diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-02-20 19:34:15 +0100 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-02-28 06:51:35 -0800 |
| commit | 3a97af18b149965e4c574f548d1425abf0f15e23 (patch) | |
| tree | a5234b592d18d783e642a4c3b95ad895f0449c6f /meta | |
| parent | be7617de69592027c36188460cfefb0df4eb6034 (diff) | |
| download | poky-3a97af18b149965e4c574f548d1425abf0f15e23.tar.gz | |
ffmpeg: ignore 5 CVEs
There is no release which is vulnerable to these CVEs.
These vulnerabilities are in new features being developed and were fixed
before release.
NVD most likely does not accept CVE rejection from a non-maintainer and
non-reporter, so ignoring this CVE should be acceptable solution.
(From OE-Core rev: 220a05e27913bf838881c3f22a17d0409c5154a9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb index b5b11496f4..bded23bc35 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | |||
| @@ -57,6 +57,24 @@ SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a | |||
| 57 | # https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018 | 57 | # https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018 |
| 58 | CVE_CHECK_IGNORE += "CVE-2023-39018" | 58 | CVE_CHECK_IGNORE += "CVE-2023-39018" |
| 59 | 59 | ||
| 60 | # There is no release which is vulnerable to these CVEs | ||
| 61 | # These vulnerabilities are in new features being developed and fixed before releasing them | ||
| 62 | # feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e | ||
| 63 | # bugfix: https://github.com/FFmpeg/FFmpeg/commit/bf814387f42e9b0dea9d75c03db4723c88e7d962 | ||
| 64 | CVE_CHECK_IGNORE += "CVE-2023-46407" | ||
| 65 | # feature (evc parser): https://github.com/FFmpeg/FFmpeg/commit/34e4f18360c4ecb8e5979cab8f389478d8cd7819 | ||
| 66 | # bugfix: https://github.com/FFmpeg/FFmpeg/commit/4565747056a11356210ed8edcecb920105e40b60 | ||
| 67 | CVE_CHECK_IGNORE += "CVE-2023-47470" | ||
| 68 | # feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e | ||
| 69 | # bugfix: https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5 | ||
| 70 | CVE_CHECK_IGNORE += "CVE-2024-22860" | ||
| 71 | # feature (oqs audio decoder): https://github.com/FFmpeg/FFmpeg/commit/7ef9d31071021c05e6b792af3f25b7b9ceaa9258 | ||
| 72 | # bugfix: https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce | ||
| 73 | CVE_CHECK_IGNORE += "CVE-2024-22861" | ||
| 74 | # feature (jpeg xl): https://github.com/FFmpeg/FFmpeg/commit/0c0dd23fe1102313742092c4760596971755814e | ||
| 75 | # bugfix: https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7 | ||
| 76 | CVE_CHECK_IGNORE += "CVE-2024-22862" | ||
| 77 | |||
| 60 | # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 | 78 | # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 |
| 61 | ARM_INSTRUCTION_SET:armv4 = "arm" | 79 | ARM_INSTRUCTION_SET:armv4 = "arm" |
| 62 | ARM_INSTRUCTION_SET:armv5 = "arm" | 80 | ARM_INSTRUCTION_SET:armv5 = "arm" |
