From: Pawan <badganch...@gmail.com> Notice that it references different CVE id: https://nvd.nist.gov/vuln/detail/CVE-2023-5129 which was marked as a rejected duplicate of: https://nvd.nist.gov/vuln/detail/CVE-2023-4863 but it's the same issue. Hence update CVE ID CVE-2023-4863 to CVE-2023-5129.patch.
Signed-off-by: Pawan <badganch...@gmail.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- meta/recipes-multimedia/webp/files/CVE-2023-5129.patch | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch b/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch index eb77e193c2..ffff068c56 100644 --- a/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch +++ b/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch @@ -12,9 +12,16 @@ codes) streams are still decodable. Bug: chromium:1479274 Change-Id: I31c36dbf3aa78d35ecf38706b50464fd3d375741 -CVE: CVE-2023-5129 +Notice that it references different CVE id: +https://nvd.nist.gov/vuln/detail/CVE-2023-5129 +which was marked as a rejected duplicate of: +https://nvd.nist.gov/vuln/detail/CVE-2023-4863 +but it's the same issue. Hence update CVE ID CVE-2023-4863 + +CVE: CVE-2023-5129 CVE-2023-4863 Upstream-Status: Backport [https://github.com/webmproject/libwebp/commit/2af26267cdfcb63a88e5c74a85927a12d6ca1d76] Signed-off-by: Colin McAllister <colinmca...@gmail.com> +Signed-off-by: Pawan Badganchi <pawan.badgan...@kpit.com> --- src/dec/vp8l_dec.c | 46 ++++++++++--------- src/dec/vp8li_dec.h | 2 +- -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#189355): https://lists.openembedded.org/g/openembedded-core/message/189355 Mute This Topic: https://lists.openembedded.org/mt/102024333/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-