Re: [kirkstone 03/11] ffmpeg: fix for CVE-2022-3109
toggle quoted message Show quoted text
> Not sure why this didn't show up in my testing!
It's shown only when do_patch task is really executed and it doesn't cause the do_patch to fail completely. So it's possible that you've built it once with the warning/error shown and then the next time you were doing the final test for kirkstone it was just re-using ffmpeg from sstate (without the need to re-executed do_patch again).
Maybe we should consider this issue to be fatal for do_fetch when patch-fuzz is in ERROR_QA (I even thought it was working like that at some time).
On Mon, Jan 16, 2023 at 3:32 PM Steve Sakoman <steve@...> wrote:
On Mon, Jan 16, 2023 at 2:00 AM Martin Jansa <martin.jansa@...> wrote: