Package Release Info

ffmpeg-3.4.2-4.17.26

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1299
Available in Package Hub : 15 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

ffmpeg
libavdevice57
libavfilter6

Change Logs

* Thu Nov 15 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-14394.patch: Make backport from commit
  3a2d21b to fix a divide-by-zero issue (CVE-2018-14394,
  boo#1101888).
* Thu Nov 15 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-14394.patch: Make backport from commit
  3a2d21b to fix a divide-by-zero issue (CVE-2018-14394,
  boo#1101888).
Version: 3.4.2-150200.11.64.1
* Wed Apr 16 2025 qzhao@suse.com 
- Add 86f7327.patch:
  Backport 86f7327 from upstream, avformat/westwood_vqa: Fix 2g
  packets.
  https://github.com/ffmpeg/ffmpeg/commit/86f7327.patch
  (CVE-2024-36616, bsc#1234018)
* Wed Apr 16 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-36617.patch:
  Backport d973fcb from upstream, avformat/cafdec: dont seek beyond
  64bit.
  (CVE-2024-36617, bsc#1234019)
* Wed Apr 16 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-36618.patch:
  Backport 7a089ed8 from upstream, avformat/avidec: Fix integer
  overflow iff ULONG_MAX < INT64_MAX.
  (CVE-2024-36618, bsc#1234020)
* Mon Apr 14 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2022-1475.patch:
  Backport 757da97 from upstream, avcodec/g729_parser: Check channels.
  (CVE-2022-1475, bsc#1198898)
Version: 3.4.2-4.12.4
* Tue Oct 23 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-13305.patch to add a missing check for
  negative values of the mqaunt variable (CVE-2018-13305,
  bsc#1100345).
- Rename cve-2017-17555.diff to ffmpeg-CVE-2017-17555.diff.
* Tue Oct 23 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-12458.patch: Make backport from commit
  e1182fa to fix an improper integer type (CVE-2018-12458,
  bsc#1097983).
* Mon Sep 17 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-13300.patch: Make backport from commit
  95556e2 to fix an out-of-array read (CVE-2018-13300, boo#1100348).
* Fri Sep 14 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-15822.patch: Make backport from commit
  6b67d7f to fix an assertion failure (CVE-2018-15822, boo#1105869).
* Fri Jul 27 2018 kbabioch@suse.com 
- Added ffmpeg-CVE-2018-1999010.patch: Fixed multiple out of array access
  vulnerabilities in the mms protocol that could result in accessing out of
  bound data via specially crafted input files (CVE-2018-1999010 bnc#1102899).
- Added ffmpeg-CVE-2018-1999011.patch: Fixed a heap buffer overflow in asf_o
  format demuxer that could result in remote code execution (CVE-2018-1999011
  bnc#1102689)
- Added ffmpeg-CVE-2018-1999012.patch: Fix an inifnite loop vulnerability in
  pva format demuxer that can result in excessive amount of ressource
  allocation like CPU an RAM (CVE-2018-1999012 bnc#1102688).
- Added ffmpeg-CVE-2018-1999013.patch: Fix an use-after-free vulnerability in
  the realmedia demuxer that can result in vulnerability, which allowed
  attackers to read heap memory (CVE-2018-1999013, bnc#1102687).
* Fri Jul 20 2018 qzheng@suse.com 
- Add ffmpeg-CVE-2018-13302.patch: Make backport from commit
  ed22dc2 to fix out of array access issue (bnc#1100356,
  CVE-2018-13302).
* Fri Mar 23 2018 alarrosa@suse.com 
- Create a new package ffmpeg-private-devel which contains some
  headers under /usr/include/ffmpeg/private that were not installed
  by upstream. Those headers are needed by the libav package in order
  to build avconv and other tools using the libav* libraries generated
  by ffmpeg instead of its own. No other package should require
  ffmpeg-private-devel.
* Wed Mar 21 2018 alarrosa@suse.com 
- Build and install also the sidxindex tool
* Tue Feb 20 2018 bjorn.lie@gmail.com 
- Enable mpeg1video and mpeg2video in enable_decoders, and remove
  it from disable-decoders call given to configure, mpeg2 now
  available in openSUSE.
* Tue Feb 13 2018 nico.kruber@gmail.com 
- enable video stabilization/deshaking via libvidstab (optional)
* Mon Feb 12 2018 jengelh@inai.de 
- Update to new bugfix release 3.4.2
  * Fix integer overflows, multiplication overflows, undefined
    shifts, and verify buffer lengths.
  * avfilter/vf_transpose: Fix used plane count
    [boo#1078488, CVE-2018-6392]
  * avcodec/utvideodec: Fix bytes left check in decode_frame()
    [boo#1079368, CVE-2018-6621]
- Enable use of libzvbi for displaying teletext subtitles.
- Fixed a DoS in swri_audio_convert(), added cve-2017-17555.diff
  [boo#1072366, CVE-2017-17555].
* Mon Dec 11 2017 jengelh@inai.de 
- Update to new bugfix release 3.4.1
  * Fixed integer overflows, division by zero, illegal bit shifts
  * Fixed the gmc_mmx function which failed to validate width
    and height [boo#1070762, CVE-2017-17081]
  * Fixed out-of-bounds in VC-2 encoder [boo#1069407, CVE-2017-16840]
  * ffplay: use SDL2 audio API
- Removed 0001-avcodec-x86-mpegvideodsp-Fix-signedness-bug-in-need_.patch
  (upstreamed).
* Fri Dec 01 2017 jengelh@inai.de 
- Add 0001-avcodec-x86-mpegvideodsp-Fix-signedness-bug-in-need_.patch
  [boo#1070762]
* Thu Nov 30 2017 jslaby@suse.com 
- install also doc/ffserver.conf
* Tue Oct 31 2017 jengelh@inai.de 
- Get rid of ffmpeg-pkgconfig-version.patch.
* Mon Oct 16 2017 jengelh@inai.de 
- Update to new upstream release 3.4
  * New video filters: deflicker, doublewave, lumakey, pixscope,
    oscilloscope, robterts, limiter, libvmaf, unpremultiply,
    tlut2, floodifll, pseudocolor, despill, convolve, vmafmotion.
  * New audio filters: afir, crossfeed, surround, headphone,
    superequalizer, haas.
  * Some video filters with several inputs now use a common set
    of options: blend, libvmaf, lut3d, overlay, psnr, ssim. They
    must always be used by name.
  * librsvg support for svg rasterization
  * spec-compliant VP9 muxing support in MP4
  * Remove the libnut and libschroedinger muxer/demuxer wrappers
  * drop deprecated qtkit input device (use avfoundation instead)
  * SUP/PGS subtitle muxer
  * VP9 tile threading support
  * KMS screen grabber
  * CUDA thumbnail filter
  * V4L2 mem2mem HW assisted codecs
  * Rockchip MPP hardware decoding
  * (Not in openSUSE builds, only original ones:)
  * Gremlin Digital Video demuxer and decoder
  * Additional frame format support for Interplay MVE movies
  * Dolby E decoder and SMPTE 337M demuxer
  * raw G.726 muxer and demuxer, left- and right-justified
  * NewTek NDI input/output device
  * FITS demuxer, muxer, decoder and encoder
- Fixed a double free in huffyuv [boo#1064577, CVE-2017-15186]
- Fixed an out-of-bounds in ffv1dec [boo#1066428, CVE-2017-15672]
- Fixed a denial of service in rtmppkt [boo#1082335, CVE-2017-11665]
* Tue Sep 12 2017 jengelh@inai.de 
- Update to new upstream release 3.3.4.
  * avutil/pixdesc: fixed NULL deref in av_color_primaries_name
    [CVE-2017-14225] [boo#1058018]
  * avformat/asfdec: Fix DoS in asf_build_simple_index
    [CVE-2017-14223] [boo#1058019]
  * avformat/mov: Fix DoS in read_tfra
    [CVE-2017-14222] [boo#1058020].
