diff --git a/CVE-2022-1475.patch b/CVE-2022-1475.patch deleted file mode 100644 index ce01947..0000000 --- a/CVE-2022-1475.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0fa2535254c3e45b83f3a915f91b315f6d89879d Mon Sep 17 00:00:00 2001 -From: Michael Niedermayer -Date: Tue, 2 Jul 2024 17:15:31 +0800 -Subject: [PATCH] CVE-2022-1475 - ---- - ffmpeg-4.2.4/libavcodec/g729_parser.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/ffmpeg-4.2.4/libavcodec/g729_parser.c b/ffmpeg-4.2.4/libavcodec/g729_parser.c -index fc00235..3ede92d 100644 ---- a/ffmpeg-4.2.4/libavcodec/g729_parser.c -+++ b/ffmpeg-4.2.4/libavcodec/g729_parser.c -@@ -48,6 +48,9 @@ static int g729_parse(AVCodecParserContext *s1, AVCodecContext *avctx, - av_assert1(avctx->codec_id == AV_CODEC_ID_G729); - /* FIXME: replace this heuristic block_size with more precise estimate */ - s->block_size = (avctx->bit_rate < 8000) ? G729D_6K4_BLOCK_SIZE : G729_8K_BLOCK_SIZE; -+ // channels > 2 is invalid, we pass the packet on unchanged -+ if (avctx->channels > 2) -+ s->block_size = 0; - s->block_size *= avctx->channels; - s->duration = avctx->frame_size; - } --- -2.43.0 - diff --git a/ffmpeg.spec b/ffmpeg.spec index 92883cb..f277d8c 100644 --- a/ffmpeg.spec +++ b/ffmpeg.spec @@ -61,7 +61,7 @@ ExclusiveArch: armv7hnl Summary: Digital VCR and streaming server Name: ffmpeg%{?flavor} Version: 4.2.4 -Release: 13 +Release: 12 License: %{ffmpeg_license} URL: http://ffmpeg.org/ %if 0%{?date} @@ -83,7 +83,6 @@ Patch10: CVE-2022-3109.patch Patch11: fix-CVE-2023-51793.patch Patch12: fix-CVE-2023-50010.patch Patch13: CVE-2021-38171.patch -Patch14: CVE-2022-1475.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel} %{?_with_libnpp:BuildRequires: pkgconfig(nppc-%{_cuda_version})} @@ -416,9 +415,6 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir} %changelog -* Tue Jul 2 2024 happyworker <208suo@208suo.com> - 4.2.4-13 -- Fix CVE-2022-1475 - * Tue Jul 2 2024 happyworker <208suo@208suo.com> - 4.2.4-12 - Fix CVE-2021-38171