From unknown Fri Aug 15 18:13:05 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#72799] [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272]
Resent-From: ashish.is@lostca.se
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 25 Aug 2024 00:39:01 +0000
Resent-Message-ID: <handler.72799.B.17245462972563@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 72799
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 72799@debbugs.gnu.org
Cc: Ashish SHUKLA <ashish.is@lostca.se>
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.17245462972563
          (code B ref -1); Sun, 25 Aug 2024 00:39:01 +0000
Received: (at submit) by debbugs.gnu.org; 25 Aug 2024 00:38:17 +0000
Received: from localhost ([127.0.0.1]:42004 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1Gq-0000fH-Rk
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:17 -0400
Received: from lists.gnu.org ([209.51.188.17]:47928)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1Gp-0000f9-62
 for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>)
 id 1si1G1-0004Nl-Gs
 for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400
Received: from anamika.lostca.se ([65.21.75.227])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>)
 id 1si1Fz-00029g-QA
 for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400
Received: from localhost.localdomain (poincare.inet6.in
 [IPv6:2a0a:4cc0:1:12d4::1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested) (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id 6300D24AF2;
 Sun, 25 Aug 2024 00:37:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546229;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=d6y78MtttsNYlttEf37hder9lGwsgXD4SwK0Et575mA=;
 b=s5xNWabowBCc3tCPy+gXzXRFT4ct2l4BjLFxSlW1EmhPZMjdVmme2GKWVT3ihJ8WkJO7wt
 t5FYvFnKwZV+kbeK6djSgO0cD7cS8Z22uqb9+OfBcCY118HT4x6dzNETM9W7KmJmYlFB1q
 acWMJuxK4RPJMiYbQWKPISbM57VK9R8=
From: ashish.is@lostca.se
Date: Sun, 25 Aug 2024 00:34:50 +0000
Message-ID: <cover.1724546078.git.ashish.is@lostca.se>
X-Mailer: git-send-email 2.46.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=65.21.75.227; envelope-from=ashish.is@lostca.se;
 helo=anamika.lostca.se
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

From: Ashish SHUKLA <ashish.is@lostca.se>

Hi,

Attached series of patches updates ffmpeg to latest versions which fixes
following vulnerabilities:

CVE-2024-7055
CVE-2024-7272

Thanks!

Ashish SHUKLA (3):
  gnu: ffmpeg: Update to 6.1.2 [fixes CVE-2024-7055].
  gnu: ffmpeg-5: Update to 5.1.6 [fixes CVE-2024-7055, CVE-2024-7272].
  gnu: ffmpeg-4: Update to 4.4.5 [fixes CVE-2024-7055].

 gnu/packages/video.scm | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)


base-commit: f25ea6847fa4eb1bc0a6bfb965e145b94f20a6f8
-- 
2.46.0





From unknown Fri Aug 15 18:13:05 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#72799] [PATCH 3/3] gnu: ffmpeg-4: Update to 4.4.5 [fixes CVE-2024-7055].
Resent-From: ashish.is@lostca.se
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 25 Aug 2024 00:42:02 +0000
Resent-Message-ID: <handler.72799.B72799.17245464692886@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72799
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 72799@debbugs.gnu.org
Cc: Ashish SHUKLA <ashish.is@lostca.se>
Received: via spool by 72799-submit@debbugs.gnu.org id=B72799.17245464692886
          (code B ref 72799); Sun, 25 Aug 2024 00:42:02 +0000
Received: (at 72799) by debbugs.gnu.org; 25 Aug 2024 00:41:09 +0000
Received: from localhost ([127.0.0.1]:42010 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1Jd-0000kT-E4
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:09 -0400
Received: from anamika.lostca.se ([65.21.75.227]:60972)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1Jb-0000k8-Cz
 for 72799@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:07 -0400
Received: from localhost.localdomain (poincare.inet6.in
 [IPv6:2a0a:4cc0:1:12d4::1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested) (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id 9362324DAE;
 Sun, 25 Aug 2024 00:40:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546412;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=BfkaA0y2+DaVw405md/5L53zLUN+FA5qWXp8kX3CP78=;
 b=Atffx7hrC8Myl3DnIRdkd+hBZ0ZyW5zQj7ArreA/VatNKTgRd3AMzDxg7K2nbvvSVKy1k0
 dWdKiZ88zOtBx0IaGz6ID+fvS0Tp9qzPHy2d/S7nm6nzFYoQ5M6GUSdXo0OsSAF+L+pfd4
 DvHCMbR8Q501B+3CyOLeM5n4mIwmS3U=
From: ashish.is@lostca.se
Date: Sun, 25 Aug 2024 00:39:49 +0000
Message-ID: <24c7b9dde2e4d1479e58c80697d9ce4a3ca97288.1724546078.git.ashish.is@lostca.se>
X-Mailer: git-send-email 2.46.0
In-Reply-To: <cover.1724546078.git.ashish.is@lostca.se>
References: <cover.1724546078.git.ashish.is@lostca.se>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

