diff --git a/enable_decoders b/enable_decoders index f558db4..068cb34 100644 --- a/enable_decoders +++ b/enable_decoders @@ -69,7 +69,6 @@ anull apac ape apng # animated png -apv arbc argo ass # trivial @@ -211,7 +210,7 @@ libjxl # libjxl liblc3 # liblc3 libopencore_amrnb # opencore-amr libopencore_amrwb # opencore-amr -libopenh264 # openh264 +libopenh264 # openh264_dlopen libopenjpeg # openjpeg libopus # opus librsvg # librsvg @@ -336,7 +335,6 @@ pjs png # libpng ppm # trivial prores -prores_raw prosumer psd ptx diff --git a/enable_encoders b/enable_encoders index ba284da..6dbed60 100644 --- a/enable_encoders +++ b/enable_encoders @@ -81,9 +81,8 @@ libilbc # ilbc libjxl # libjxl liblc3 # liblc3 libmp3lame # lame -liboapv libopencore_amrnb -libopenh264 # openh264 +libopenh264 # openh264_dlopen libopenjpeg # openjpeg libopus # opus librav1e # rav1e diff --git a/ffmpeg-CVE-2025-22921.patch b/ffmpeg-CVE-2025-22921.patch new file mode 100644 index 0000000..3a522c8 --- /dev/null +++ b/ffmpeg-CVE-2025-22921.patch @@ -0,0 +1,29 @@ +From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001 +From: James Almer +Date: Wed, 1 Jan 2025 23:58:39 -0300 +Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it + +Fixes NULL pointer dereferences. +Fixes ticket #11393. + +Reviewed-by: Michael Niedermayer +Signed-off-by: James Almer +--- + libavcodec/jpeg2000dec.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c +index e5e897a29f..b82d85d5ee 100644 +--- a/libavcodec/jpeg2000dec.c ++++ b/libavcodec/jpeg2000dec.c +@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile, + } + } + av_freep(&cblk->lengthinc); ++ cblk->nb_lengthinc = 0; + } + } + // Save state of stream +-- +2.48.1 + diff --git a/ffmpeg.spec b/ffmpeg.spec index fa9a894..8667534 100644 --- a/ffmpeg.spec +++ b/ffmpeg.spec @@ -47,11 +47,13 @@ # Disable dependencies not available or wanted on RHEL/EPEL %bcond chromaprint 0 %bcond flite 0 +%bcond lc3 0 %else # Break chromaprint dependency cycle (Fedora-only): # ffmpeg (libavcodec-free) → chromaprint → ffmpeg -%bcond chromaprint %{?with_bootstrap:0}%{!?with_bootstrap:1} +%bcond chromaprint %{?_with_bootstrap:0}%{!?_with_bootstrap:1} %bcond flite 1 +%bcond lc3 1 %endif %if 0%{?rhel} && 0%{?rhel} <= 9 @@ -63,14 +65,6 @@ %bcond placebo 1 %endif -%if 0%{?el10} -# Disable temporarily while we want for liblc3 to be upgraded -# Cf. https://issues.redhat.com/browse/RHEL-127169 -%bcond lc3 0 -%else -%bcond lc3 1 -%endif - # For using an alternative build of EVC codecs %bcond evc_main 0 @@ -93,19 +87,20 @@ # FIXME: GCC says there's incompatible pointer casts going on in libavdevice... %global build_type_safety_c 2 -%global av_codec_soversion 62 -%global av_device_soversion 62 -%global av_filter_soversion 11 -%global av_format_soversion 62 -%global av_util_soversion 60 -%global swresample_soversion 6 -%global swscale_soversion 9 +%global av_codec_soversion 61 +%global av_device_soversion 61 +%global av_filter_soversion 10 +%global av_format_soversion 61 +%global av_util_soversion 59 +%global postproc_soversion 58 +%global swresample_soversion 5 +%global swscale_soversion 8 Name: ffmpeg %global pkg_name %{name}%{?pkg_suffix} -Version: 8.0.1 -Release: 2%{?dist} +Version: 7.1.2 +Release: 4%{?dist} Summary: A complete solution to record, convert and stream audio and video License: GPL-3.0-or-later URL: https://ffmpeg.org/ @@ -125,6 +120,9 @@ Patch2: ffmpeg-allow-fdk-aac-free.patch # Support building with EVC base profile libraries Patch3: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20329.patch#/ffmpeg-support-evc-base-libraries.patch +# Backport fix for CVE-2025-22921 +Patch10: https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/7f9c7f9849a2155224711f0ff57ecdac6e4bfb57#/ffmpeg-CVE-2025-22921.patch + # Add first_dts getter to