diff mbox series

[whinlatter,05/19] ffmpeg: ignore 10 CVEs

Message ID a07ebde9d8c0681899fe4de77de4e31359cabdfd.1770968514.git.yoann.congal@smile.fr
State RFC
Delegated to: Yoann Congal
Headers show
Series [whinlatter,01/19] linux-yocto/6.12: update to v6.12.69 | expand

Commit Message

Yoann Congal Feb. 13, 2026, 8:08 a.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

First group of CVEs got a bogus cpe update listing all tags since v7.0.
All CVEs were fixed in v7.0 except CVE-2025-22921 fixed in v8.0.

Second group has date CPE (2025-01-13) instead of version (v8.0).

Signed-off-by: Peter Marko <peter.marko@siemens.com>
(cherry picked from commit dedc9e3fd5e15408ced81a33e4d25c4ea31274fe)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb | 7 +++++++
 1 file changed, 7 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb
index fdc16598d42..1e59bfa33fe 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_8.0.bb
@@ -170,3 +170,10 @@  FILES:libswscale = "${libdir}/libswscale${SOLIBS}"
 FILES:${PN}-examples = "${datadir}/${BPN}/examples"
 
 CVE_PRODUCT = "ffmpeg libswresample libavcodec"
+
+CVE_STATUS_GROUPS = "CVE_STATUS_WRONG_CPE"
+CVE_STATUS_WRONG_CPE = "CVE-2023-51791 CVE-2023-51793 CVE-2023-51794 CVE-2023-51795 CVE-2023-51796 CVE-2023-51797 CVE-2023-51798 CVE-2025-22921"
+CVE_STATUS_WRONG_CPE[status] = "fixed-version: these CVEs are fixed in used version"
+
+CVE_STATUS[CVE-2025-25468] = "fixed-version: these CVEs are fixed since v8.0"
+CVE_STATUS[CVE-2025-25469] = "fixed-version: these CVEs are fixed since v8.0"