| Message ID | cover.1724546078.git.ashish.is@lostca.se |
|---|---|
| Headers |
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id E270127BBEA; Sun, 25 Aug 2024 01:38:41 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_VALIDITY_CERTIFIED, RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 92EE827BBE9 for <patchwork@mira.cbaines.net>; Sun, 25 Aug 2024 01:38:34 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces@gnu.org>) id 1si1Gs-0004SF-TK; Sat, 24 Aug 2024 20:38:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1si1Gn-0004Ry-Ud for guix-patches@gnu.org; Sat, 24 Aug 2024 20:38:14 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1si1Gn-0002EI-57 for guix-patches@gnu.org; Sat, 24 Aug 2024 20:38:13 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:Subject; bh=d6y78MtttsNYlttEf37hder9lGwsgXD4SwK0Et575mA=; b=sYGWUTkiJjeaYB8Wd5AtNEzblw49Y/IYtJPL3qEmlwhMWOJqEvgfzRwbWPoObuaNJr6HdqY3FG6j3XNu8cC1S4EVhoiGypuhFBNd9Cv+vMVS2UPZk+Pua5YjCXGEAoGpyvwqkt4asStmoUSXW8DmVrVnGps2zZ6KQB7Ud8daV/KGrYpnEZhSzj98h5xHUEfjtf0AWrwJY1DmRKM0yyCuhwzKvG6g+qby812Bjlp5Uz2He5yz1wtQBu1gjLBwAoBUbxlkEdwM86c5gChQmvsOfXaa/J2H+A7Byun3NOJRDAJVurTU8h9vcN89HaEtZUtvC6UTFbsJSkwhR5NInQvdIQ==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1si1HZ-0000gL-SE for guix-patches@gnu.org; Sat, 24 Aug 2024 20:39:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#72799] [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272] Resent-From: ashish.is@lostca.se Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 25 Aug 2024 00:39:01 +0000 Resent-Message-ID: <handler.72799.B.17245462972563@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 72799 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 72799@debbugs.gnu.org Cc: Ashish SHUKLA <ashish.is@lostca.se> X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17245462972563 (code B ref -1); Sun, 25 Aug 2024 00:39:01 +0000 Received: (at submit) by debbugs.gnu.org; 25 Aug 2024 00:38:17 +0000 Received: from localhost ([127.0.0.1]:42004 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1si1Gq-0000fH-Rk for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:17 -0400 Received: from lists.gnu.org ([209.51.188.17]:47928) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ashish.is@lostca.se>) id 1si1Gp-0000f9-62 for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>) id 1si1G1-0004Nl-Gs for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400 Received: from anamika.lostca.se ([65.21.75.227]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>) id 1si1Fz-00029g-QA for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400 Received: from localhost.localdomain (poincare.inet6.in [IPv6:2a0a:4cc0:1:12d4::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: abbe) by anamika.lostca.se (Postfix) with ESMTPSA id 6300D24AF2; Sun, 25 Aug 2024 00:37:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; t=1724546229; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=d6y78MtttsNYlttEf37hder9lGwsgXD4SwK0Et575mA=; b=s5xNWabowBCc3tCPy+gXzXRFT4ct2l4BjLFxSlW1EmhPZMjdVmme2GKWVT3ihJ8WkJO7wt t5FYvFnKwZV+kbeK6djSgO0cD7cS8Z22uqb9+OfBcCY118HT4x6dzNETM9W7KmJmYlFB1q acWMJuxK4RPJMiYbQWKPISbM57VK9R8= Date: Sun, 25 Aug 2024 00:34:50 +0000 Message-ID: <cover.1724546078.git.ashish.is@lostca.se> X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=65.21.75.227; envelope-from=ashish.is@lostca.se; helo=anamika.lostca.se X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Reply-to: ashish.is@lostca.se X-ACL-Warn: , "ashish.is--- via Guix-patches" <guix-patches@gnu.org> From: "ashish.is--- via Guix-patches" via <guix-patches@gnu.org> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches |
| Series |
ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272]
|
|
Message
yelninei--- via Guix-patches via
Aug. 25, 2024, 12:34 a.m. UTC
From: Ashish SHUKLA <ashish.is@lostca.se>
Hi,
Attached series of patches updates ffmpeg to latest versions which fixes
following vulnerabilities:
CVE-2024-7055
CVE-2024-7272
Thanks!
Ashish SHUKLA (3):
gnu: ffmpeg: Update to 6.1.2 [fixes CVE-2024-7055].
gnu: ffmpeg-5: Update to 5.1.6 [fixes CVE-2024-7055, CVE-2024-7272].
gnu: ffmpeg-4: Update to 4.4.5 [fixes CVE-2024-7055].
gnu/packages/video.scm | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
base-commit: f25ea6847fa4eb1bc0a6bfb965e145b94f20a6f8
Comments
Hi! Patches apply and build fine. However, it looks like ffmpeg-4 and ffmpeg-6 triggers lots (~1000 for ffmpeg-4 and ~700 for ffmpeg-6) package rebuilds. ffmpeg-5 is fine, only 12 packages to be rebuild. Maybe ffmpeg-4 and ffmpeg-6 should be grafted (these CVEs looks scary) and patches for them send in the separate branch? Need some experienced maintainers to understand how it should be resolved.
Hello, Rodion Goritskov <rodion.goritskov@gmail.com> writes: > Hi! > > Patches apply and build fine. > > However, it looks like ffmpeg-4 and ffmpeg-6 triggers lots (~1000 for > ffmpeg-4 and ~700 for ffmpeg-6) package rebuilds. > ffmpeg-5 is fine, only 12 packages to be rebuild. > > Maybe ffmpeg-4 and ffmpeg-6 should be grafted (these CVEs looks scary) and patches for them send > in the separate branch? > > Need some experienced maintainers to understand how it should be resolved. It would have been better to build on a topic branch, but I've opted to take a shortcut here and push directly to master for this time. Closing!