On Mon Feb 2, 2026 at 5:08 AM CET, Ankur Tyagi via lists.openembedded.org wrote: > From: Ankur Tyagi <[email protected]> > > Details https://nvd.nist.gov/vuln/detail/CVE-2025-25469 > > This vulnerability exists in IAMF (Immersive Audio Model and Formats demuxer) > which was introduced in version 7.0 [1] > > $ git tag --contains 4ee05182b7cccfa6928dcb0a45c2b50b7d9ea39b > n7.0 > n7.0.1 > n7.0.2 > n7.0.3 > n7.1 > n7.1-dev > n7.1.1 > n7.1.2 > n7.1.3 > n7.2-dev > n8.0 > n8.0.1 > n8.1-dev > > [1] > https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4ee05182b7cccfa6928dcb0a45c2b50b7d9ea39b > > Signed-off-by: Ankur Tyagi <[email protected]> > --- > meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb | 2 ++ > 1 file changed, 2 insertions(+)
Hello, Thank you for the patch, I reviewed it and I'm OK with it. Can I ask you to contact NVD to try to get the CPE fixed? Thanks in advance, Regards, -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230581): https://lists.openembedded.org/g/openembedded-core/message/230581 Mute This Topic: https://lists.openembedded.org/mt/117591466/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
