diff mbox series

[meta-multimedia,scarthgap] libavif: ignore CVE-2025-48175

Message ID 20251014204642.1483646-1-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-multimedia,scarthgap] libavif: ignore CVE-2025-48175 | expand

Commit Message

Ankur Tyagi Oct. 14, 2025, 8:46 p.m. UTC 
CVE-2025-48175 got introduced due to following change which is missing in the current recipe version
https://github.com/AOMediaCodec/libavif/commit/1b4ce5ca24a33b5878b7f766de6eaa05c49f08e6

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 meta-multimedia/recipes-multimedia/libavif/libavif_1.0.1.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-multimedia/recipes-multimedia/libavif/libavif_1.0.1.bb b/meta-multimedia/recipes-multimedia/libavif/libavif_1.0.1.bb
index 885758b6a4..8ddd16ee2a 100644
--- a/meta-multimedia/recipes-multimedia/libavif/libavif_1.0.1.bb
+++ b/meta-multimedia/recipes-multimedia/libavif/libavif_1.0.1.bb
@@ -14,3 +14,5 @@  DEPENDS = "dav1d"
 inherit cmake
 
 EXTRA_OECMAKE += "-DAVIF_CODEC_DAV1D=ON"
+
+CVE_STATUS[CVE-2025-48175] = "cpe-incorrect: The current version (1.0.1) is not affected by the CVE"