public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Dominik 'Rathann' Mierzejewski <dominik@greysector.net>
To: git-commits@fedoraproject.org
Subject: [rpms/ffmpeg] rawhide: backport fix for CVE-2026-30998 (resolves rhbz#2457970)
Date: Mon, 22 Jun 2026 22:04:30 GMT [thread overview]
Message-ID: <178216587087.1.12195952356221725223.rpms-ffmpeg-536fabbe0378@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/ffmpeg
Branch : rawhide
Commit : 536fabbe0378bd9d1df64d4bd765e2ace102a855
Author : Dominik 'Rathann' Mierzejewski <dominik@greysector.net>
Date : 2026-06-23T00:02:40+02:00
Stats : +34/-1 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/ffmpeg/c/536fabbe0378bd9d1df64d4bd765e2ace102a855?branch=rawhide
Log:
backport fix for CVE-2026-30998 (resolves rhbz#2457970)
---
diff --git a/ffmpeg-CVE-2026-30998.patch b/ffmpeg-CVE-2026-30998.patch
new file mode 100644
index 0000000..3f86e6a
--- /dev/null
+++ b/ffmpeg-CVE-2026-30998.patch
@@ -0,0 +1,27 @@
+From 18b83f2d0a0f9bcbafb0001a2911327c4b8df056 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Sun, 3 May 2026 13:14:02 -0300
+Subject: [PATCH] tools/zmqsend: close the input FILE
+
+Fixes CVE-2026-30998
+
+Fixes: Resource leak
+Found-by: Xinghang Lv
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ tools/zmqsend.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tools/zmqsend.c b/tools/zmqsend.c
+index 17a6194b28f4a..a0142f436a5f6 100644
+--- a/tools/zmqsend.c
++++ b/tools/zmqsend.c
+@@ -166,6 +166,8 @@ int main(int argc, char **argv)
+
+ end:
+ av_freep(&src_buf);
++ if (strcmp(infilename, "stdin"))
++ fclose(infile);
+ zmq_close(socket);
+ zmq_ctx_destroy(zmq_ctx);
+ return ret;
diff --git a/ffmpeg.spec b/ffmpeg.spec
index 50d17bc..cb74d6e 100644
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@@ -108,7 +108,7 @@ Name: ffmpeg
%global pkg_name %{name}%{?pkg_suffix}
Version: 8.1.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A complete solution to record, convert and stream audio and video
License: GPL-3.0-or-later
URL: https://ffmpeg.org/
@@ -126,6 +126,9 @@ Patch1: ffmpeg-codec-choice.patch
# See https://bugzilla.redhat.com/show_bug.cgi?id=1501522#c112
Patch2: ffmpeg-allow-fdk-aac-free.patch
+# Backport fix for CVE-2026-30998
+Patch10: https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/18b83f2d0a0f9bcbafb0001a2911327c4b8df056#/ffmpeg-CVE-2026-30998.patch
+
# Add first_dts getter to libavformat for Chromium
# See: https://bugzilla.redhat.com/show_bug.cgi?id=2240127
# Reference: https://crbug.com/1306560
@@ -976,6 +979,9 @@ rm -rf %{buildroot}%{_datadir}
%changelog
+* Mon Jun 22 2026 Dominik Mierzejewski <dominik@greysector.net> - 8.1.2-2
+- Backport fix for CVE-2026-30998 (resolves rhbz#2457970).
+
* Wed Jun 17 2026 Dominik Mierzejewski <dominik@greysector.net> - 8.1.2-1
- Updated to 8.1.2 (resolves rhbz#2489751)
reply other threads:[~2026-06-22 22:04 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178216587087.1.12195952356221725223.rpms-ffmpeg-536fabbe0378@fedoraproject.org \
--to=dominik@greysector.net \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox