mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 03:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

ffmpeg: ignore CVE-2023-6603

Browse Source 
Per [1] this CVE is fixed by [2] which is available in version 5.0, so
version 5.0.3 is not vulnerable anymore.

[1] https://security-tracker.debian.org/tracker/CVE-2023-6603
[2] 28c83584e8

(From OE-Core rev: dcfd5672474f7a9bf7913c0f0e35f7c40bb685c4)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
2025-10-08 21:49:58 +02:00
committed by Steve Sakoman
parent c95f2e55ac
commit 5d1ccbd52f
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
View File

@@ -101,6 +101,10 @@ CVE_CHECK_IGNORE += "CVE-2022-3109"
# bugfix: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/481e81be1271ac9a0124ee615700390c2371bd89
CVE_CHECK_IGNORE += "CVE-2022-3341"
# This vulnerability was fixed in 5.0
# bugfix: https://github.com/FFmpeg/FFmpeg/commit/28c83584e8f3cd747c1476a74cc2841d3d1fa7f3
CVE_CHECK_IGNORE += "CVE-2023-6603"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET:armv4 = "arm"
ARM_INSTRUCTION_SET:armv5 = "arm"