| Summary: | libsamplerate new security issue CVE-2017-7697 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | herman.viaene, lewyssmith, marja11, mhrambo3501, sysadmin-bugs |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA5-32-OK advisory MGA5-64-OK | ||
| Source RPM: | libsamplerate-0.1.8-5.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2017-04-14 22:39:27 CEST
Assigning to all packagers collectively, since there is no registered maintainer for this package. Assignee:
bugsquad =>
pkg-bugs
David Walser
2017-04-17 22:39:21 CEST
QA Contact:
(none) =>
security Updated package uploaded for Mageia 5. Advisory: ======================== Updated libsamplerate package fixes security vulnerability: It was discovered that libsamplerate contained a global buffer overflow in calc_output_single (CVE-20176-5223). References: http://openwall.com/lists/oss-security/2017/04/12/1 https://blogs.gentoo.org/ago/2017/04/11/libsamplerate-global-buffer-overflow-in-calc_output_single-src_sinc-c/ ======================== Updated packages in core/updates_testing: ======================== lib64samplerate0-0.1.9-1.mga6.x86_64.rpm lib64samplerate-devel-0.1.9-1.mga6.x86_64.rpm libsamplerate-debuginfo-0.1.9-1.mga6.x86_64.rpm libsamplerate-progs-0.1.9-1.mga6.x86_64.rpm from libsamplerate-0.1.9-1.mga5.src.rpm Reproducer: https://github.com/asarubbo/poc/blob/master/00262-libsamplerate-globaloverflow-calc_output_single Assignee:
pkg-bugs =>
qa-bugs MGA5-32 on Asus A6000VM Xfce No installation issues From comments in MCC: Secret Rabbit Code (aka libsamplerate) is a Sample Rate Converter for audio. One example of where such a thing would be useful is converting audio from the CD sample rate of 44.1kHz to the 48kHz sample rate used by DAT players. So at CLI: $ sndfile-resample -to 48000 Zapfenstreich.wav Zapf1.wav Input File : Zapfenstreich.wav Sample Rate : 44100 Input Frames : 8596790 SRC Ratio : 1.088435 Converter : Medium Sinc Interpolator Output file : Zapf1.wav Sample Rate : 48000 Output Frames : 9357051 resulting file is a bit larger than original one, that was to be expected. Plays equally well in Parole. Whiteboard:
(none) =>
MGA5-32-OK Advisory uploaded ex Comment 2; but I corrected the CVE-id in the text to that in the title (which I checked): CVE-2017-7697 CC:
(none) =>
lewyssmith Testing M5 64 bit Needed to install the 'progs' pkg. $ sndfile-resample -h gives useful info; but -by <amount> is not explained. BEFORE the update:- lib64samplerate0-0.1.8-5.mga5 libsamplerate-progs-0.1.8-5.mga5 Tried the PoC and its demonstration given in Comment 2: https://blogs.gentoo.org/ago/2017/04/11/libsamplerate-global-buffer-overflow-in-calc_output_single-src_sinc-c/ https://github.com/asarubbo/poc/blob/master/00262-libsamplerate-globaloverflow-calc_output_single but it did *not* fail as ilustrated in the first link above: $ sndfile-resample -to 24000 -c 1 sampleratePoC out Input File : sampleratePoC Sample Rate : 152690 Input Frames : 38388006656 SRC Ratio : 0.157181 Converter : Medium Sinc Interpolator Output file : out Sample Rate : 24000 Output Frames : 1287 UPDATEd to: - lib64samplerate0-0.1.9-1.mga5.x86_64 - libsamplerate-progs-0.1.9-1.mga5.x86_64 Result with the PoC identical. $ sndfile-resample -to 36000 BachKBconcerto.wav out $ sndfile-resample -to 36000 track1.flac out produced a good output files (listened to with Parole). FWIW: $ sndfile-resample -to 36000 BachKBconcerto.ogg out hogged the processor for a very long time, but finished. However, the output was not good. It does not accept .mp3 files. Update looks good, validating. Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0131.html Status:
NEW =>
RESOLVED |