+++ This bug was initially created as a clone of Bug #14042 +++ These issues were fixed in 1.2.9, 2.0.6, 2.2.9, and 2.4.2. The bundled avidemux will need to be updated to 1.2.10 in Mageia 4.
Updated package currently building for Mageia 4. Cauldron was updated today.
Depends on: 14042 => (none)Source RPM: ffmpeg-2.0.5-1.mga4.src.rpm => avidemux-2.6.6-2.1.mga4.src.rpm
Updated package uploaded for Mageia 4. Note that there are both core and tainted builds for this package. Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=13643#c8 Advisory: ======================== Updated avidemux packages fix security vulnerabilities: A heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFmpeg before 1.2.9 can cause a crash, allowing a malicious image file to cause a denial of service (CVE-2014-5271). libavcodec/iff.c in FFmpeg before 1.2.9 allows an attacker to have an unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats (CVE-2014-5272). libavcodec/mjpegdec.c in FFmpeg before 1.2.9 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data (CVE-2014-8541). libavcodec/utils.c in FFmpeg before 1.2.9 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data (CVE-2014-8542). libavcodec/mmvideo.c in FFmpeg before 1.2.9 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data (CVE-2014-8543). libavcodec/tiff.c in FFmpeg before 1.2.9 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data (CVE-2014-8544). libavcodec/pngdec.c in FFmpeg before 1.2.9 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data (CVE-2014-8545). Integer underflow in libavcodec/cinepak.c in FFmpeg before 1.2.9 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data (CVE-2014-8546). libavcodec/gifdec.c in FFmpeg before 1.2.9 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data (CVE-2014-8547). Off-by-one error in libavcodec/smc.c in FFmpeg before 1.2.9 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data (CVE-2014-8548). Avidemux built with a bundled set of FFmpeg libraries. The bundled FFmpeg version have been updated from 1.2.7 to 1.2.10 to fix these security issues and other bugs fixed upstream in FFmpeg. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5271 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5272 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8541 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8542 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8544 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8545 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8547 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8548 http://git.videolan.org/?p=ffmpeg.git;a=log;h=n2.0.6 http://ffmpeg.org/download.html http://ffmpeg.org/security.html http://openwall.com/lists/oss-security/2014/08/16/6 ======================== Updated packages in {core,tainted}/updates_testing: ======================== libavidemux-2.6.6-2.2.mga4 avidemux-devel-2.6.6-2.2.mga4 from avidemux-2.6.6-2.2.mga4.src.rpm
Assignee: bugsquad => qa-bugsWhiteboard: (none) => has_procedure
Oops, reposting the previous comment, fixing an error in the References. Updated package uploaded for Mageia 4. Note that there are both core and tainted builds for this package. Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=13643#c8 Advisory: ======================== Updated avidemux packages fix security vulnerabilities: A heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFmpeg before 1.2.9 can cause a crash, allowing a malicious image file to cause a denial of service (CVE-2014-5271). libavcodec/iff.c in FFmpeg before 1.2.9 allows an attacker to have an unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats (CVE-2014-5272). libavcodec/mjpegdec.c in FFmpeg before 1.2.9 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data (CVE-2014-8541). libavcodec/utils.c in FFmpeg before 1.2.9 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data (CVE-2014-8542). libavcodec/mmvideo.c in FFmpeg before 1.2.9 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data (CVE-2014-8543). libavcodec/tiff.c in FFmpeg before 1.2.9 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data (CVE-2014-8544). libavcodec/pngdec.c in FFmpeg before 1.2.9 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data (CVE-2014-8545). Integer underflow in libavcodec/cinepak.c in FFmpeg before 1.2.9 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data (CVE-2014-8546). libavcodec/gifdec.c in FFmpeg before 1.2.9 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data (CVE-2014-8547). Off-by-one error in libavcodec/smc.c in FFmpeg before 1.2.9 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data (CVE-2014-8548). Avidemux built with a bundled set of FFmpeg libraries. The bundled FFmpeg version have been updated from 1.2.7 to 1.2.10 to fix these security issues and other bugs fixed upstream in FFmpeg. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5271 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5272 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8541 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8542 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8544 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8545 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8547 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8548 http://git.videolan.org/?p=ffmpeg.git;a=log;h=n1.2.10 http://ffmpeg.org/download.html http://ffmpeg.org/security.html http://openwall.com/lists/oss-security/2014/08/16/6 ======================== Updated packages in {core,tainted}/updates_testing: ======================== libavidemux-2.6.6-2.2.mga4 avidemux-devel-2.6.6-2.2.mga4 from avidemux-2.6.6-2.2.mga4.src.rpm
Tested on Mageia4-64 on HP6555b I was able to load a 1.7Gb mpg file in avidemux and play it without problems. Saved to avi, resulting file plays OK. Used CLI to convert mgp to mp4: OK Note: I didn't see a avidemux-gtk package, so not all tests from bug 13643 have been done.
CC: (none) => herman.viaene
(In reply to Herman Viaene from comment #4) > Tested on Mageia4-64 on HP6555b > Note: I didn't see a avidemux-gtk package, so not all tests from bug 13643 > have been done. avidemux-gtk doesn't exist anymore as of Mageia 4. I'll add the OK tag.
Whiteboard: has_procedure => has_procedure MGA4-64-OK
I downloaded these two files to test both updates: http://download.wavetlan.com/SVV/Media/HTTP/mkv/H264_mp3(mkvmerge).mkv http://download.wavetlan.com/SVV/Media/HTTP/mkv/MP4_avc_mp3(720p)(SUPER).MKV as well as this one to test the tainted update: http://download.wavetlan.com/SVV/Media/HTTP/mkv/MP4_DIVX_AAC-LC-(mkvmerge).mkv all from here: http://download.wavetlan.com/SVV/Media/HTTP/http-mkv.htm They play fine with mplayer and avidemux-qt (avidemux3_qt4). With the tainted version, the last video plays sound successfully. Used avidemux3_qt4 to convert them to avi format (by simply saving them with a .avi extension) and avidemux3_cli to convert them to mp4 format, like: avidemux3_cli --load H264_mp3\(mkvmerge\).mkv --save file1.mp4 --output-format mp4 --quit The resulting files all play fine with mplayer or avidemux-qt. Tested successfully Mageia 4 i586.
Whiteboard: has_procedure MGA4-64-OK => has_procedure MGA4-64-OK MGA4-32-OK
Validating, advisory uploaded.
Keywords: (none) => validated_updateWhiteboard: has_procedure MGA4-64-OK MGA4-32-OK => has_procedure MGA4-64-OK MGA4-32-OK advisoryCC: (none) => remi, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0491.html
Status: NEW => RESOLVEDResolution: (none) => FIXED