tail() - Check for end of input in wv_unpack_dsd_high() * avcodec/xpmdec: Check size before allocation to avoid truncation * avfilter/vf_untile: swap the chroma shift values used for plane offsets * avformat/id3v2: Check taglen in read_uslt() * avformat/mov: Check samplesize and offset to avoid integer overflow * avformat/mxfdec: Use 64bit in remainder * avformat/nutdec: Add check for avformat_new_stream * avformat/replaygain: avoid undefined / negative abs * swscale/input: Use more unsigned intermediates * swscale/output: Bias 16bps output calculations to improve non overflowing range * swscale: aarch64: Fix yuv2rgb with negative stride * Use https for repository links- Drop patches fixed upstream: * ffmpeg-CVE-2022-3964.patch * ffmpeg-CVE-2022-3109.patch * ffmpeg-CVE-2022-3341.patch- Use ldconfig_scriptlets macro. * Thu Mar 16 2023 Jan Engelhardt - Conflict with otherproviders(ffmpeg-tools). * Fri Jan 20 2023 Alynx Zhou - Add ffmpeg-CVE-2022-3341.patch: Backport from upstream to fix null pointer dereference in decode_main_header() in libavformat/nutdec.c (bsc#1206778). * Fri Dec 23 2022 Alynx Zhou - Add ffmpeg-CVE-2022-3109.patch: Backport from upstream to fix null pointer dereference in vp3_decode_frame() (bsc#1206442). * Wed Nov 16 2022 Alynx Zhou - Add ffmpeg-CVE-2022-3964.patch: Backport from upstream to fix out of bounds read in update_block_in_prev_frame() (bsc#1205388). * Mon Oct 10 2022 Bjørn Lie - Update to version 4.4.3: * Stable bug fix release, mainly codecs, filter and format fixes.- Drop ffmpeg-sdl2-detection.patch: Fixed upstream.- Refresh patches with quilt: * ffmpeg-libglslang-detection.patch * ffmpeg-4.2-dlopen-fdk_aac.patch * Mon Aug 29 2022 Christophe Giboudeaux - Add patch to detect SDL2 >= 2.1.0 (boo#1202848): * ffmpeg-sdl2-detection.patch * Fri Jun 17 2022 Bjørn Lie - Update to version 4.4.2: * Stable bug fix release, mainly codecs, filter and format fixes.- Refresh ffmpeg-chromium.patch with quilt. * Wed Mar 23 2022 Jan Engelhardt - Add conflicts for ffmpeg-5\'s tools * Thu Mar 17 2022 Enrico Belleri - Add ffmpeg-libglslang-detection.patch: detects libglslang- Enable Vulkan filters * Sun Mar 13 2022 Predrag Ivanović - Fix OS version check, so nvcodec is enabled for Leap too. * Wed Feb 16 2022 Dominique Leuenberger - Disamble libsmbclient usage (can always be built with - -with-smbclient): the usecase of ffmpeg directly accessing smb:// shares is quite constructed (most users will have their smb shares mounted). * Sun Jan 16 2022 Callum Farmer - Add ffmpeg-chromium.patch: makes packaging Chromium easier and will allow for an easier migration for Chromium to FFmpeg 5 * Tue Nov 30 2021 Dominique Leuenberger - Add ffmpeg-4.keyring: properly validate the added gpg signature. * Thu Oct 28 2021 Bjørn Lie - Update to version 4.4.1: * Stable bug fix release, mainly codecs and format fixes.- Refresh patches with quilt.- Drop patches fixed upstream: * ffmpeg-CVE-2021-33815.patch * ffmpeg-CVE-2021-38114.patch * ffmpeg-CVE-2021-38171.patch * ffmpeg-CVE-2020-22037.patch * Sun Sep 26 2021 Alynx Zhou - Add ffmpeg-CVE-2020-22037.patch: Backport from upstream to fix denial of service vulnerability exists due to a memory leak in avcodec_alloc_context3 at options.c (bsc#1186756). * Fri Aug 27 2021 Alynx Zhou - Add ffmpeg-CVE-2021-38171.patch: Backport from upstream to fix adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value (bsc#1189724). * Tue Aug 10 2021 Alynx Zhou - Add ffmpeg-CVE-2021-38114.patch: Backport from upstream to fix the return value of the init_vlc function is not checked (bsc#1189142). * Sat Jul 10 2021 Hans-Peter Jansen - Remove second hunk of ffmpeg-CVE-2020-22046.patch, that contains a goto to a none existing label. In order to distinguish this patch from the original, I renamed it to ffmpeg-4.4-CVE-2020-22046.patch- While at it, refresh the other patches with offsets * Thu Jul 08 2021 Alynx Zhou - Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849).- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked (bsc#1186865). * Fri Jun 04 2021 Jan Engelhardt - Enable SVT-AV1 encoding * Thu May 20 2021 Daniel Molkentin - Enable vulkan on on Leap 15 * Fri Apr 16 2021 Jan Engelhardt - Enable libdavd1 on Leap 15.2+ [boo#1184830] * Fri Apr 09 2021 Jan Engelhardt - Update to release 4.4 * New demuxers, AV1 support improvements, and other enhancements. * AV1 monochrome encoding support.- Remove ffmpeg_altivec_yuv2rgb_novsx.patch (merged) * Sun Mar 14 2021 Dirk Müller - update to 4.3.2: * lots of oss-fuzz reported overflow fixes, see included ChangeLog- drop ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch 0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch 0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream * Fri Feb 05 2021 Jan Engelhardt - Add 0001-avformat-vividas-improve-extradata-packing-checks-in.patch [boo#1180519] [CVE-2020-35964] * Sun Jan 24 2021 Dirk Müller - remove dependency on OpenJPEG, this is obsolete since ffmpeg 4.0, we already build against OpenJPEG 2.1. see changes: - Dropped support for OpenJPEG versions 2.0 and below. Using OpenJPEG now requires 2.1 (or later) and pkg-config.
|
|
|