From: Ashish SHUKLA <ashish.is@lostca.se>

* gnu/packages/video.scm (ffmpeg-4): Update to 4.4.5.

Change-Id: Ie35066988c26af338120b2ce002c767ff4c7aaec
---
 gnu/packages/video.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 1089e0b6ba..0c56a43ecb 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -1885,14 +1885,14 @@ (define-public ffmpeg-5
 (define-public ffmpeg-4
   (package
     (inherit ffmpeg-5)
-    (version "4.4.2")
+    (version "4.4.5")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                  version ".tar.xz"))
              (sha256
               (base32
-               "14xadxm1yaamp216nq09xwasxg5g133v86dbb33mdg5di1zrlhdg"))))
+               "01xb2vj4n52fv2y56n5ifirgzlg16qbgfg98f6ifbbhm6l6lwlgr"))))
     (inputs (modify-inputs (package-inputs ffmpeg)
               (replace "sdl2" sdl2-2.0)))
     (arguments
-- 
2.46.0





From unknown Fri Aug 15 18:13:05 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#72799] [PATCH 2/3] gnu: ffmpeg-5: Update to 5.1.6 [fixes CVE-2024-7055, CVE-2024-7272].
Resent-From: ashish.is@lostca.se
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 25 Aug 2024 00:42:02 +0000
Resent-Message-ID: <handler.72799.B72799.17245464702892@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72799
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 72799@debbugs.gnu.org
Cc: Ashish SHUKLA <ashish.is@lostca.se>
Received: via spool by 72799-submit@debbugs.gnu.org id=B72799.17245464702892
          (code B ref 72799); Sun, 25 Aug 2024 00:42:02 +0000
Received: (at 72799) by debbugs.gnu.org; 25 Aug 2024 00:41:10 +0000
Received: from localhost ([127.0.0.1]:42012 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1Jd-0000kV-NT
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:10 -0400
Received: from anamika.lostca.se ([65.21.75.227]:60960)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1Ja-0000jt-Sq
 for 72799@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:07 -0400
Received: from localhost.localdomain (poincare.inet6.in
 [IPv6:2a0a:4cc0:1:12d4::1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested) (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id F0F2F24DAC;
 Sun, 25 Aug 2024 00:40:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546412;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=Lfm+wM3T0pxvhV4JrQmzVvbEMNUM8MWOt86uYDmW7o4=;
 b=Rvc6xkXZU7z1UB4DeNCaaQoph4DDqBStHtIZoVM2R0o9Hx6nhQEVERzF1x9skQszwBY+/j
 bnHSBE/MLKutUTpixqppsES7xBVEKA3wZ2skJtQtwHtF7+dgI0LsAuMQVHW4jkdKyXbWSx
 67mi3pUjwcPgYokQxczceQMySV2hQGk=
From: ashish.is@lostca.se
Date: Sun, 25 Aug 2024 00:39:48 +0000
Message-ID: <274eeb8f1c025e31191b28e5b977eb16e6d7b7e0.1724546078.git.ashish.is@lostca.se>
X-Mailer: git-send-email 2.46.0
In-Reply-To: <cover.1724546078.git.ashish.is@lostca.se>
References: <cover.1724546078.git.ashish.is@lostca.se>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

From: Ashish SHUKLA <ashish.is@lostca.se>

* gnu/packages/video.scm (ffmpeg-5): Update to 5.1.6.