- Dropped integrated patches:
  D 0001-avformat-hls-Fix-DoS-due-to-infinite-loop.patch
  D 0001-avformat-nsvdec-Fix-DoS-due-to-lack-of-eof-check-in-.patch
  D 0002-avformat-asfdec-Fix-DoS-due-to-lack-of-eof-check.patch
  D 0002-avformat-mxfdec-Fix-DoS-issues-in-mxf_read_index_ent.patch
  D 0003-avformat-cinedec-Fix-DoS-due-to-lack-of-eof-check.patch
  D 0003-avformat-mxfdec-Fix-Sign-error-in-mxf_read_primer_pa.patch
  D 0004-avformat-rmdec-Fix-DoS-due-to-lack-of-eof-check.patch
  D 0005-avformat-rl2-Fix-DoS-due-to-lack-of-eof-check.patch
  D 0006-avformat-mvdec-Fix-DoS-due-to-lack-of-eof-check.patch
* Thu Sep 07 2017 jengelh@inai.de 
- Add 0001-avformat-nsvdec-Fix-DoS-due-to-lack-of-eof-check-in-.patch
  [CVE-2017-14171] [boo#1057539],
  0002-avformat-mxfdec-Fix-DoS-issues-in-mxf_read_index_ent.patch
  [CVE-2017-14170] [boo#1057537],
  0003-avformat-mxfdec-Fix-Sign-error-in-mxf_read_primer_pa.patch
  [CVE-2017-14169] [boo#1057536]
* Mon Sep 04 2017 jengelh@inai.de 
- Add 0001-avformat-hls-Fix-DoS-due-to-infinite-loop.patch
  [CVE-2017-14058] [boo#1056762],
  0002-avformat-asfdec-Fix-DoS-due-to-lack-of-eof-check.patch
  [CVE-2017-14057] [boo#1056761],
  0003-avformat-cinedec-Fix-DoS-due-to-lack-of-eof-check.patch
  [CVE-2017-14059] [boo#1056763],
  0004-avformat-rmdec-Fix-DoS-due-to-lack-of-eof-check.patch
  [CVE-2017-14054] [boo#1056765],
  0005-avformat-rl2-Fix-DoS-due-to-lack-of-eof-check.patch
  (code not enabled in openSUSE, though in packman)
  [CVE-2017-14056] [boo#1056760],
  0006-avformat-mvdec-Fix-DoS-due-to-lack-of-eof-check.patch
  [CVE-2017-14055] [boo#1056766]
* Sat Aug 26 2017 jengelh@inai.de 
- Unconditionalize celt, ass, openjpeg, webp, netcdf, libva, vdpau.
Version: 3.4.2-150200.11.44.1
* Sat Apr 27 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2023-50010.patch:
  Backporting e4d2666b from upstream, fixes the out of array access.
  (CVE-2023-50010 bsc#1223256)
Version: 3.4.2-150200.11.41.1
* Fri Apr 19 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2024-31578.patch:
  Backporting ab0fdaed from upstream, Fix heap use after free when
  vulkan_frames_init failed.
  (CVE-2024-31578 bsc#1223070)
* Wed Apr 10 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2023-49502.patch
  Backporting 737ede40 from upstream, Adjusts the logic to consider
  the chroma planes and makes the change to all three bwdif
  implementations.
  (CVE-2023-49502 bsc#1223235)
Version: 3.4.2-150200.11.34.2
* Tue Feb 06 2024 meissner@suse.com 
- ffmpeg-fix-new-binutils.patch: fix build with new binutils
Version: 3.4.2-150200.11.31.1
* Wed Aug 30 2023 songchuan.kang@suse.com 
- Add ffmpeg-CVE-2021-28429.patch: Fix Integer overflow
  vulnerability in av_timecode_make_string in libavutil/timecode.c
  (bsc#1214246, CVE-2021-28429).
Version: 3.4.2-150200.11.28.1
* Thu Apr 27 2023 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2022-48434.patch: Backport from upstream to fix
  use after free in libavcodec/pthread_frame.c (bsc#1209934).
Version: 3.4.2-150200.11.25.1
* Fri Jan 20 2023 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2022-3341.patch: Backport from upstream to fix
  null pointer dereference in decode_main_header() in
  libavformat/nutdec.c (bsc#1206778).
* Wed Jan 18 2023 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2019-13390.patch: Backport from upstream to fix
  division by zero at adx_write_trailer in libavformat/rawenc.c
  (bsc#1140754).
Version: 3.4.2-150200.11.20.1
* Mon Dec 26 2022 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2022-3109.patch: Backport from upstream to fix
  null pointer dereference in vp3_decode_frame() (bsc#1206442).
Version: 3.4.2-11.17.1
* Thu Oct 14 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2021-38094.patch: Backport from upstream to fix
  integer overflow vulnerability in function filter_sobel in
  libavfilter/vf_convolution.c (bsc#1190735, bsc#1190734,
  bsc#1190733, bsc#1190724, bsc#1190731, bsc#1190732,
  CVE-2021-38094, CVE-2021-38093, CVE-2021-38092, CVE-2020-20898,
  CVE-2021-38090, CVE-2021-38091).
- Add ffmpeg-CVE-2020-22037.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak in
  avcodec_alloc_context3 at options.c (bsc#1186756).
- Add ffmpeg-CVE-2021-3566.patch: Backport from upstream to fix
  exposure of sensitive information on ffmpeg version prior to 4.3
  (bsc#1189166).
- Add ffmpeg-CVE-2020-35965.patch: Backport from upstream to fix
  out-of-bounds write in decode_frame in libavcodec/exr.c
  (bsc#1187852).
- Add ffmpeg-CVE-2020-20892.patch: Backport from upstream to fix
  an issue was discovered in function filter_frame in
  libavfilter/vf_lenscorrection.c (bsc#1190719).
- Add ffmpeg-CVE-2020-20891.patch: Backport from upstream to fix
  buffer overflow vulnerability in function config_input in
  libavfilter/vf_gblur.c (bsc#1190718).
- Add ffmpeg-CVE-2020-20895.patch: Backport from upstream to fix
  buffer overflow vulnerability in function
  filter_vertically_##name in libavfilter/vf_avgblur.c
  (bsc#1190722).
- Add ffmpeg-CVE-2020-20896.patch: Backport from upstream to fix
  an issue was discovered in function latm_write_packet in
  libavformat/latmenc.c (bsc#1190723).
- Add ffmpeg-CVE-2020-20899.patch: Backport from upstream to fix
  buffer overflow vulnerability in function config_props in
  libavfilter/vf_bwdif.c (bsc#1190726).
- Add ffmpeg-CVE-2020-20902.patch: Backport from upstream to fix
  out-of-bounds read vulnerability exists in long_term_filter
  function in g729postfilter.c (bsc#1190729).
Version: 3.4.2-11.14.1
* Mon Sep 27 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2020-22042.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak is
  affected by: memory leak in the link_filter_inouts function in
  libavfilter/graphparser.c (bsc#1186761).
Version: 3.4.2-11.11.1
* Wed Sep 01 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2021-38171.patch: Backport from upstream to fix
  adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4
  does not check the init_get_bits return value (bsc#1189724).
Version: 3.4.2-11.8.2
* Thu Aug 12 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2020-21688.patch: Backport from upstream to fix
  a heap-use-after-free in the av_freep function in libavutil/mem.c
  of FFmpeg 4.2 allows attackers to execute arbitrary code
  (bsc#1189348).
- Add ffmpeg-CVE-2020-21697.patch: Backport from upstream to fix
  a heap-use-after-free in the mpeg_mux_write_packet function in
  libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of
  service (DOS) via a crafted avi file (bsc#1189350).
- Add ffmpeg-CVE-2021-38114.patch: Backport from upstream to fix
  the return value of the init_vlc function is not checked
  (bsc#1189142).
* Wed Jul 07 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2019-9721.patch: Backport from upstream to fix
  denial of service in the subtitle decoder in handle_open_brace
  from libavcodec/htmlsubtitles.c (bsc#1129714).
- Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix
  a denial of service vulnerability exists in FFmpeg 4.2 due to
  a memory leak in the avpriv_float_dsp_allocl function in
  libavutil/float_dsp.c (bsc#1186849).
