Whitelist CVE-2023-46407 as Vulnerable code introduced later than 5.0.1 version
Introduced by: https://github.com/FFmpeg/FFmpeg/commit/f7ac3512f5b5cb8eb149f37300b43461d8e93af3 Debian link: https://security-tracker.debian.org/tracker/CVE-2023-46407 Signed-off-by: Nikhil R <nikhi...@kpit.com> --- meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb index 1295d5cdf1..c0121edc7d 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb @@ -39,6 +39,10 @@ SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a # https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018 CVE_CHECK_IGNORE += "CVE-2023-39018" +# CVE-2023-46407 was introduced in 6.1 version of ffmpeg +# Vulnerable code introduced later than 5.0.1 Version +CVE_CHECK_IGNORE += "CVE-2023-46407" + # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 ARM_INSTRUCTION_SET:armv4 = "arm" ARM_INSTRUCTION_SET:armv5 = "arm" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#200439): https://lists.openembedded.org/g/openembedded-core/message/200439 Mute This Topic: https://lists.openembedded.org/mt/106541841/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