Change-Id: If86cbff17d63528b42a9c5ce2c062014251b8fcb
---
 gnu/packages/video.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index d8276b331e..1089e0b6ba 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -1873,14 +1873,14 @@ (define-public ffmpeg
 (define-public ffmpeg-5
   (package
     (inherit ffmpeg)
-    (version "5.1.4")
+    (version "5.1.6")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                   version ".tar.xz"))
               (sha256
                (base32
-                "0qwhyhil805hns7yksdxagnrcc90h60al7lz1rc65kd1j2w3nf2l"))))))
+                "1g8116rp4fgq82br8lclb2dmw3fvyh2zkzhnngm7z97pg1i0dypl"))))))
 
 (define-public ffmpeg-4
   (package
-- 
2.46.0





From unknown Fri Aug 15 18:13:05 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#72799] [PATCH 1/3] gnu: ffmpeg: Update to 6.1.2 [fixes CVE-2024-7055].
Resent-From: ashish.is@lostca.se
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sun, 25 Aug 2024 00:42:02 +0000
Resent-Message-ID: <handler.72799.B72799.17245464992942@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72799
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 72799@debbugs.gnu.org
Cc: Ashish SHUKLA <ashish.is@lostca.se>
Received: via spool by 72799-submit@debbugs.gnu.org id=B72799.17245464992942
          (code B ref 72799); Sun, 25 Aug 2024 00:42:02 +0000
Received: (at 72799) by debbugs.gnu.org; 25 Aug 2024 00:41:39 +0000
Received: from localhost ([127.0.0.1]:42015 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1K7-0000lN-4D
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:39 -0400
Received: from anamika.lostca.se ([65.21.75.227]:48602)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1K4-0000l5-6f
 for 72799@debbugs.gnu.org; Sat, 24 Aug 2024 20:41:37 -0400
Received: from localhost.localdomain (poincare.inet6.in
 [IPv6:2a0a:4cc0:1:12d4::1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested) (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id 9C8B724B6C;
 Sun, 25 Aug 2024 00:40:10 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546410;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=cwdw7CL5mqSFD9SUeKLH/hkJPB7+lsT6RXdJm5N/kac=;
 b=ehDZjTLBp0qzg0/KeNzaPYNy4u1UduEnegZZ2xjUunqgF9D1jU1v9kSJNEKTWA0QitWWCs
 ySKqFASXm8qGtVz4g5trszza07CVwm1CLOPx63RomE9AAzPKS9b0LnSJOvVRjqI1MTadD5
 NzSLyYfsI59ernWNmE1S5zo6kEmwaTo=
From: ashish.is@lostca.se
Date: Sun, 25 Aug 2024 00:39:47 +0000
Message-ID: <3608fedabb4c19adc34ebfec4d77f4f577b60328.1724546078.git.ashish.is@lostca.se>
X-Mailer: git-send-email 2.46.0
In-Reply-To: <cover.1724546078.git.ashish.is@lostca.se>
References: <cover.1724546078.git.ashish.is@lostca.se>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

From: Ashish SHUKLA <ashish.is@lostca.se>

* gnu/packages/video.scm (ffmpeg): Update to 6.1.2.

Change-Id: I4f15c4619da8b1dba474237cd839e2c79f651346
---
 gnu/packages/video.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 7d22d2f8f7..d8276b331e 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -69,6 +69,7 @@
 ;;; Copyright © 2023 Jaeme Sifat <jaeme@runbox.com>
 ;;; Copyright © 2023 Zheng Junjie <873216071@qq.com>
 ;;; Copyright © 2024 Artyom V. Poptsov <poptsov.artyom@gmail.com>
+;;; Copyright © 2024 Ashish SHUKLA <ashish.is@lostca.se>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -1670,14 +1671,14 @@ (define-public libva-utils
 (define-public ffmpeg
   (package
     (name "ffmpeg")
-    (version "6.1.1")
+    (version "6.1.2")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://ffmpeg.org/releases/ffmpeg-"
                                   version ".tar.xz"))
               (sha256
                (base32
-                "0s7r2qv8gh2a3w568n9xxgcz0q8j5ww1jdsci1hm9f4l1yqg9146"))))
+                "0f2fr8ywchhlkdff88lr4d4vscqzsi1ndjh3r5jwbkayf94lcqiv"))))
     (outputs '("out" "debug"))
     (build-system gnu-build-system)
     (inputs
-- 
2.46.0





