mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 12:32:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2b0ffbd78a9f36e2f9b635ee7314656eaee364d
poky/meta/recipes-multimedia
History
Peter Marko 4839ceefde libtheora: mark CVE-2024-56431 as not vulnerable yet 
CVE patch [1] aplies only on main branch which is base for 1.2.x.
Branch 1.1 has a different initial commit and does not contain
vulnerable code where the CVE patch applies.

Also Debian [2] marked 1.1 as not vulnerable.

[1] 5665f86b8f
[2] https://security-tracker.debian.org/tracker/CVE-2024-56431

(From OE-Core rev: b9d75be7bc2eaa88a280d52ee0fff322e56d52e2)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>

Picked from scarthgap commit 07f35d022b88ab4d297d0252f9909e252b7e4cfe
Reworked from CVE_STATUS to CVE_CHECK_IGNORE

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:17 +01:00
..
alsa
alsa-lib: patch CVE-2026-25068
2026-03-20 09:55:32 +00:00
ffmpeg
ffmpeg: patch CVE-2025-10256
2026-03-20 09:55:32 +00:00
flac
flac: patch seeking bug
2025-12-01 06:50:49 -08:00
gstreamer
gstreamer1.0: ignore CVE-2025-2759
2025-10-14 07:20:35 -07:00
lame
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
liba52
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libogg
libogg: upgrade 1.3.4 -> 1.3.5
2021-06-12 22:54:14 +01:00
libomxil
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpng
libpng: patch CVE-2026-25646
2026-02-27 15:54:02 +00:00
libsamplerate
libsamplerate0: update 0.1.9 -> 0.2.2
2021-11-21 11:05:01 +00:00
libsndfile
libsndfile1: Backport fix for CVE-2022-33065
2025-01-09 08:41:03 -08:00
libtheora
libtheora: mark CVE-2024-56431 as not vulnerable yet
2026-04-10 11:53:17 +01:00
libtiff
tiff: set status of CVE-2025-61145 as fixed by patch for CVE-2025-8961
2026-03-20 09:55:32 +00:00
libvorbis
meta: fix some unresponsive homepages and bugtracker links
2020-10-30 13:22:48 +00:00
mpeg2dec
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
mpg123
mpg123: fix CVE-2024-10573
2025-03-19 07:13:17 -07:00
pulseaudio
pulseaudio: ignore CVE-2024-11586
2025-10-14 07:20:35 -07:00
sbc
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
speex
speex: fix CVE-2020-23903
2022-01-17 11:49:12 +00:00
webp
libwebp: Fix CVE-2023-4863
2023-11-14 06:49:11 -10:00
x264
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00