Bug 6955 - avidemux update for security issues fixed in ffmpeg 0.6.6 [mga1]
Summary: avidemux update for security issues fixed in ffmpeg 0.6.6 [mga1]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA1-64-OK MGA1-32-OK
Keywords: validated_update
Depends on:
Blocks: 6427
  Show dependency treegraph
 
Reported: 2012-08-05 02:38 CEST by David Walser
Modified: 2012-08-06 19:35 CEST (History)
3 users (show)

See Also:
Source RPM: avidemux-2.5.4-5.2.mga1.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2012-08-05 02:38:27 CEST
ffmpeg 0.6.6 was released on June 9th, fixing several security issues.

Patches for those issues were pulled from ffmpeg git and applied to avidemux.

Advisory:
========================

Updated avidemux packages fix security vulnerabilities:

* CVE-2011-3893, CVE-2011-3895: denial of service and possible code
execution via malformed stream for the vorbis decoder and matroska
demuxer

* nsvdec: Fix use of uninitialized streams, Be more careful with
          av_malloc(), nsvdec: Propagate errors (CVE-2011-3940)

* dv: Fix small stack overread, check stype, Fix null pointer
      dereference due to ach=0 (CVE-2011-3929 and CVE-2011-3936)

* atrac3: Fix crash in tonal component decoding (CVE-2012-0853)

* mjpegbdec: Fix overflow in SOS (CVE-2011-3947)

* kgv1dec: Increase offsets array size so it is large enough
           (CVE-2011-3945)

* vqavideo: return error if image size is not a multiple of block size
            (CVE-2012-0947)

* dpcm: ignore extra unpaired bytes in stereo streams (CVE-2011-3951)

* aacsbr: prevent out of bounds memcpy() (CVE-2012-0850)

* h264: Add check for invalid chroma_format_idc (CVE-2012-0851)

* adpcm: ADPCM Electronic Arts has always two channels (CVE-2012-0852)

* shorten: Use separate pointers for the allocated memory for decoded
           samples, check for realloc failure (CVE-2012-0858)

* kmvc: Check palsize (CVE-2011-3952)

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3951
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3952
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0947
========================

Updated packages in {core,tainted}/updates_testing:
========================
avidemux-2.5.4-5.3.mga1
avidemux-gtk-2.5.4-5.3.mga1
avidemux-qt-2.5.4-5.3.mga1
avidemux-cli-2.5.4-5.3.mga1

from avidemux-2.5.4-5.3.mga1.src.rpm
David Walser 2012-08-05 02:38:45 CEST

Blocks: (none) => 6427

Comment 1 Dave Hodgins 2012-08-06 03:14:52 CEST
Testing complete on Mageia 1 x86-64.

Just testing that basic functions such as resizing a video is working.
I'll test i586 shortly.

CC: (none) => davidwhodgins
Whiteboard: (none) => MGA1-64-OK

Comment 2 Dave Hodgins 2012-08-06 03:29:39 CEST
Testing complete on Mageia 1 i586.

Could someone from the sysadmin team push the srpm
avidemux-2.5.4-5.3.mga1.src.rpm
from Mageia 1 Core Updates Testing to Core Updates.

Advisory: Updated avidemux packages fix security vulnerabilities:

* CVE-2011-3893, CVE-2011-3895: denial of service and possible code
execution via malformed stream for the vorbis decoder and matroska
demuxer

* nsvdec: Fix use of uninitialized streams, Be more careful with
          av_malloc(), nsvdec: Propagate errors (CVE-2011-3940)

* dv: Fix small stack overread, check stype, Fix null pointer
      dereference due to ach=0 (CVE-2011-3929 and CVE-2011-3936)

* atrac3: Fix crash in tonal component decoding (CVE-2012-0853)

* mjpegbdec: Fix overflow in SOS (CVE-2011-3947)

* kgv1dec: Increase offsets array size so it is large enough
           (CVE-2011-3945)

* vqavideo: return error if image size is not a multiple of block size
            (CVE-2012-0947)

* dpcm: ignore extra unpaired bytes in stereo streams (CVE-2011-3951)

* aacsbr: prevent out of bounds memcpy() (CVE-2012-0850)

* h264: Add check for invalid chroma_format_idc (CVE-2012-0851)

* adpcm: ADPCM Electronic Arts has always two channels (CVE-2012-0852)

* shorten: Use separate pointers for the allocated memory for decoded
           samples, check for realloc failure (CVE-2012-0858)

* kmvc: Check palsize (CVE-2011-3952)

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3951
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3952
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0947

https://bugs.mageia.org/show_bug.cgi?id=6955

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: MGA1-64-OK => MGA1-64-OK MGA1-32-OK

Comment 3 Thomas Backlund 2012-08-06 19:35:11 CEST
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0204

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.