diff mbox series

[meta-multimedia,kirkstone,1/2] rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed

Message ID 20251115182934.1263398-1-skandigraun@gmail.com
State New
Headers show
Series [meta-multimedia,kirkstone,1/2] rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed | expand

Commit Message

Gyorgy Sarvari Nov. 15, 2025, 6:29 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

This CVE is marked as fixed by Debian.
Extracting Debian jessie Debian sources [1] shows 4 commits uses for
backports. All these commits are already included in current hash
([2]-[5]).

../tmp/work/core2-64-poky-linux/rtmpdump/2.4/git$ git log | grep 'commit \(10b580aabcec1621b25518271ba1ab2b018be88e\|...\|4312322107a94c81d3ec5b98f91bc6b923551dc5\)'
commit 530f9bb2a02a78c1198fb2bf0293a12d225e4691
commit 4312322107a94c81d3ec5b98f91bc6b923551dc5
commit 39ec7eda489717d503bc4cbfaa591c93205695b6
commit 10b580aabcec1621b25518271ba1ab2b018be88e

[1] https://snapshot.debian.org/archive/debian/20170704T094954Z/pool/main/r/rtmpdump/rtmpdump_2.4%2B20150115.gita107cef-1%2Bdeb8u1.debian.tar.xz
[2] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/10b580aabcec1621b25518271ba1ab2b018be88e
[3] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/39ec7eda489717d503bc4cbfaa591c93205695b6
[4] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/530f9bb2a02a78c1198fb2bf0293a12d225e4691
[5] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/4312322107a94c81d3ec5b98f91bc6b923551dc5

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d7758a8d0cf509e2d8db941ca4fd855c39beaafb)

Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)
I have performed the above verification with the Kirkstone revision successfully.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb b/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb
index aa92c58808..fab07c1416 100644
--- a/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb
+++ b/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb
@@ -14,6 +14,9 @@  SRC_URI = " \
 
 S = "${WORKDIR}/git"
 
+# fixed-version: patched in current git hash
+CVE_CHECK_IGNORE += "CVE-2015-8270 CVE-2015-8271 CVE-2015-8272"
+
 inherit autotools-brokensep
 
 EXTRA_OEMAKE = " \