| Summary: | libvpx new security issue CVE-2012-0823 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, fundawang, sysadmin-bugs, tmb |
| Version: | 1 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823 | ||
| Whiteboard: | |||
| Source RPM: | libvpx-0.9.6-4.mga1.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 4405 | ||
|
Description
David Walser
2012-02-26 02:17:14 CET
David Walser
2012-02-26 02:17:27 CET
Blocks:
(none) =>
4405 Mandriva issued an advisory for this today (February 27): http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023 Funda Wang has updated this for Cauldron, so now only Mageia 1 needs to be taken care of. The Mandriva update patched for this, so we could use the patch instead of updating the version, which will hopefully allow it to be updated without requiring anything to be rebuilt (MDV didn't have to rebuild anything). CC:
(none) =>
fundawang Patched packages uploaded. I don't know if this will be pushed on its own or with the Firefox 10 update, but here's an advisory for this package. Advisory: ======================== Updated libvpx packages fix security vulnerability: VP8 Codec SDK (libvpx) before 1.0.0 Duclair allows remote attackers to cause a denial of service (application crash) via (1) unspecified corrupt input or (2) by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in SPLITMV blocks (CVE-2012-0823). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023 ======================== Updated packages in core/updates_testing: ======================== libvpx0-0.9.7-1.2.mga1 libvpx-devel-0.9.7-1.2.mga1 libvpx-utils-0.9.7-1.2.mga1 from libvpx-0.9.7-1.2.mga1.src.rpm Assignee:
bugsquad =>
qa-bugs Testing x86_64
No PoC so checking webm video in Firefox plays Ok.
Confirmed with strace that Firefox is using lib64vpx0
$ strace -o strace.out firefox
$ grep vpx strace.out
open("/usr/lib64/libvpx.so.0", O_RDONLY) = 4
Testing complete x86_64
Validating the update. Confirmed firefox http://devfiles.myopera.com/articles/1891/sunflower-webm.html shows the video. Could someone from the sysadmin team push the srpm libvpx-0.9.7-1.2.mga1.src.rpm from Core Updates Testing to Core Updates. Updated libvpx packages fix security vulnerability: VP8 Codec SDK (libvpx) before 1.0.0 Duclair allows remote attackers to cause a denial of service (application crash) via (1) unspecified corrupt input or (2) by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in SPLITMV blocks (CVE-2012-0823). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823 http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023 https://bugs.mageia.org/show_bug.cgi?id=4701 Keywords:
(none) =>
validated_update Update pushed. Status:
NEW =>
RESOLVED |