[OE-core][master][PATCH] ffmpeg: Add "libswresample libavcodec" to CVE_PRODUCT

aszh07 Wed, 16 Oct 2024 22:32:24 -0700

Currently, CVE_PRODUCT only detects vulnerabilities where the product is 
"ffmpeg".


However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg

Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect 
vulnerabilities
where the product is "libswresample libavcodec" as well.

Signed-off-by: aszh07 <mail2sza...@gmail.com>
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb 
b/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb
index af66104ebf..4a7d67ea09 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb
@@ -181,3 +181,5 @@ FILES:libpostproc = "${libdir}/libpostproc${SOLIBS}"
 FILES:libswresample = "${libdir}/libswresample${SOLIBS}"
 FILES:libswscale = "${libdir}/libswscale${SOLIBS}"
 FILES:${PN}-examples = "${datadir}/${PN}/examples"
+
+CVE_PRODUCT = "ffmpeg libswresample libavcodec"
-- 
2.17.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#205982): 
https://lists.openembedded.org/g/openembedded-core/message/205982
Mute This Topic: https://lists.openembedded.org/mt/109058863/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][master][PATCH] ffmpeg: Add "libswresample libavcodec" to CVE_PRODUCT

Reply via email to