]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 220a05e)
ffmpeg: ignore CVE-2024-7272
authorPeter Marko <peter.marko@siemens.com>
Thu, 20 Feb 2025 18:34:16 +0000 (19:34 +0100)
committerSteve Sakoman <steve@sakoman.com>
Mon, 24 Feb 2025 14:54:05 +0000 (06:54 -0800)
This vulnerability was introduced in 5.1, so 5.0.1 is not affected.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb patch | blob | blame | history

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
index bded23bc3585675c2f47887219d928fc622b7e54..900545a5f0a045a050e034149d9dff52ee77a786 100644 (file)
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
@@ -75,6 +75,11 @@ CVE_CHECK_IGNORE += "CVE-2024-22861"
 # bugfix: https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7
 CVE_CHECK_IGNORE += "CVE-2024-22862"
 
+# This vulnerability was introduced in 5.1 and fixed in 5.2 (backported also to 5.1.6), so 5.0.x is not affected
+# introduced: https://github.com/FFmpeg/FFmpeg/commit/8a5896ec1f635ccf0d726f7ba7a06649ebeebf25
+# bugfix: https://github.com/FFmpeg/FFmpeg/commit/9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6
+CVE_CHECK_IGNORE += "CVE-2024-7272"
+
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET:armv4 = "arm"
 ARM_INSTRUCTION_SET:armv5 = "arm"
Mirror of git://git.openembedded.org/openembedded-core-contrib