Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ffmpeg-4 for openSUSE:Factory checked in at 2024-04-24 15:13:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ffmpeg-4 (Old) and /work/SRC/openSUSE:Factory/.ffmpeg-4.new.1880 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ffmpeg-4" Wed Apr 24 15:13:22 2024 rev:64 rq:1169720 version:4.4.4 Changes: -------- --- /work/SRC/openSUSE:Factory/ffmpeg-4/ffmpeg-4.changes 2024-02-04 19:07:05.128033371 +0100 +++ /work/SRC/openSUSE:Factory/.ffmpeg-4.new.1880/ffmpeg-4.changes 2024-04-24 15:13:45.107825081 +0200 @@ -1,0 +2,6 @@ +Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jeng...@inai.de> + +- Address boo#1223070/CVE-2024-31578: add patch + 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch + +------------------------------------------------------------------- New: ---- 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch BETA DEBUG BEGIN: New:- Address boo#1223070/CVE-2024-31578: add patch 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ffmpeg-4.spec ++++++ --- /var/tmp/diff_new_pack.TsjSkq/_old 2024-04-24 15:13:46.063859222 +0200 +++ /var/tmp/diff_new_pack.TsjSkq/_new 2024-04-24 15:13:46.067859364 +0200 @@ -125,6 +125,7 @@ Patch12: 0001-avcodec-libsvtav1-remove-compressed_ten_bit_format-a.patch Patch13: 0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch Patch14: ffmpeg-glslang-cxx17.patch +Patch15: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel ++++++ 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch ++++++ >From 3bb00c0a420c3ce83c6fafee30270d69622ccad7 Mon Sep 17 00:00:00 2001 From: Zhao Zhili <zhiliz...@tencent.com> Date: Tue, 20 Feb 2024 20:08:55 +0800 Subject: [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant References: https://bugzilla.opensuse.org/1223070 References: CVE-2024-31578 Fix heap use after free when vulkan_frames_init failed. Signed-off-by: Zhao Zhili <zhiliz...@tencent.com> --- libavutil/hwcontext.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c index 1d2c2d7920..aa1329bf2b 100644 --- a/libavutil/hwcontext.c +++ b/libavutil/hwcontext.c @@ -359,7 +359,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref) if (ctx->internal->hw_type->frames_init) { ret = ctx->internal->hw_type->frames_init(ctx); if (ret < 0) - goto fail; + return ret; } if (ctx->internal->pool_internal && !ctx->pool) @@ -369,14 +369,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref) if (ctx->initial_pool_size > 0) { ret = hwframe_pool_prealloc(ref); if (ret < 0) - goto fail; + return ret; } return 0; -fail: - if (ctx->internal->hw_type->frames_uninit) - ctx->internal->hw_type->frames_uninit(ctx); - return ret; } int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref, -- 2.44.0
