mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-31 00:39:46 +00:00
Code Issues Projects Releases Wiki Activity
Files
yocto-5.0.17
poky/meta/recipes-multimedia
T
History
Ankur Tyagi f7363369bf tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145 
These CVEs are for tools which were removed in v4.6.0[1]

[1]https://gitlab.com/libtiff/libtiff/-/commit/eab89a627f0a65e9a1a47c4b30b4802c80b1ac45

Details:
https://nvd.nist.gov/vuln/detail/CVE-2025-61143
https://nvd.nist.gov/vuln/detail/CVE-2025-61144
https://nvd.nist.gov/vuln/detail/CVE-2025-61145

(From OE-Core rev: e5ec16fbe4ce402b92107d2491c4e08fa2432f1a)

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
[YC: NVD patches for these CVEs only modify the tools which are not in
the tarball we use]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-03-25 17:34:13 +00:00
..
alsa
alsa-lib: patch CVE-2026-25068
2026-02-27 17:45:07 +00:00
ffmpeg
ffmpeg: set status for CVE-2025-12343
2026-03-16 10:22:06 +00:00
flac
gstreamer
lame
liba52
libogg
libomxil
libpng
libpng: patch CVE-2026-25646
2026-02-27 17:45:06 +00:00
libsamplerate
libsndfile
libsndfile1: patch CVE-2025-56226
2026-02-27 17:45:06 +00:00
libtheora
libtheora: mark CVE-2024-56431 as not vulnerable yet
2026-02-27 17:45:07 +00:00
libtiff
tiff: ignore CVE-2025-61143, CVE-2025-61144 and CVE-2025-61145
2026-03-25 17:34:13 +00:00
libvorbis
mpeg2dec
mpg123
pulseaudio
sbc
speex
webp
x264