Request 904700: Submit ffmpeg-4 - openSUSE Build Service

Overview

Request 904700 accepted

- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix
a denial of service vulnerability exists in FFmpeg 4.2 due to a
memory leak in the avpriv_float_dsp_allocl function in
libavutil/float_dsp.c (bsc#1186849).
- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an
out-of-bounds array access because dc_count is not strictly
checked (bsc#1186865).

Created by AZhou almost 3 years ago
In state accepted
Package maintainers: jengelh and plater

Submit ffmpeg-4

Comments for request 904700 1

Hans-Peter Jansen (frispete) - almost 3 years ago

This doesn't compile correctly with 4.4 in non crippled mode.

https://build.opensuse.org/request/show/905444 attempts to fix this issue.

Login required, please login in order to comment

Request History

AZhou created request almost 3 years ago

- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix
a denial of service vulnerability exists in FFmpeg 4.2 due to a
memory leak in the avpriv_float_dsp_allocl function in
libavutil/float_dsp.c (bsc#1186849).
- Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an
out-of-bounds array access because dc_count is not strictly
checked (bsc#1186865).

jengelh accepted review almost 3 years ago

jengelh approved review almost 3 years ago

jengelh accepted request almost 3 years ago

openSUSE Build Service is sponsored by