From debbugs-submit-bounces@debbugs.gnu.org Sat Aug 24 20:44:01 2024
Received: (at control) by debbugs.gnu.org; 25 Aug 2024 00:44:01 +0000
Received: from localhost ([127.0.0.1]:42021 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1MO-0000pU-Pd
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:44:00 -0400
Received: from anamika.lostca.se ([65.21.75.227]:39602)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1MN-0000pD-0R
 for control@debbugs.gnu.org; Sat, 24 Aug 2024 20:43:59 -0400
Received: from localhost (unknown
 [IPv6:2401:4900:1c49:26b5:e751:8c5c:1ef6:ef2f])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (prime256v1) server-signature RSA-PSS (2048 bits)
 server-digest SHA256) (No client certificate requested)
 (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id B517124CD4;
 Sun, 25 Aug 2024 00:43:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546584;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=9vH5DTXcJij84X+TuSe9VPwMegCJ5IhMXnOZQvMen/w=;
 b=TME4kfUwlp8zL7KLs5AJFpg9pVno5z/GdxTRUYp7T9hCGzQpM8a94o9/JLll/tUknHfLld
 p485STyxNPx2ROIVdv2RImP72HcEwdBuLLDePASVhb4WrdQyhlc9xCBUScrJefKSIGy4X8
 1Y5gVMqocNd3ugmnm2QsxafIuZ+UEs8=
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8; format=Flowed
Date: Sun, 25 Aug 2024 06:12:57 +0530
Message-Id: <D3OKQOMWTMEG.ZYCJI6JGDT91@lostca.se>
Subject: update bug state
From: "Ashish SHUKLA" <ashish.is@lostca.se>
To: <control@debbugs.gnu.org>
X-Mailer: aerc 0.18.2
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

