+++ This bug was initially created as a clone of Bug #16623 +++ An advisory has been issued today (August 20): http://www.ocert.org/advisories/ocert-2015-009.html The advisory contains a link to the upstream commit to fix the issue. The fix will be included in VLC 2.2.2 (I'm not sure of the ETA on that release). Mageia 4 and Mageia 5 are also affected. Reproducible: Steps to Reproduce:
Assignee: bugsquad => yann.cantinSource RPM: vlc-2.2.1-3.mga6.src.rpm => vlc-2.1.6-1.mga4.src.rpm
Updated packages for mga4. The PoC (see bug #16623) is irrelevant for version 2.1.6 (doesn't segfault). Patch applied anyway. Advisory: ======================== Updated vlc packages fix security vulnerability : Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a multimedia player and streamer, could dereference an arbitrary pointer due to insufficient restrictions on a writable buffer. This could allow remote attackers to execute arbitrary code via crafted 3GP files (CVE-2015-5949). References: http://www.ocert.org/advisories/ocert-2015-009.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949 https://lists.debian.org/debian-security-announce/2015/msg00241.html ======================== Updated packages in core/updates_testing and tainted/updates_testing ======================== lib64vlc5-2.1.6-1.1.mga4 lib64vlccore7-2.1.6-1.1.mga4 lib64vlc-devel-2.1.6-1.1.mga4 svlc-2.1.6-1.1.mga4 vlc-2.1.6-1.1.mga4 vlc-debuginfo-2.1.6-1.1.mga4 vlc-plugin-aa-2.1.6-1.1.mga4 vlc-plugin-bonjour-2.1.6-1.1.mga4 vlc-plugin-common-2.1.6-1.1.mga4 vlc-plugin-dv-2.1.6-1.1.mga4 vlc-plugin-flac-2.1.6-1.1.mga4 vlc-plugin-fluidsynth-2.1.6-1.1.mga4 vlc-plugin-gme-2.1.6-1.1.mga4 vlc-plugin-gnutls-2.1.6-1.1.mga4 vlc-plugin-jack-2.1.6-1.1.mga4 vlc-plugin-kate-2.1.6-1.1.mga4 vlc-plugin-libass-2.1.6-1.1.mga4 vlc-plugin-libnotify-2.1.6-1.1.mga4 vlc-plugin-lirc-2.1.6-1.1.mga4 vlc-plugin-lua-2.1.6-1.1.mga4 vlc-plugin-mod-2.1.6-1.1.mga4 vlc-plugin-mpc-2.1.6-1.1.mga4 vlc-plugin-ncurses-2.1.6-1.1.mga4 vlc-plugin-opengl-2.1.6-1.1.mga4 vlc-plugin-projectm-2.1.6-1.1.mga4 vlc-plugin-pulse-2.1.6-1.1.mga4 vlc-plugin-schroedinger-2.1.6-1.1.mga4 vlc-plugin-sdl-2.1.6-1.1.mga4 vlc-plugin-shout-2.1.6-1.1.mga4 vlc-plugin-sid-2.1.6-1.1.mga4 vlc-plugin-speex-2.1.6-1.1.mga4 vlc-plugin-theora-2.1.6-1.1.mga4 vlc-plugin-twolame-2.1.6-1.1.mga4 vlc-plugin-upnp-2.1.6-1.1.mga4 vlc-plugin-zvbi-2.1.6-1.1.mga4 lib64vlc5-2.1.6-1.1.mga4.tainted lib64vlccore7-2.1.6-1.1.mga4.tainted lib64vlc-devel-2.1.6-1.1.mga4.tainted svlc-2.1.6-1.1.mga4.tainted vlc-2.1.6-1.1.mga4.tainted vlc-debuginfo-2.1.6-1.1.mga4.tainted vlc-plugin-aa-2.1.6-1.1.mga4.tainted vlc-plugin-bonjour-2.1.6-1.1.mga4.tainted vlc-plugin-common-2.1.6-1.1.mga4.tainted vlc-plugin-dv-2.1.6-1.1.mga4.tainted vlc-plugin-flac-2.1.6-1.1.mga4.tainted vlc-plugin-fluidsynth-2.1.6-1.1.mga4.tainted vlc-plugin-gme-2.1.6-1.1.mga4.tainted vlc-plugin-gnutls-2.1.6-1.1.mga4.tainted vlc-plugin-jack-2.1.6-1.1.mga4.tainted vlc-plugin-kate-2.1.6-1.1.mga4.tainted vlc-plugin-libass-2.1.6-1.1.mga4.tainted vlc-plugin-libnotify-2.1.6-1.1.mga4.tainted vlc-plugin-lirc-2.1.6-1.1.mga4.tainted vlc-plugin-lua-2.1.6-1.1.mga4.tainted vlc-plugin-mod-2.1.6-1.1.mga4.tainted vlc-plugin-mpc-2.1.6-1.1.mga4.tainted vlc-plugin-ncurses-2.1.6-1.1.mga4.tainted vlc-plugin-opengl-2.1.6-1.1.mga4.tainted vlc-plugin-projectm-2.1.6-1.1.mga4.tainted vlc-plugin-pulse-2.1.6-1.1.mga4.tainted vlc-plugin-schroedinger-2.1.6-1.1.mga4.tainted vlc-plugin-sdl-2.1.6-1.1.mga4.tainted vlc-plugin-shout-2.1.6-1.1.mga4.tainted vlc-plugin-sid-2.1.6-1.1.mga4.tainted vlc-plugin-speex-2.1.6-1.1.mga4.tainted vlc-plugin-theora-2.1.6-1.1.mga4.tainted vlc-plugin-twolame-2.1.6-1.1.mga4.tainted vlc-plugin-upnp-2.1.6-1.1.mga4.tainted vlc-plugin-zvbi-2.1.6-1.1.mga4.tainted from SRPMS: vlc-2.1.6-1.1.mga4.src.rpm vlc-2.1.6-1.1.mga4.tainted.src.rpm
Assignee: yann.cantin => qa-bugs
MGA4-32 on Acer D620 Xfce No installation issues. Plays mpg file (captured from DVB-T device) perfectly.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA4-32-OK
Depends on: 16623 => (none)
Seems to work OK on MGA4 64. Validating. Just needs advisory to be uploaded.
Keywords: (none) => validated_updateStatus: NEW => RESOLVEDResolution: (none) => WONTFIXWhiteboard: MGA4-32-OK => MGA4-32-OK MGA4-64-OKCC: (none) => sysadmin-bugs
Wontfix is not a good solution for a validation :)
Status: RESOLVED => REOPENEDCC: (none) => tmbResolution: WONTFIX => (none)
Oops, I wonder what happened.
Advisory uploaded.
Whiteboard: MGA4-32-OK MGA4-64-OK => MGA4-32-OK MGA4-64-OK advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0329.html
Status: REOPENED => RESOLVEDResolution: (none) => FIXED