[kirkstone,05/11] ffmpeg: fix for CVE-2022-3965

Message ID	afc21d7fe86d26bf62e56fc611750f89fe73aa1a.1703124430.git.steve@sakoman.com
State	Accepted, archived
Commit	c1f1ab29b5e2911a15b072e7feb0133320bad976
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.160.51, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 05/11] ffmpeg: fix for CVE-2022-3965 Date: Wed, 20 Dec 2023 16:09:05 -1000 Message-Id: <afc21d7fe86d26bf62e56fc611750f89fe73aa1a.1703124430.git.steve@sakoman.com> In-Reply-To: <cover.1703124430.git.steve@sakoman.com> References: <cover.1703124430.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/11] ghostscript: Backport fix for CVE-2023-46751 \| expand [kirkstone,01/11] ghostscript: Backport fix for CVE-2023-46751 [kirkstone,02/11] curl: Fix CVE-2023-46218 [kirkstone,03/11] qemu: Fix CVE-2023-5088 [kirkstone,04/11] ffmpeg: fix for CVE-2022-3964 [kirkstone,05/11] ffmpeg: fix for CVE-2022-3965 [kirkstone,06/11] go: Fix CVE-2023-39326 [kirkstone,07/11] openssh: backport Debian patch for CVE-2023-48795 [kirkstone,08/11] perl: update 5.34.1 -> 5.34.3 [kirkstone,09/11] externalsrc: Ensure SRCREV is processed before accessing SRC_URI [kirkstone,10/11] python3-ptest: skip test_storlines [kirkstone,11/11] testimage: Exclude wtmp from target-dumper commands

Message ID

afc21d7fe86d26bf62e56fc611750f89fe73aa1a.1703124430.git.steve@sakoman.com

State

Accepted, archived

Commit

c1f1ab29b5e2911a15b072e7feb0133320bad976

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 05/11] ffmpeg: fix for CVE-2022-3965
Date: Wed, 20 Dec 2023 16:09:05 -1000
Message-Id: 
 <afc21d7fe86d26bf62e56fc611750f89fe73aa1a.1703124430.git.steve@sakoman.com>
In-Reply-To: <cover.1703124430.git.steve@sakoman.com>
References: <cover.1703124430.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/11] ghostscript: Backport fix for CVE-2023-46751 | expand

Commit Message

Steve Sakoman Dec. 21, 2023, 2:09 a.m. UTC

From: "mark.yang" <mark.yang@lge.com>

Without a CVE tag, It will be recognised as Unpatched by cve_check task.

Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch
index 6e237fdd52..8ebf1f69c4 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch
@@ -5,6 +5,7 @@  Subject: [PATCH] avcodec/smcenc: stop accessing out of bounds frame
 
 Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/13c13109759090b7f7182480d075e13b36ed8edd]
 
+CVE: CVE-2022-3965
 Signed-off-by: <narpat.mali@windriver.com>
 
 ---

[kirkstone,05/11] ffmpeg: fix for CVE-2022-3965

Commit Message

Patch