From 5d1ccbd52f6daf39c9913f5b4601f5de983e2799 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Wed, 8 Oct 2025 21:49:58 +0200
Subject: [PATCH] ffmpeg: ignore CVE-2023-6603

Per [1] this CVE is fixed by [2] which is available in version 5.0, so
version 5.0.3 is not vulnerable anymore.

[1] https://security-tracker.debian.org/tracker/CVE-2023-6603
[2] https://github.com/FFmpeg/FFmpeg/commit/28c83584e8f3cd747c1476a74cc2841d3d1fa7f3

(From OE-Core rev: dcfd5672474f7a9bf7913c0f0e35f7c40bb685c4)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
index a46cb3480a..d64b97e787 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -101,6 +101,10 @@ CVE_CHECK_IGNORE += "CVE-2022-3109"
 # bugfix: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/481e81be1271ac9a0124ee615700390c2371bd89
 CVE_CHECK_IGNORE += "CVE-2022-3341"
 
+# This vulnerability was fixed in 5.0
+# bugfix: https://github.com/FFmpeg/FFmpeg/commit/28c83584e8f3cd747c1476a74cc2841d3d1fa7f3
+CVE_CHECK_IGNORE += "CVE-2023-6603"
+
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET:armv4 = "arm"
 ARM_INSTRUCTION_SET:armv5 = "arm"