sync openEuler-20.03-LTS-SP1 to openEuler-22.03-LTS-SP4
This commit is contained in:
happyworker
parent
dd474b5b6d
commit
bfd2cc9787
25
CVE-2023-51794.patch
Normal file
25
CVE-2023-51794.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From a80f53d91fc1d3c523b4660a4f7ca3ede82f0bd8 Mon Sep 17 00:00:00 2001
|
||||
From: happyworker <208suo@208suo.com>
|
||||
Date: Wed, 19 Jun 2024 14:48:11 +0800
|
||||
Subject: [PATCH] Fix CVE-2023-51794
|
||||
|
||||
---
|
||||
libavfilter/af_stereowiden.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/libavfilter/af_stereowiden.c b/libavfilter/af_stereowiden.c
|
||||
index d23c8db..3d7b5bb 100644
|
||||
--- a/libavfilter/af_stereowiden.c
|
||||
+++ b/libavfilter/af_stereowiden.c
|
||||
@@ -74,6 +74,8 @@ static int config_input(AVFilterLink *inlink)
|
||||
|
||||
s->length = s->delay * inlink->sample_rate / 1000;
|
||||
s->length *= 2;
|
||||
+ if (s->length == 0)
|
||||
+ return AVERROR(EINVAL);
|
||||
s->buffer = av_calloc(s->length, sizeof(*s->buffer));
|
||||
if (!s->buffer)
|
||||
return AVERROR(ENOMEM);
|
||||
--
|
||||
2.43.0
|
||||
|
||||
43
CVE-2024-31578.patch
Normal file
43
CVE-2024-31578.patch
Normal file
@ -0,0 +1,43 @@
|
||||
From 3bb00c0a420c3ce83c6fafee30270d69622ccad7 Mon Sep 17 00:00:00 2001
|
||||
From: Zhao Zhili <zhilizhao@tencent.com>
|
||||
Date: Wed, 1 May 2024 18:08:51 +0800
|
||||
Subject: [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant.
|
||||
Fix heap use after free when vulkan_frames_init failed.
|
||||
|
||||
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
|
||||
---
|
||||
libavutil/hwcontext.c | 8 ++------
|
||||
1 file changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
|
||||
index f1e404a..3b99b8a 100644
|
||||
--- a/libavutil/hwcontext.c
|
||||
+++ b/libavutil/hwcontext.c
|
||||
@@ -358,7 +358,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
|
||||
if (ctx->internal->hw_type->frames_init) {
|
||||
ret = ctx->internal->hw_type->frames_init(ctx);
|
||||
if (ret < 0)
|
||||
- goto fail;
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
if (ctx->internal->pool_internal && !ctx->pool)
|
||||
@@ -368,14 +368,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
|
||||
if (ctx->initial_pool_size > 0) {
|
||||
ret = hwframe_pool_prealloc(ref);
|
||||
if (ret < 0)
|
||||
- goto fail;
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
return 0;
|
||||
-fail:
|
||||
- if (ctx->internal->hw_type->frames_uninit)
|
||||
- ctx->internal->hw_type->frames_uninit(ctx);
|
||||
- return ret;
|
||||
}
|
||||
|
||||
int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
|
||||
--
|
||||
2.23.0
|
||||
|
||||
10
ffmpeg.spec
10
ffmpeg.spec
@ -61,7 +61,7 @@ ExclusiveArch: armv7hnl
|
||||
Summary: Digital VCR and streaming server
|
||||
Name: ffmpeg%{?flavor}
|
||||
Version: 4.2.4
|
||||
Release: 4
|
||||
Release: 6
|
||||
License: %{ffmpeg_license}
|
||||
URL: http://ffmpeg.org/
|
||||
%if 0%{?date}
|
||||
@ -75,6 +75,8 @@ Patch2: CVE-2021-3566.patch
|
||||
Patch3: CVE-2021-38291.patch
|
||||
Patch4: CVE-2021-38114.patch
|
||||
Patch5: CVE-2020-35964.patch
|
||||
Patch6: CVE-2024-31578.patch
|
||||
Patch7: CVE-2023-51794.patch
|
||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||
%{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel}
|
||||
%{?_with_libnpp:BuildRequires: pkgconfig(nppc-%{_cuda_version})}
|
||||
@ -407,6 +409,12 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir}
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jun 19 2024 happyworker <208suo@208suo.com> - 4.2.4-6
|
||||
- Fix CVE-2023-51794
|
||||
|
||||
* Wed May 01 2024 cenhuilin <cenhuilin@kylinos.cn> - 4.2.4-5
|
||||
- fix CVE-2024-31578
|
||||
|
||||
* Thu Jun 2 2022 yangweidong <yangweidong9@huawei.com> - 4.2.4-4
|
||||
- Fix CVE-2021-38114 and CVE-2020-35964
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user