Description of problem: There is now gstreamer0.10-ffmpeg-0.10.11-3.1.mga in core/updates_testing to validate. ------------------------------------------------------- Suggested advisory: ------------------- This update addresses the folloving CVEs: - CVE-2011-1196 (denial of service and possible code execution via malformed OGG file) http://code.google.com/p/chromium/issues/detail?id=71788 - CVE-2011-3362 (arbitrary code execution via malformed CAVS file) http://www.ocert.org/advisories/ocert-2011-002.html - CVE-2011-1931 (denial of service and possible code execution via malformed AMV file) http://seclists.org/bugtraq/2011/Apr/257 - CVE-2011-2161 (denial of service via malformed APE file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2161 - CVE-2011-0480 (denial of service and possible code execution via crafted WebM file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0480 - CVE-2011-0723 (denial of service and possible code execution via crafted VC1 file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0723 - CVE-2010-3429 (arbitrary offset dereference vulnerability in flic video codec) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 - CVE-2010-4704 (denial of service via crafted .ogg file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4704 Other fixes in this release: - fix unchecked return values of function "svq3_get_ue_golomb()" that may cause a crash, patch from upstream, rediffed for our ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=patch;h=979bea13003ef489d95d2538ac2fb1c26c6f103b ------------------------------------------------------- Steps to reproduce: - install/update to update candidate Additional Notes: - FWIW the first two issues and the "Other fixes in this release" are the same as in https://bugs.mageia.org/show_bug.cgi?id=2820 as gstreamer0.10-ffmpeg contains a bundled copy of ffmpeg. - for CVE-2011-2161 see the following link for a perl skript to create a file that can be used to crash ffmpeg/VLC: http://packetstorm.linuxsecurity.com/1103-exploits/vlc105-dos.txt
For testing this one I used arista to convert a video from .ogg format to .webm. # urpmi arista $ arista-gtk Select the Source dropdown, then file, then the actual file. Select the Device dropdown, then Web Browser. Select Add to queue. Note. There is no sound during the conversion (live preview of the video is shown), but there is sound in the final file, when played back. For testing, pick a short video. :-) Testing complete on i586.
CC: (none) => davidwhodgins
Testing complete x86_64 Advisory: ------------------- This update addresses the folloving CVEs: - CVE-2011-1196 (denial of service and possible code execution via malformed OGG file) http://code.google.com/p/chromium/issues/detail?id=71788 - CVE-2011-3362 (arbitrary code execution via malformed CAVS file) http://www.ocert.org/advisories/ocert-2011-002.html - CVE-2011-1931 (denial of service and possible code execution via malformed AMV file) http://seclists.org/bugtraq/2011/Apr/257 - CVE-2011-2161 (denial of service via malformed APE file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2161 - CVE-2011-0480 (denial of service and possible code execution via crafted WebM file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0480 - CVE-2011-0723 (denial of service and possible code execution via crafted VC1 file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0723 - CVE-2010-3429 (arbitrary offset dereference vulnerability in flic video codec) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 - CVE-2010-4704 (denial of service via crafted .ogg file) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4704 Other fixes in this release: - fix unchecked return values of function "svq3_get_ue_golomb()" that may cause a crash, patch from upstream, rediffed for our ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=patch;h=979bea13003ef489d95d2538ac2fb1c26c6f103b ------------------------------------------------------- SRPM: gstreamer0.10-ffmpeg-0.10.11-3.1.mga1.src.rpm Could sysadmin please push from core/updates_testing to core/updates. No linking required. Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
update pushed.
Status: NEW => RESOLVEDCC: (none) => dmorganecResolution: (none) => FIXED