- Add ffmpeg-CVE-2020-22048.patch: Backport from upstream to fix
  a denial of service vulnerability exists in FFmpeg 4.2 due to
  a memory leak in the ff_frame_pool_get function in framepool.c
  (bsc#1186859).
- Add ffmpeg-CVE-2020-22049.patch: Backport from upstream to fix
  a denial of service vulnerability exists in FFmpeg 4.2 due to
  a memory leak in the wtvfile_open_sector function in wtvdec.c
  (bsc#1186861).
- Add ffmpeg-CVE-2020-22054.patch: Backport from upstream to fix
  a denial of service vulnerability exists in FFmpeg 4.2 due to
  a memory leak in the av_dict_set function in dict.c
  (bsc#1186863).
Version: 3.4.2-11.3.1
* Fri Jun 25 2021 alynx.zhou@suse.com 
- Add ffmpeg-CVE-2020-13904.patch: Backport from upstream to fix
  use-after-free via a crafted EXTINF duration in an m3u8 file
  (bsc#1172640).
- Add ffmpeg-CVE-2020-21041.patch: Backport from upstream to fix
  buffer overflow vulnerability via apng_do_inverse_blend in
  libavcodec/pngenc.c  (bsc#1186406).
- Add ffmpeg-CVE-2019-17539.patch: Backport from upstream to fix
  NULL pointer dereference in avcodec_open2 in libavcodec/utils.c
  (bsc# 1154065).
- Add ffmpeg-CVE-2020-22026.patch: Backport from upstream to fix
  buffer overflow vulnerability exists in config_input() at
  libavfilter/af_tremolo.c (bsc#1186583).
- Add ffmpeg-CVE-2020-22021.patch: Backport from upstream to fix
  buffer overflow vulnerability in filter_edges function in
  libavfilter/vf_yadif.c (bsc#1186586).
- Add ffmpeg-CVE-2020-22020.patch: Backport from upstream to fix
  buffer overflow vulnerability in build_diff_map() in
  libavfilter/vf_fieldmatch.c (bsc#1186587).
- Add ffmpeg-CVE-2020-22015.patch: Backport from upstream to fix
  buffer overflow vulnerability in mov_write_video_tag() due to
  the out of bounds in libavformat/movenc.c (bsc#1186596).
- Add ffmpeg-CVE-2020-22016.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability at
  libavcodec/get_bits.h when writing .mov files (bsc#1186598).
- Add ffmpeg-CVE-2020-22017.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists in
  ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600).
- Add ffmpeg-CVE-2020-22022.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists in
  filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603,
  bsc#1190728, CVE-2020-22022, CVE-2020-20901).
- Add ffmpeg-CVE-2020-22023.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists in
  filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604)
- Add ffmpeg-CVE-2020-22025.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists in
  gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605,
  bsc#1190721, CVE-2020-22025, CVE-2020-20894).
- Add ffmpeg-CVE-2020-22031.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists at
  libavfilter/vf_w3fdif.c in filter16_complex_low()
  (bsc#1186613).
- Add ffmpeg-CVE-2020-22032.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists at
  libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614,
  bsc#1190727, CVE-2020-22032, CVE-2020-20900).
- Add ffmpeg-CVE-2020-22033.patch: Backport from upstream to fix
  a heap-based Buffer Overflow Vulnerability exists at
  libavfilter/vf_vmafmotion.c in convolution_y_8bit()
  (CVE-2020-22033) and buffer overflow vulnerability in
  convolution_y_10bit() in libavfilter/vf_vmafmotion.c
  (CVE-2020-22019) (bsc#1186615, bsc#1186597).
- Add ffmpeg-CVE-2020-22034.patch: Backport from upstream to fix
  a heap-based Buffer Overflow vulnerability exists at
  libavfilter/vf_floodfill.c (bsc#1186616).
- Add ffmpeg-CVE-2020-20451.patch: Backport from upstream to fix
  denial of service issue due to resource management errors via
  fftools/cmdutils.c (bsc#1186658).
