From http://secunia.com/advisories/46888/ Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) An error within the QDM2 decoder (libavcodec/qdm2.c) can be exploited to cause a buffer overflow. 2) An integer overflow error within the "vp3_dequant()" function (libavcodec/vp3.c) can be exploited to cause a buffer overflow. 3) Errors within the "av_image_fill_pointers()", the "vp5_parse_coeff()", and the "vp6_parse_coeff()" functions can be exploited to trigger out-of-bounds reads. As stated on http://ffmpeg.org/download.html, the 0.6.3 that we currently have in Mageia 1 is no longer being maintained. We should update to 0.7.8, which is compatible with the 0.6 ABI and API. CVEs have not been assigned. We have both Core and Tainted versions of ffmpeg.
Hi, thanks for reporting this bug. Assigned to the package maintainer.
Keywords: (none) => TriagedCC: (none) => fundawang, thomas
In fact it's more the committers.
Keywords: Triaged => (none)
I believe this has been done yesterday. Let's close it as fixed
Status: NEW => RESOLVEDResolution: (none) => FIXED
(In reply to comment #3) > I believe this has been done yesterday. Let's close it as fixed Really? I've submitted it three hours ago.
Status: RESOLVED => REOPENEDResolution: FIXED => (none)
NAK on this update in this way for Mageia 1. It breaks/disables x264 support. That's not allowed! It must be properly fixed.
CC: (none) => tmb
(In reply to comment #5) > NAK on this update in this way for Mageia 1. > > It breaks/disables x264 support. > > That's not allowed! > > It must be properly fixed. Then somebody please remove ffmpeg 0.7.8 from core/updates_testing and tainted/updates_testing.
And, we will rely on current maintainer "nobody" to take care of this bug.
no funda you do an amazing work continue this way :) tmb, you know how to fix this ?
CC: (none) => dmorganec
by a quick look in upstream git I guess: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a6a61a6d1d4da219a6fe29250e2a6b28f9d05524 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fa5292d9d42f10841e3a889bca4ebd878c965268 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4007352bd054936fe06cb8b726db008b47101d91 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f62fa1ce9f12e4a43b41401a7416c6fa8da579c9 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8a63deab15ef41fd439be1b46d8dcb73669ccfc1
(In reply to comment #7) > And, we will rely on current maintainer "nobody" to take care of this bug. Don't be angry ... please !!!!!!! I know how much work you do for nobody's packages. I just pointed a little problem about the dilemma to which you found an answer that may be discussed and that may push someone to help you for the job (I am not skilled enough to help : can only tilt... sometimes wrongly !) Post Scriptum I apologize for this comment coming so late : I sent it by mistake on dev mailing list... and have just seen it was in the wrong place Best regards to Funda
CC: (none) => philippedidier
CC: (none) => anssi.hannula, doktor5000
(In reply to comment #6) > (In reply to comment #5) > > NAK on this update in this way for Mageia 1. > > > > It breaks/disables x264 support. > > > > That's not allowed! > > > > It must be properly fixed. > Then somebody please remove ffmpeg 0.7.8 from core/updates_testing and > tainted/updates_testing. ping?
Blocks: (none) => 3670
ffmpeg 0.7.8 got removed ~1 week ago from */updates_testing
(In reply to comment #12) > ffmpeg 0.7.8 got removed ~1 week ago from */updates_testing Nope. they are only got removed from tainted/updates_testing
actually I removed from both, but only *ffmpeg* now the rest is also cleaned.
Somebody interested in rediffing patches, please take this bug. Thanks.
CC: fundawang => (none)
Version: Cauldron => 1
Hello, what about update to ffmpef 0.6.4 ? http://git.videolan.org/?p=ffmpeg.git;a=blobdiff;f=RELEASE;h=8193b2877b4b1541f23ad5cb640fa6e17de0659b;hp=97f04d6ae6542712e1835f820ceb104064254681;hb=6b156c45638ceb2e076586b7efeb4cf9e04e0a84;hpb=dbe7e209df03c18eabdc29f87b73bbc4e3430d20
i am on it
done and pushed in the BS
Status: REOPENED => ASSIGNEDAssignee: bugsquad => qa-bugs
Build failed, I guess you are on it. Also, in the future don't use 0.1.mga1, but just 1.mga1: https://wiki.mageia.org/en/Updates_policy#Maintainer_.28or_any_interested_packager.29
Summary: ffmpeg security update to version 0.7.8 => ffmpeg security update to version 0.6.4
Thanks, D Morgan
Is this ready for QA?
(In reply to comment #19) > Build failed, I guess you are on it. > > Also, in the future don't use 0.1.mga1, but just 1.mga1: > > https://wiki.mageia.org/en/Updates_policy#Maintainer_.28or_any_interested_packager.29 oh tks i forgot this policy tks
(In reply to comment #21) > Is this ready for QA? sorry, yes this is ready for QA
I used it to convert an old WMV video to a WAV audio file on i586. Sounds good.
CC: (none) => luigiwalser
Tested complete the srpm ffmpeg-0.6.4-0.1.mga1.tainted.src.rpm on Mageia release 1 (Official) for x86_64 ,for me it's good ,Seems to work well. I used it to convert an .wmv video file to a .avi video file and also an .avi video file to a .flv video file.
CC: (none) => geiger.david68210
Have you tested the ones in tainted too ? and that x264 is not broken ?
(In reply to comment #26) > Have you tested the ones in tainted too ? Yes I have tested this ones in tainted but not in core. > and that x264 is not broken ? How I could test the x264 ?
x264 never got updated, why should it break?
Considering that it somewhat fragile, which the earlier intended 0.7.8 update showed, I thought it could be wise test. but its up to QA to decide...
Testing i586 for x264 with ffmpeg tainted using settings from here :- http://rodrigopolo.com/ffmpeg/cheats.html#X264_Presets Tested OK using HQ firstpass - we don't currently have libfaac so audio can't be encoded with it.
Tested x86_64 in the same way. Please push the srpm's ffmpeg-0.6.4-0.1.mga1.src.rpm ffmpeg-0.6.4-0.1.mga1.tainted.src.rpm See original post for advisory.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed.
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED