From: aszh07 <[email protected]> Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".
However, there are also vulnerabilities where the product is "libswresample", and "libavcodec" as shown below. https://app.opencve.io/vendors/?vendor=ffmpeg Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities where the product is "libswresample libavcodec" as well. Signed-off-by: aszh07 <[email protected]> Signed-off-by: Mathieu Dubois-Briand <[email protected]> Signed-off-by: Richard Purdie <[email protected]> (cherry picked from commit 9684eba5c543de229108008e29afd1dd021a9799) Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb index 3c66851b8d..bb6b71735c 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_7.0.2.bb @@ -183,3 +183,5 @@ FILES:libpostproc = "${libdir}/libpostproc${SOLIBS}" FILES:libswresample = "${libdir}/libswresample${SOLIBS}" FILES:libswscale = "${libdir}/libswscale${SOLIBS}" FILES:${PN}-examples = "${datadir}/${PN}/examples" + +CVE_PRODUCT = "ffmpeg libswresample libavcodec" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#206779): https://lists.openembedded.org/g/openembedded-core/message/206779 Mute This Topic: https://lists.openembedded.org/mt/109424757/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
