From a18a302dba4acc867e92abc0856cb0f5fce6d8a8 Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Thu, 6 Mar 2025 06:59:23 +0000 Subject: [PATCH] ffmpeg: Correct the CVE ID to fix CVE-2025-22919 A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. (From OE-Core rev: bf0ad79c46d8a01aafc91620ddf415749aa8849a) Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- .../ffmpeg/{CVE-2025-25471.patch => CVE-2025-22919.patch} | 2 +- meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-multimedia/ffmpeg/ffmpeg/{CVE-2025-25471.patch => CVE-2025-22919.patch} (98%) diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25471.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch similarity index 98% rename from meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25471.patch rename to meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch index 6af01b298f..f895576de3 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25471.patch +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch @@ -10,7 +10,7 @@ Fixes ticket #11385. Signed-off-by: James Almer -CVE: CVE-2025-25471 +CVE: CVE-2025-22919 Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1446e37d3d032e1452844778b3e6ba2c20f0c322] diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb index 06ca65a480..3d766c3fc7 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb @@ -48,7 +48,7 @@ SRC_URI = " \ file://CVE-2024-36619.patch \ file://CVE-2024-35369.patch \ file://CVE-2025-25473.patch \ - file://CVE-2025-25471.patch \ + file://CVE-2025-22919.patch \ file://CVE-2025-22921.patch \ file://CVE-2025-0518.patch \ "