diff mbox series

[kirkstone] ffmpeg: Whitelist CVE-2023-46407

Message ID 20240607123500.127317-1-nikhil.r@kpit.com
State New
Headers show
Series [kirkstone] ffmpeg: Whitelist CVE-2023-46407 | expand

Commit Message

Nikhil R June 7, 2024, 12:35 p.m. UTC 
Whitelist CVE-2023-46407 as Vulnerable code
introduced later than 5.0.1 version

Introduced by:
https://github.com/FFmpeg/FFmpeg/commit/f7ac3512f5b5cb8eb149f37300b43461d8e93af3

Debian link: https://security-tracker.debian.org/tracker/CVE-2023-46407

Signed-off-by: Nikhil R <nikhil.r@kpit.com>
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 4 ++++
 1 file changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
index 1295d5cdf1..c0121edc7d 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
@@ -39,6 +39,10 @@  SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a
 # https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018
 CVE_CHECK_IGNORE += "CVE-2023-39018"
 
+# CVE-2023-46407 was introduced in 6.1 version of ffmpeg
+# Vulnerable code introduced later than 5.0.1 Version
+CVE_CHECK_IGNORE += "CVE-2023-46407"
+
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET:armv4 = "arm"
 ARM_INSTRUCTION_SET:armv5 = "arm"