tag 72799 security
severity 72799 important
quit




From unknown Fri Aug 15 18:13:05 2025
X-Loop: help-debbugs@gnu.org
Subject: [bug#72799] [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272]
Resent-From: Rodion Goritskov <rodion.goritskov@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Fri, 30 Aug 2024 21:33:02 +0000
Resent-Message-ID: <handler.72799.B72799.172505353517626@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72799
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: security patch
To: 72799@debbugs.gnu.org
Received: via spool by 72799-submit@debbugs.gnu.org id=B72799.172505353517626
          (code B ref 72799); Fri, 30 Aug 2024 21:33:02 +0000
Received: (at 72799) by debbugs.gnu.org; 30 Aug 2024 21:32:15 +0000
Received: from localhost ([127.0.0.1]:53530 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sk9E6-0004aE-OD
	for submit@debbugs.gnu.org; Fri, 30 Aug 2024 17:32:14 -0400
Received: from mail-lj1-f174.google.com ([209.85.208.174]:53305)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rodion.goritskov@gmail.com>) id 1sk9E5-0004Zz-6i
 for 72799@debbugs.gnu.org; Fri, 30 Aug 2024 17:32:13 -0400
Received: by mail-lj1-f174.google.com with SMTP id
 38308e7fff4ca-2f029e9c9cfso27147121fa.2
 for <72799@debbugs.gnu.org>; Fri, 30 Aug 2024 14:31:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1725053409; x=1725658209; darn=debbugs.gnu.org;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=fXOAsJUCuMCOsOP3rLRcEB/wQS2ElapL4FcC/3y0pWQ=;
 b=f62ABd3Y3zq/9iR/4IfbmqbtsDwBb2PtdXwEnMZE2ckZqAwQh1zhU5pUIIGCz7CXfv
 CWZUB6D2kHqdNP5QqiqMNdThV9EJwfU1pW9p6ss6Yt8hXU4vyfw3AvCsdB2OStUuHivp
 ZqafRu0PY9sjfTz30zB7qjqG0yajsF+pc7sye2JB11G05VGeiNL7yCrPbUJgHC5p/Zfm
 R1k96j4wOJpBSTz9wzpFV9hc9eXxEa1fc45xLNxsjOXVWXPImC3fPvUGblwFUa9CtP2I
 4HGzBSQFpnGid0eSkETMXrGM9sbOnReoQ9uA3Ax+crm1Md2Q59CRbV7dh8VokZ7YGZZo
 NK9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1725053409; x=1725658209;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=fXOAsJUCuMCOsOP3rLRcEB/wQS2ElapL4FcC/3y0pWQ=;
 b=rQpAhEGW1njDn22XeBMONA+X8sxt6wHWGDXRd8zgvz4ijWQe0xOg6/4wrFTXaHgYZ4
 VLx44JBe1Zp1T47D5HekrW4dYkE+Ikrem026Q7QkxjP6J8i66XagVxkIK4H5eWwQEsBK
 aiY2DFkSLgLQ4PPOIWFxd/4yl+cKKuhqdASkYQsE7zRVYmHosfMv1fKVxSGuHDcn/0ze
 SoAP3IXcCYfTf0/v8o7ffP0aPVlvzKuTg4YpJJSrC1X+RKS0Ndn7TDam9iwlgokovf3n
 K5hmgoDfalhurkF83vTf22pa2MyWSnrPfHb5Or6y4BjOHKCYrxmgiiVBuzR5IN0VThkr
 J3KQ==
X-Gm-Message-State: AOJu0YyVMaswrd0E0wDGZQrmatt1WA7kbD9iDzc8m4qRpFMi5BJhOvlb
 sRBUwE6GCu/QZO3prUft3H3Qf+f20XThqDM7Zb3J4H9CJZrE1R/wRFSeC2tVpqs=
X-Google-Smtp-Source: AGHT+IHTqWJMnUfMPoSvJVtN4XqL+4AvGIRiViJVixe4auOSS+ihzOHNHqdcoKnCDydnMmd/yVOPPg==
X-Received: by 2002:a2e:b8d6:0:b0:2f1:750d:53a7 with SMTP id
 38308e7fff4ca-2f6105c4993mr70667541fa.8.1725053408470; 
 Fri, 30 Aug 2024 14:30:08 -0700 (PDT)
Received: from bumblebee-mighty ([92.51.75.166])
 by smtp.gmail.com with ESMTPSA id
 38308e7fff4ca-2f614f007aasm8413871fa.38.2024.08.30.14.30.07
 for <72799@debbugs.gnu.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 30 Aug 2024 14:30:08 -0700 (PDT)
From: Rodion Goritskov <rodion.goritskov@gmail.com>
In-Reply-To: <cover.1724546078.git.ashish.is@lostca.se> (ashish is's message
 of "Sun, 25 Aug 2024 00:34:50 +0000")
References: <cover.1724546078.git.ashish.is@lostca.se>
Date: Sat, 31 Aug 2024 01:30:05 +0400
Message-ID: <87r0a5aeci.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi!

Patches apply and build fine.

However, it looks like ffmpeg-4 and ffmpeg-6 triggers lots (~1000 for
ffmpeg-4 and ~700 for ffmpeg-6) package rebuilds.
ffmpeg-5 is fine, only 12 packages to be rebuild.

Maybe ffmpeg-4 and ffmpeg-6 should be grafted (these CVEs looks scary) and patches for them send
in the separate branch?

Need some experienced maintainers to understand how it should be resolved.




From unknown Fri Aug 15 18:13:05 2025
MIME-Version: 1.0
X-Mailer: MIME-tools 5.505 (Entity 5.505)
X-Loop: help-debbugs@gnu.org
From: help-debbugs@gnu.org (GNU bug Tracking System)
To: ashish.is@lostca.se
Subject: bug#72799: closed (Re: [bug#72799] [PATCH 0/3] ffmpeg updates
 [fixes CVE-2024-7055, CVE-2024-7272])
Message-ID: <handler.72799.D72799.173141344915335.notifdone@debbugs.gnu.org>
References: <871pzg4ps1.fsf@gmail.com>
 <cover.1724546078.git.ashish.is@lostca.se>
X-Gnu-PR-Message: they-closed 72799
X-Gnu-PR-Package: guix-patches
X-Gnu-PR-Keywords: security patch
Reply-To: 72799@debbugs.gnu.org
Date: Tue, 12 Nov 2024 12:11:03 +0000
Content-Type: multipart/mixed; boundary="----------=_1731413463-15361-1"

This is a multi-part message in MIME format...

------------=_1731413463-15361-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Your bug report

#72799: [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272]

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 72799@debbugs.gnu.org.

--=20
72799: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D72799
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

------------=_1731413463-15361-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at 72799-done) by debbugs.gnu.org; 12 Nov 2024 12:10:49 +0000
Received: from localhost ([127.0.0.1]:60970 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1tApjN-0003zH-D6
	for submit@debbugs.gnu.org; Tue, 12 Nov 2024 07:10:49 -0500
Received: from mail-pg1-f177.google.com ([209.85.215.177]:54635)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1tApjL-0003z1-EU
 for 72799-done@debbugs.gnu.org; Tue, 12 Nov 2024 07:10:47 -0500
Received: by mail-pg1-f177.google.com with SMTP id
 41be03b00d2f7-7ee11ff7210so4160906a12.1
 for <72799-done@debbugs.gnu.org>; Tue, 12 Nov 2024 04:10:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1731413382; x=1732018182; darn=debbugs.gnu.org;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=C5yoiCIbnfYVqtuOhaA52xkhwb/jYzZ8B6R0nk+AxS8=;
 b=KPmvKb4BKEpTqMvGEBSuN8QdreclfltLMGpV0PlUAErXU6b4VT0YwnoH0cIwTx1qTq
 XQgpJbAf9sq7dArcna28Ns7PNHA77QYmlwe3lOlslKZHLrZpXPOoV9sPAAGNoI8TLgOk
 nD21Mi8R+PrjnyUtXkv/eKqiZO8lQGi/B6m4Uwmq3XAmhUoXcP3pxLuLmZEE+FksHf48
 vn+8O+yVfTMi4UR6ACzlgmD3cuOIxLYYJ8Oa2pqTFiKs9DT9SyGoORzMIOhw55cG2cq2
 bNb5xT/L/UAl02uROSQd9USWYQ+IE4/JlSOcyYIYiF78DJCveDLO2P8uzKumHYdhG+S3
 Crmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1731413382; x=1732018182;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=C5yoiCIbnfYVqtuOhaA52xkhwb/jYzZ8B6R0nk+AxS8=;
 b=eD/iZQrkVGMMRegD7NXCZmvSxaGzT2GaHfQHCvnK2k0mR43yrycY2wXBZSTja5Ipyf
 E5Lo/S2oxaYn+/m7UbMvVQbEms7fcIM83D6lOv9Hqrd8SqrE14BpRu1oe4kqjhJEo9aT
 qIReFfTpovzf/fyphUdiRvezvP2KxljC4oNd2ba1LLJdnzS4fed4yzt9LEWNfx2FcU/R
 upvjCC/lgOlMeVldV8ScQy4lZpSHLRGqNH4xbznx4DVao2+4AhkD6fnqzYEv5qDZqSGT
 uW7vP9fy4WHCBIXmjH0wtDlcJZdODvroYSQUxZV7hsreLaR/1kbrQA64Jxsh6N9ZURlu
 Hs3A==
X-Gm-Message-State: AOJu0Ywifo0g5kUjsUiuudqDXEOpa3aSMYPOFq1xzP6v/Hi19iNeCg4E
 lSL6bLZx0LJlWAFxFULqrkm+43GjDiLM2tih38MbHt/9YyNL4QSHSRRFxSxp
X-Google-Smtp-Source: AGHT+IEPdHWlVvnvudDmWpqe80Zo+AS83L2PLwQxJAWi8L2kA7E5px/aZCGz3drmwm1JlwrfaFg0sg==
X-Received: by 2002:a05:6a21:339a:b0:1db:ec3e:c959 with SMTP id
 adf61e73a8af0-1dc2292f6fcmr23233217637.10.1731413381732; 
 Tue, 12 Nov 2024 04:09:41 -0800 (PST)
Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89])
 by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-72407860a37sm10906286b3a.30.2024.11.12.04.09.39
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 12 Nov 2024 04:09:41 -0800 (PST)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Rodion Goritskov <rodion.goritskov@gmail.com>
Subject: Re: [bug#72799] [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055,
 CVE-2024-7272]
In-Reply-To: <87r0a5aeci.fsf@gmail.com> (Rodion Goritskov's message of "Sat,
 31 Aug 2024 01:30:05 +0400")
References: <cover.1724546078.git.ashish.is@lostca.se>
 <87r0a5aeci.fsf@gmail.com>
Date: Tue, 12 Nov 2024 21:09:34 +0900
Message-ID: <871pzg4ps1.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 72799-done
Cc: 72799-done@debbugs.gnu.org, ashish.is@lostca.se
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hello,

