ffmpeg: fix CVE-2025-1373

CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been added to the ignore list. (From OE-Core rev: 99cda92e387ca071c4235c14a137510a4fb481c2) Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-19 21:09:03 +02:00 · 2025-06-16 10:42:02 -05:00 · 2025-06-16 10:42:02 -05:00 · 1f73cf5b98
commit 1f73cf5b98
parent bb706cfe48
1 changed files with 5 additions and 0 deletions
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@ -81,6 +81,11 @@ CVE_CHECK_IGNORE += "CVE-2024-22862"
 # bugfix: https://github.com/FFmpeg/FFmpeg/commit/9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6
 CVE_CHECK_IGNORE += "CVE-2024-7272"
 # Vulnerable code not present in any release
 # introduced: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/19f7dae81ab2c19643b97da7556383ee3f721e78
 # bugfix: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
 CVE_CHECK_IGNORE += "CVE-2025-1373"
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET:armv4 = "arm"
 ARM_INSTRUCTION_SET:armv5 = "arm"