Fedora has issued an advisory on January 27: https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html Patched packages uploaded for Mageia 4 and Cauldron. Advisory: ======================== Updated vorbis-tools package fixes security vulnerability: oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file (CVE-2014-9640). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html ======================== Updated packages in core/updates_testing: ======================== vorbis-tools-1.4.0-6.1.mga4 from vorbis-tools-1.4.0-6.1.mga4.src.rpm Reproducible: Steps to Reproduce:
PoC is in the upstream bug: https://trac.xiph.org/ticket/2009 Before: $ dd if=/dev/zero bs=1 count=1 | oggenc -r - -o out.ogg 1+0 records in 1+0 records out 1 byte (1 B) copied, 2.222e-05 s, 45.0 kB/s Encoding standard input to "out.ogg" at quality 3.00 Done encoding file "out.ogg" File length: 0m 00.0s Elapsed time: 0m 00.0s Rate: 0.0000 Average bitrate: inf kb/s Segmentation fault After: $ dd if=/dev/zero bs=1 count=1 | oggenc -r - -o out.ogg Encoding standard input to "out.ogg" at quality 3.00 1+0 records in 1+0 records out 1 byte (1 B) copied, 2.6581e-05 s, 37.6 kB/s Done encoding file "out.ogg" File length: 0m 00.0s Elapsed time: 0m 00.0s Rate: 0.0000 Average bitrate: inf kb/s Testing complete Mageia 4 i586.
Whiteboard: (none) => has_procedure MGA4-32-OK
URL: (none) => http://lwn.net/Vulnerabilities/631305/
In VirtualBox, M4, KDE, 64-bit Package(s) under test: vorbis-tools default install of vorbis-tools [root@localhost wilcal]# urpmi vorbis-tools Package vorbis-tools-1.4.0-6.mga4.x86_64 is already installed [wilcal@localhost ~]$ dd if=/dev/zero bs=1 count=1 | oggenc -r - -o out.ogg .....Segmentation fault install vorbis-tools from updates_testing [root@localhost wilcal]# urpmi vorbis-tools Package vorbis-tools-1.4.0-6.1.mga4.x86_64 is already installed [wilcal@localhost ~]$ dd if=/dev/zero bs=1 count=1 | oggenc -r - -o out.ogg ...Done encoding file "out.ogg"... /home/wilcal/out.ogg created Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
CC: (none) => wilcal.int
Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK MGA4-64-OK
This update works fine. Testing complete for mga4 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push this to updates. Thanks
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
Advisory uploaded.
Whiteboard: has_procedure MGA4-32-OK MGA4-64-OK => has_procedure MGA4-32-OK MGA4-64-OK advisoryCC: (none) => remi
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0051.html
Status: NEW => RESOLVEDResolution: (none) => FIXED