In Bug 15993, Google Chrome fixed a security issue in its bundled libvpx by updating to 1.4.0 and adding a size-limit build option. We may need to fix this in our libvpx package too. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
The size limit configure option that Google used was added in 1.4.0, initially during this commit: https://chromium.googlesource.com/webm/libvpx/+/943e43273b0a7369d07714e7fd2e19fecfb11c7c%5E!/ I've added that patch and the configure option Google used in Cauldron SVN. Hopefully that'll work out. If not, the other patches to the affected section of code that went into 1.4.0 are: https://chromium.googlesource.com/webm/libvpx/+/f68aaa38d65c0e97945b102c55e66c111396937c%5E!/ https://chromium.googlesource.com/webm/libvpx/+/18a7f69dae2a81a566692993897b07b651b2d9ec%5E!/ https://chromium.googlesource.com/webm/libvpx/+/423e8a9727b25d54de24630f9c042fd5bddf7c8d%5E!/
Patched packages uploaded for Mageia 4, Mageia 5, and Cauldron. Advisory: ======================== Updated libvpx packages fix security vulnerability: libvpx before 1.4.0 allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data (CVE-2015-1258). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258 http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html ======================== Updated packages in core/updates_testing: ======================== libvpx1-1.3.0-1.1.mga4 libvpx-devel-1.3.0-1.1.mga4 libvpx-utils-1.3.0-1.1.mga4 libvpx1-1.3.0-3.1.mga5 libvpx-devel-1.3.0-3.1.mga5 libvpx-utils-1.3.0-3.1.mga5 from SRPMS: libvpx-1.3.0-1.1.mga4.src.rpm libvpx-1.3.0-3.1.mga5.src.rpm
Version: Cauldron => 5Assignee: bugsquad => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => MGA4TOO
MGA4-64 on HP Probook 6555b No installation issues. Tested as per bug15993: general browsing, acid3 and sunspider tests run OK.
CC: (none) => herman.viaene
Whiteboard: MGA4TOO => MGA4TOO has_procedure MGA4-64-OK
This update specifically affects VP9 video decoding, so please make sure that gets tested.
MGA4-32 on AcerD620 Xfce. No installation issues. Installed chromium browser Tested as per bug15993 with chromium: general browsing, acid3 and sunspider tests run OK. Tested VP9 with chromium using https://www.youtube.com/watch?v=Ctjm1kxw-BM codec test: OK MGA5-64 on HP Probook 6555b KDE No installation issues. Installed chromium browser Tested as per bug15993 with chromium: general browsing, acid3 and sunspider tests run OK. Tested VP9 using with chromium https://www.youtube.com/watch?v=Ctjm1kxw-BM codec test: video window message "Error occured" This works OK with Firefox, but I guess this one does not use libvpx.
Whiteboard: MGA4TOO has_procedure MGA4-64-OK => MGA4TOO has_procedure MGA4-64-OK MGA4-32-OK
Adding the MGA5-64-OK whiteboard entry based on comment 5. Advisory committed to svn. Someone from the sysadmin team please push 16019.adv to updates on both Mageia 5 and 4.
Keywords: (none) => validated_updateWhiteboard: MGA4TOO has_procedure MGA4-64-OK MGA4-32-OK => MGA4TOO has_procedure MGA4-64-OK MGA4-32-OK MGA5-64-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0249.html
Status: NEW => RESOLVEDResolution: (none) => FIXED