- Add ffmpeg-CVE-2020-20448.patch: Backport from upstream to fix
  divide by zero issue via libavcodec/ratecontrol.c
  (bsc#1186660).
- Add ffmpeg-CVE-2020-22038.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak in
  the ff_v4l2_m2m_create_context function in v4l2_m2m.c
  (bsc#1186757).
- Add ffmpeg-CVE-2020-22039.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak in
  the inavi_add_ientry function (bsc#1186758).
- Add ffmpeg-CVE-2020-22043.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak at
  the fifo_alloc_common function in libavutil/fifo.c
  (bsc#1186762).
- Add ffmpeg-CVE-2020-22044.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak in
  the url_open_dyn_buf_internal function in
  libavformat/aviobuf.c (bsc#1186763).
Version: 3.4.2-150200.11.60.1
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2025-22921.patch:
  Backporting 7f9c7f98 from upstream, clear array length when
  freeing it.
  (CVE-2025-22921, bsc#1237382)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2025-0518.patch:
  Backporting b5b6391d from upstream, fixes memory data leak when
  use sscanf().
  (CVE-2025-0518, bsc#1236007)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2025-22919.patch:
  Backporting 1446e37d from upstream, check for valid sample rate
  As the sample rate <= 0 is invalid.
  (CVE-2025-22919, bsc#1237371)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-12361.patch:
  Backport 4065ff69 from upstream, add check for av_packet_new_side_data()
  to avoid null pointer dereference if allocation fails.
  (CVE-2024-12361, bsc#1237358)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-36613.patch:
  Backport 50d8e4f2 from upstream, Adjust order of operations
  around block align.
  (CVE-2024-36613, bsc#1235092)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-35365.patch:
  Backport ced5c5fdb from upstream, Fix double-free on error.
  (CVE-2024-35365, bsc#1235091)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2024-35368.patch:
  Backport 45133009 from upstream, After having created the
  AVBuffer that is put into frame->buf[0], ownership of several
  objects Fix double-free on the AVFrame is unreferenced.
  (CVE-2024-35368, bsc#1234028)
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2023-51793.patch:
  Backporting 0ecc1f0e from upstream, Fix odd height handling, Fix
  out of array access.
  (CVE-2023-51793, bsc#1223272).
* Wed Feb 19 2025 qzhao@suse.com 
- Add ffmpeg-CVE-2023-51793-shim.patch:
  Backport part of 1b20853f and f0dd5c00, avfilter/internal: Factor
  out executing a filter's execute_func; avfilter/vf_weave: add slice
  threading support; To prepare for CVE-2023-51793 fix.
  (CVE-2023-51793, bsc#1223272).
Version: 3.4.2-150200.11.57.1
* Fri Aug 09 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2023-51798.patch:
  Backporting 68146f06 from upstream, Check pts before division.
  (CVE-2023-51798 bsc#1223304)
* Thu Aug 08 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2021-38291.patch:
  Backporting e01d306c from upstream, : don't return negative values
  in av_get_audio_frame_duration().
  (CVE-2021-38291, bsc#1189428)
* Wed Aug 07 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2020-22027.patch:
  Backporting e787f8fd from upstream, check if width is 1.
  (CVE-2020-22027, bsc#1186607)
* Wed Aug 07 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2020-22027-shim-273edb2f.patch:
  Backporting 273edb2f from upstream, rewrite without using temp
  memory to prepare dependence code for CVE-2020-22027.
  (CVE-2020-22027, bsc#1186607)
Version: 3.4.2-150200.11.50.1
* Tue Jul 02 2024 qzhao@suse.com 
- Add ffmpeg-CVE-2024-32230.patch:
  Backporting 96449cfe from upstream, Fix 1 line and one column images.
  (CVE-2024-32230, bsc#1227296)
Version: 3.4.2-150200.11.47.1
* Wed May 29 2024 xiaoguang.wang@suse.com 
- Add ffmpeg-CVE-2023-51794.patch: Fix heap buffer overflow at
  libavfilter (CVE-2023-51794, bsc#1223437).