| Summary: | xbmc and kodi new integer overflow security issue (CVE-2015-3885) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | herman.viaene, mageia, sysadmin-bugs |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/644511/ | ||
| Whiteboard: | advisory MGA4-32-OK mga4-64-ok | ||
| Source RPM: | xbmc-12.3-1.1.mga4.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 15910 | ||
| Attachments: | xbmc crashlog | ||
|
Description
David Walser
2015-05-13 16:21:35 CEST
David Walser
2015-05-13 16:21:45 CEST
Whiteboard:
(none) =>
MGA5TOO, MGA4TOO xbmc is building Patched packages uploaded for Mageia 4 and Cauldron. Thanks Nicolas! Advisory: ======================== Updated xbmc package fixes security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpeg_start() function. A maliciously crafted raw image file can be used to trigger the vulnerability, causing a Denial of Service condition (CVE-2015-3885). The xbmc package contains a bundled copy of the affected code and has been patched to fix this issue. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3885 http://www.ocert.org/advisories/ocert-2015-006.html ======================== Updated packages in core/updates_testing: ======================== xbmc-12.3-1.3.mga4 xbmc-eventclients-common-12.3-1.3.mga4 xbmc-eventclients-devel-12.3-1.3.mga4 xbmc-eventclient-wiiremote-12.3-1.3.mga4 xbmc-eventclient-j2me-12.3-1.3.mga4 xbmc-eventclient-ps3-12.3-1.3.mga4 xbmc-eventclient-xbmc-send-12.3-1.3.mga4 from xbmc-12.3-1.3.mga4.src.rpm Version:
Cauldron =>
4
David Walser
2015-05-14 17:36:00 CEST
URL:
(none) =>
http://lwn.net/Vulnerabilities/644511/ MGA4-32 on AcerD620 Xfce No installation issues Plays commercial CD OK try to play self created DVD, which plays OK on parole media player: as soon as entering TS_VIDEO, xfce bombs out At CLI: xbmc Gtk-Message: Failed to load module "canberra-gtk-module" Running DIL (3.22.0) Version DtsDeviceOpen: Opening HW in mode 0 DtsDeviceOpen: Create File Failed libpng warning: iCCP: known incorrect sRGB profile /usr/bin/xbmc: line 123: 11293 Segmentatiefout (core dumped) "$LIBDIR/xbmc/xbmc.bin" "$@" Crash report available at /home/tester4/xbmc_crashlog-20150515_121925.log
claire robinson
2015-05-15 13:15:35 CEST
Attachment 6548 mime type:
text/x-log =>
text/plain Is it a regression Herman? Mga4 has quite an old version now. I see reports of dvd issues elsewhere too for this version and other 12's Tested same DVD with xbmc 12.3-1.1: same crash I think you can add the OK then Herman please if you're happy with the rest of it. Thanks I tried an mpg file, and that makes the new version crash as well (did not check anymore on 1.1), so there isn't much to be happy about. Pictures play OK. Whiteboard:
(none) =>
MGA4-32-OK Testing complete mga4 64 Fed it some avi and mkv and no regression noticed. Whiteboard:
MGA4-32-OK =>
MGA4-32-OK mga4-64-ok Please create a bug report for the DVD/mpg issues you found Herman, if you haven't already. Thanks. Validating. Advisory uploaded. Please push to 4 updates Thanks Keywords:
(none) =>
validated_update An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0230.html Status:
NEW =>
RESOLVED |