diff options
| author | Archana Polampalli <archana.polampalli@windriver.com> | 2025-09-05 11:10:44 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-09-12 09:24:24 -0700 |
| commit | e9b1bb75ffed3870c37aa83108f2dc5eb9f1894c (patch) | |
| tree | 5e8484692d2d483de18a18f1583e3db27b310741 /meta/classes/bash-completion.bbclass | |
| parent | 4415ab156050df66020ac4c79ec99b42cbc3b102 (diff) | |
| download | poky-e9b1bb75ffed3870c37aa83108f2dc5eb9f1894c.tar.gz | |
ffmpeg: fix multiple CVEs
CVE-2023-6605:
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET
requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.
CVE-2023-6604:
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load
and storage consumption, potentially leading to degraded performance or denial of service
via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.
CVE-2023-6602:
flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration
via improper parsing of non-TTY-compliant input files in HLS playlists.
(From OE-Core rev: aa68992ddc5744bb4fdbb3a3cd0636b303449be2)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/classes/bash-completion.bbclass')
0 files changed, 0 insertions, 0 deletions