libavformat for Chromium # See: https://bugzilla.redhat.com/show_bug.cgi?id=2240127 # Reference: https://crbug.com/1306560 @@ -136,6 +134,7 @@ Requires: libavdevice%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavfilter%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavformat%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswresample%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswscale%{?pkg_suffix}%{_isa} = %{version}-%{release} @@ -218,7 +217,6 @@ BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(libzmq) BuildRequires: pkgconfig(lilv-0) BuildRequires: pkgconfig(lv2) -BuildRequires: pkgconfig(oapv) BuildRequires: pkgconfig(ogg) BuildRequires: pkgconfig(openal) BuildRequires: pkgconfig(opencore-amrnb) @@ -309,6 +307,7 @@ Requires: libavdevice%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavfilter%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavformat%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswresample%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswscale%{?pkg_suffix}%{_isa} = %{version}-%{release} @@ -346,6 +345,7 @@ Requires: libavdevice%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavfilter%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavformat%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavutil%{?pkg_suffix}-devel = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswresample%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswscale%{?pkg_suffix}-devel = %{version}-%{release} Requires: pkgconfig @@ -432,6 +432,7 @@ Requires: libavcodec%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavfilter%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavformat%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavutil%{?pkg_suffix}-devel = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswresample%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswscale%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavdevice%{?pkg_suffix}%{_isa} = %{version}-%{release} @@ -458,6 +459,7 @@ Summary: FFmpeg audio and video filtering library Requires: libavcodec%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavformat%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswresample%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: libswscale%{?pkg_suffix}%{_isa} = %{version}-%{release} @@ -476,6 +478,7 @@ Summary: Development files for FFmpeg's audio/video filter library Requires: libavcodec%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavformat%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavutil%{?pkg_suffix}-devel = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswresample%{?pkg_suffix}-devel = %{version}-%{release} Requires: libswscale%{?pkg_suffix}-devel = %{version}-%{release} Requires: libavfilter%{?pkg_suffix} = %{version}-%{release} @@ -543,7 +546,6 @@ This subpackage contains the headers for FFmpeg libavformat. %package -n libavutil%{?pkg_suffix} Summary: FFmpeg's utility library Group: System/Libraries -Obsoletes: libpostproc%{?pkg_suffix} < 8.0 %description -n libavutil%{?pkg_suffix} The libavutil library is a utility library to aid portable multimedia @@ -562,7 +564,6 @@ for pixel and sample formats). Summary: Development files for FFmpeg's utility library Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} Requires: pkgconfig -Obsoletes: libpostproc%{?pkg_suffix}-devel < 8.0 %description -n libavutil%{?pkg_suffix}-devel The libavutil library is a utility library to aid portable multimedia @@ -581,6 +582,41 @@ This subpackage contains the headers for FFmpeg libavutil. %dnl -------------------------------------------------------------------------------- +%package -n libpostproc%{?pkg_suffix} +Summary: FFmpeg post-processing library +Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} + +%description -n libpostproc%{?pkg_suffix} +A library with video postprocessing filters, such as deblocking and +deringing filters, noise reduction, automatic contrast and brightness +correction, linear/cubic interpolating deinterlacing. + +%files -n libpostproc%{?pkg_suffix} +%license COPYING.GPLv2 LICENSE.md +%{_libdir}/libpostproc.so.