Description of the patch:
This update for ffmpeg-4 fixes the following issues
Update to version 4.4.7:
- CVE-2023-6601: HLS Unsafe File Extension Bypass (bsc#1220545).
- CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c
within the libavformat module. When parsing certain options, the software does not adequately validate the i
(bsc#1234030).
- CVE-2025-1594: stack-based buffer overflow in function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of
the component AAC Encoder (bsc#1237561).
- CVE-2025-9951: heap-based buffer overflow in jpeg2000dec (bsc#1249393).
- CVE-2025-10256: NULL pointer dereference in Firequalizer filter (bsc#1249431).
- CVE-2025-63757: accumulation of filtered pixel values can lead to an integer overflow (bsc#1255392).
- CVE-2026-30997: Denial of Service via out-of-bounds read (bsc#1262047).
- CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow (bsc#1262237).