Rodion Goritskov <rodion.goritskov@gmail.com> writes:

> Hi!
>
> Patches apply and build fine.
>
> However, it looks like ffmpeg-4 and ffmpeg-6 triggers lots (~1000 for
> ffmpeg-4 and ~700 for ffmpeg-6) package rebuilds.
> ffmpeg-5 is fine, only 12 packages to be rebuild.
>
> Maybe ffmpeg-4 and ffmpeg-6 should be grafted (these CVEs looks scary) and patches for them send
> in the separate branch?
>
> Need some experienced maintainers to understand how it should be resolved.

It would have been better to build on a topic branch, but I've opted to
take a shortcut here and push directly to master for this time.

Closing!

-- 
Thanks,
Maxim


------------=_1731413463-15361-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by debbugs.gnu.org; 25 Aug 2024 00:38:17 +0000
Received: from localhost ([127.0.0.1]:42004 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1si1Gq-0000fH-Rk
	for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:17 -0400
Received: from lists.gnu.org ([209.51.188.17]:47928)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ashish.is@lostca.se>) id 1si1Gp-0000f9-62
 for submit@debbugs.gnu.org; Sat, 24 Aug 2024 20:38:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>)
 id 1si1G1-0004Nl-Gs
 for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400
Received: from anamika.lostca.se ([65.21.75.227])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <ashish.is@lostca.se>)
 id 1si1Fz-00029g-QA
 for guix-patches@gnu.org; Sat, 24 Aug 2024 20:37:25 -0400
Received: from localhost.localdomain (poincare.inet6.in
 [IPv6:2a0a:4cc0:1:12d4::1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested) (Authenticated sender: abbe)
 by anamika.lostca.se (Postfix) with ESMTPSA id 6300D24AF2;
 Sun, 25 Aug 2024 00:37:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lostca.se; s=anamika; 
 t=1724546229;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=d6y78MtttsNYlttEf37hder9lGwsgXD4SwK0Et575mA=;
 b=s5xNWabowBCc3tCPy+gXzXRFT4ct2l4BjLFxSlW1EmhPZMjdVmme2GKWVT3ihJ8WkJO7wt
 t5FYvFnKwZV+kbeK6djSgO0cD7cS8Z22uqb9+OfBcCY118HT4x6dzNETM9W7KmJmYlFB1q
 acWMJuxK4RPJMiYbQWKPISbM57VK9R8=
From: ashish.is@lostca.se
To: guix-patches@gnu.org
Subject: [PATCH 0/3] ffmpeg updates [fixes CVE-2024-7055, CVE-2024-7272]
Date: Sun, 25 Aug 2024 00:34:50 +0000
Message-ID: <cover.1724546078.git.ashish.is@lostca.se>
X-Mailer: git-send-email 2.46.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=65.21.75.227; envelope-from=ashish.is@lostca.se;
 helo=anamika.lostca.se
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-Debbugs-Envelope-To: submit
Cc: Ashish SHUKLA <ashish.is@lostca.se>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

From: Ashish SHUKLA <ashish.is@lostca.se>

Hi,

Attached series of patches updates ffmpeg to latest versions which fixes
following vulnerabilities:

CVE-2024-7055
CVE-2024-7272

Thanks!

Ashish SHUKLA (3):
  gnu: ffmpeg: Update to 6.1.2 [fixes CVE-2024-7055].
  gnu: ffmpeg-5: Update to 5.1.6 [fixes CVE-2024-7055, CVE-2024-7272].
  gnu: ffmpeg-4: Update to 4.4.5 [fixes CVE-2024-7055].

 gnu/packages/video.scm | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)


base-commit: f25ea6847fa4eb1bc0a6bfb965e145b94f20a6f8
-- 
2.46.0




------------=_1731413463-15361-1--