%{postproc_soversion}{,.*} + +%dnl -------------------------------------------------------------------------------- + +%package -n libpostproc%{?pkg_suffix}-devel +Summary: Development files for the FFmpeg post-processing library +Requires: libavutil%{?pkg_suffix}-devel = %{version}-%{release} +Requires: libpostproc%{?pkg_suffix}%{_isa} = %{version}-%{release} +Requires: pkgconfig + +%description -n libpostproc%{?pkg_suffix}-devel +A library with video postprocessing filters, such as deblocking and +deringing filters, noise reduction, automatic contrast and brightness +correction, linear/cubic interpolating deinterlacing. + +This subpackage contains the headers for FFmpeg libpostproc. + +%files -n libpostproc%{?pkg_suffix}-devel +%{_includedir}/%{name}/libpostproc +%{_libdir}/pkgconfig/libpostproc.pc +%{_libdir}/libpostproc.so + +%dnl -------------------------------------------------------------------------------- + %package -n libswresample%{?pkg_suffix} Summary: FFmpeg software resampling library Requires: libavutil%{?pkg_suffix}%{_isa} = %{version}-%{release} @@ -692,7 +728,7 @@ sed -i "s|check_host_cflags -O3|check_host_cflags %{optflags}|" configure install -m0755 -d _doc/examples cp -a doc/examples/{*.c,Makefile,README} _doc/examples/ -%conf +%build %set_build_flags # This is not a normal configure script, don't use %%configure @@ -786,7 +822,6 @@ cp -a doc/examples/{*.c,Makefile,README} _doc/examples/ --enable-libopencore-amrnb \ --enable-libopencore-amrwb \ --disable-libopencv \ - --enable-liboapv \ --enable-libopenh264 \ --enable-libopenjpeg \ --enable-libopenmpt \ @@ -868,6 +903,7 @@ cp -a doc/examples/{*.c,Makefile,README} _doc/examples/ %endif --enable-openal \ --disable-openssl \ + --enable-postproc \ --enable-pthreads \ --enable-sdl2 \ --enable-shared \ @@ -942,9 +978,6 @@ for i in H264 HEVC; do done %endif -%build -%set_build_flags - %make_build V=1 %make_build documentation V=1 %make_build alltools V=1 @@ -971,19 +1004,9 @@ rm -rf %{buildroot}%{_datadir} %changelog -* Thu Dec 04 2025 Marcin Juszkiewicz - 8.0.1-2 +* Thu Dec 04 2025 Marcin Juszkiewicz - 7.1.2-4 - disable dc1394 and ffnvcodec on risc-v -* Fri Nov 21 2025 Dominik Mierzejewski - 8.0.1-1 -- Update to 8.0.1 (resolves rhbz#2416044) -- Split configure step to conf stage - -* Fri Nov 14 2025 Neal Gompa - 8.0-2 -- Disable lc3 only on RHEL 10 - -* Sun Nov 02 2025 Neal Gompa - 8.0-1 -- Rebase to version 8.0 - * Sun Nov 02 2025 Dominik Mierzejewski - 7.1.2-3 - Re-enable openal support (dropped by accident in commit 5917b714, resolves rhbz#2404091) diff --git a/sources b/sources index 193e4da..7ed04be 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (ffmpeg-8.0.1.tar.xz) = 7af5cd1c7ba04f8d7ea1b54b64b9c235f2a606dc0c18d25cfdf20958bcad4851d3265b4894fc6ba5dd205c2309971c7e7fb890ee1d64e0a41a3faf159f77957f -SHA512 (ffmpeg-8.0.1.tar.xz.asc) = f56e9e89ecdf9f12e3dae90b52289e5d09bfbfc0f6e13aaf17da9330c138fdb62b132f856c2fd16f5d9f5d6bcf1725602c8781c3e5f07bda6ce1306c379792ab +SHA512 (ffmpeg-7.1.2.tar.xz) = 181e6415da359e3addbc448ff09b5cebe57d9c37106e5125c41f484adebc250502fc9efe150cb117d7378e20830715035be94c2ba4ad7c369b18af85f1a4ca20 +SHA512 (ffmpeg-7.1.2.tar.xz.asc) = b0358cea13be070a0d41b42e98c5df17ab8794b86a5f8b2a4bf0043e608a21b02fdbaad2bc3318457a9c43ef0d3c823509234ffd7292e6ea49b1eff951663f58 SHA512 (ffmpeg.keyring) = 9b36506835db36f776b7ddb53ad6fa9e915e6ca2f9c7cfebe8eb45513e1036a985283590a840ca313a111bf35dc3731f68885aaafb1fb7011ec433cc119e5165