summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2025-02-20 19:34:15 +0100
committerSteve Sakoman <steve@sakoman.com>2025-02-28 06:51:35 -0800
commit3a97af18b149965e4c574f548d1425abf0f15e23 (patch)
treea5234b592d18d783e642a4c3b95ad895f0449c6f /meta
parentbe7617de69592027c36188460cfefb0df4eb6034 (diff)
downloadpoky-3a97af18b149965e4c574f548d1425abf0f15e23.tar.gz
ffmpeg: ignore 5 CVEs
There is no release which is vulnerable to these CVEs. These vulnerabilities are in new features being developed and were fixed before release. NVD most likely does not accept CVE rejection from a non-maintainer and non-reporter, so ignoring this CVE should be acceptable solution. (From OE-Core rev: 220a05e27913bf838881c3f22a17d0409c5154a9) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb18
1 files changed, 18 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
index b5b11496f4..bded23bc35 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
@@ -57,6 +57,24 @@ SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a
57# https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018 57# https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018
58CVE_CHECK_IGNORE += "CVE-2023-39018" 58CVE_CHECK_IGNORE += "CVE-2023-39018"
59 59
60# There is no release which is vulnerable to these CVEs
61# These vulnerabilities are in new features being developed and fixed before releasing them
62# feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e
63# bugfix: https://github.com/FFmpeg/FFmpeg/commit/bf814387f42e9b0dea9d75c03db4723c88e7d962
64CVE_CHECK_IGNORE += "CVE-2023-46407"
65# feature (evc parser): https://github.com/FFmpeg/FFmpeg/commit/34e4f18360c4ecb8e5979cab8f389478d8cd7819
66# bugfix: https://github.com/FFmpeg/FFmpeg/commit/4565747056a11356210ed8edcecb920105e40b60
67CVE_CHECK_IGNORE += "CVE-2023-47470"
68# feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e
69# bugfix: https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5
70CVE_CHECK_IGNORE += "CVE-2024-22860"
71# feature (oqs audio decoder): https://github.com/FFmpeg/FFmpeg/commit/7ef9d31071021c05e6b792af3f25b7b9ceaa9258
72# bugfix: https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce
73CVE_CHECK_IGNORE += "CVE-2024-22861"
74# feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e
75# bugfix: https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7
76CVE_CHECK_IGNORE += "CVE-2024-22862"
77
60# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 78# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
61ARM_INSTRUCTION_SET:armv4 = "arm" 79ARM_INSTRUCTION_SET:armv4 = "arm"
62ARM_INSTRUCTION_SET:armv5 = "arm" 80ARM_INSTRUCTION_SET:armv5 = "arm"