From 0ca9fbdd84cf70cb58940a0e63b3250f61c26a0a Mon Sep 17 00:00:00 2001 From: happyworker <208suo@208suo.com> Date: Fri, 5 Jul 2024 17:19:11 +0800 Subject: [PATCH] fix CVE-2024-32230 --- ffmpeg.spec | 8 +++++++- fix-CVE-2024-32230.patch | 27 +++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 fix-CVE-2024-32230.patch diff --git a/ffmpeg.spec b/ffmpeg.spec index 3c2fd07..cd57107 100644 --- a/ffmpeg.spec +++ b/ffmpeg.spec @@ -61,7 +61,7 @@ ExclusiveArch: armv7hnl Summary: Digital VCR and streaming server Name: ffmpeg%{?flavor} Version: 4.2.4 -Release: 13 +Release: 14 License: %{ffmpeg_license} URL: http://ffmpeg.org/ %if 0%{?date} @@ -84,6 +84,9 @@ Patch11: fix-CVE-2023-51793.patch Patch12: fix-CVE-2023-50010.patch Patch13: CVE-2021-38171.patch Patch14: CVE-2021-28429.patch +Patch15: fix-CVE-2024-32230.patch + + Requires: %{name}-libs%{?_isa} = %{version}-%{release} %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel} %{?_with_libnpp:BuildRequires: pkgconfig(nppc-%{_cuda_version})} @@ -416,6 +419,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir} %changelog +* Fri Jul 5 CST 2024 happyworker <208suo@208suo.com> - 4.2.4-14 +- Fix CVE-2024-32230 + * Thu Jul 4 2024 happyworker <208suo@208suo.com> - 4.2.4-13 - Fix CVE-2021-28429 diff --git a/fix-CVE-2024-32230.patch b/fix-CVE-2024-32230.patch new file mode 100644 index 0000000..542edc3 --- /dev/null +++ b/fix-CVE-2024-32230.patch @@ -0,0 +1,27 @@ +From 45d322be951e826aac1ed838317e9f535ebcf045 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Fri, 5 Jul 2024 17:14:07 +0800 +Subject: [PATCH] avcodec/mpegvideo_enc: Fix 1 line and one column images + +--- + libavcodec/mpegvideo_enc.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c +index ae3b131..d0ad941 100644 +--- a/libavcodec/mpegvideo_enc.c ++++ b/libavcodec/mpegvideo_enc.c +@@ -1234,8 +1234,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg) + int dst_stride = i ? s->uvlinesize : s->linesize; + int h_shift = i ? h_chroma_shift : 0; + int v_shift = i ? v_chroma_shift : 0; +- int w = s->width >> h_shift; +- int h = s->height >> v_shift; ++ int w = AV_CEIL_RSHIFT(s->width , h_shift); ++ int h = AV_CEIL_RSHIFT(s->height, v_shift); + uint8_t *src = pic_arg->data[i]; + uint8_t *dst = pic->f->data[i]; + int vpad = 16; +-- +2.27.0 +