]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cbe8929) | patch
ffmpeg: fix CVE-2024-35369
authorArchana Polampalli <archana.polampalli@windriver.com>
Fri, 21 Feb 2025 06:03:06 +0000 (06:03 +0000)
committerSteve Sakoman <steve@sakoman.com>
Mon, 24 Feb 2025 14:54:05 +0000 (06:54 -0800)
commit3efef582892a5a9286041837098b80aa59d1b688
tree809fa347421c0115a77578278843d20e06fdc279tree | snapshot
parentcbe8929662f8ea873a3686517516bc5754a3cd18commit | diff
ffmpeg: fix CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module,
a potential security vulnerability exists due to insufficient validation of
certain parameters when parsing Speex codec extradata. This vulnerability
could lead to integer overflow conditions, potentially resulting in undefined
behavior or crashes during the decoding process.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35369.patch [new file with mode: 0644] blob
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib