MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 12:59:02 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

ffmpeg: fix CVE-2025-1373

Browse Source 
CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been
marked as "fixed-version".

(From OE-Core rev: 0ffe159d9a4ee434b4c995e1ca9a85b01e0a5d05)

Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Colin Pinnell McAllister 2025-06-16 10:49:34 -05:00 committed by Steve Sakoman
parent a34f20b224
commit ab1c25d1f5
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.2.bb
View File

@ -55,6 +55,10 @@ SRC_URI[sha256sum] = "3b624649725ecdc565c903ca6643d41f33bd49239922e45c9b1442c63d
CVE_STATUS[CVE-2023-39018] = "cpe-incorrect: This issue belongs to ffmpeg-cli-wrapper \
(Java wrapper around the FFmpeg CLI) and not ffmepg itself."
# Introduced: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/19f7dae81ab2c19643b97da7556383ee3f721e78
# Fixed: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
CVE_STATUS[CVE-2025-1373] = "fixed-version: Vulnerable code not present in any release"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET:armv4 = "arm"
ARM_INSTRUCTION_SET:armv5 = "arm"