Bug 6956 - avidemux update for security issues fixed in ffmpeg 0.9.2 [mga2]
: avidemux update for security issues fixed in ffmpeg 0.9.2 [mga2]
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 2
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
:
:
: has_procedure MGA2-32-OK
: validated_update
:
: 6427
  Show dependency treegraph
 
Reported: 2012-08-05 02:38 CEST by David Walser
Modified: 2012-08-18 10:46 CEST (History)
5 users (show)

See Also:
Source RPM: avidemux-2.5.6-2.mga2.src.rpm
CVE:
Status comment:


Attachments
Terminal output showing backtrack from avidemux-qt (1.21 KB, text/plain)
2012-08-07 22:31 CEST, Dave Hodgins
Details

Description David Walser 2012-08-05 02:38:31 CEST
ffmpeg 0.9.2 was released on May 3rd, fixing one security issue.
ffmpeg 0.9.1 also fixed two security issues.  ffmpeg 0.9 ships with avidemux.

Patches for those issues were pulled from ffmpeg git and applied to avidemux.

Advisory:
========================

Updated avidemux packages fix security vulnerabilities:

* vqavideodev: Check image dimensions, fixes out of heap array read
  (CVE-2012-0947)

* vorbis: make sure ch is non zero before calling vorbis_residue_decode
  (CVE-2011-3895)

* ogg: Avoid the possibility to read out-of-bounds of a static global
  array in Vorbis decoding (CVE-2011-3893)

* mkv: Fix a bug where a pointer was cached to an array that might
  later move due to a realloc() (CVE-2011-3893)

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0947
========================

Updated packages in {core,tainted}/updates_testing:
========================
avidemux-2.5.6-2.1.mga2
avidemux-gtk-2.5.6-2.1.mga2
avidemux-qt-2.5.6-2.1.mga2
avidemux-cli-2.5.6-2.1.mga2

from avidemux-2.5.6-2.1.mga2.src.rpm
Comment 1 Samuel Verschelde 2012-08-06 10:42:40 CEST
Testing procedure: just test some basic functions such as:
- resize a video
- cut a video
- convert a video
Comment 2 Dave Hodgins 2012-08-07 21:38:39 CEST
Testing i586 now.
Comment 3 Dave Hodgins 2012-08-07 22:09:26 CEST
Testing complete on Mageia 2 i586.

Converted a .flv file to .mpg, and increased the size.

I'll test x86-64 shortly.
Comment 4 Dave Hodgins 2012-08-07 22:31:20 CEST
Created attachment 2621 [details]
Terminal output showing backtrack from avidemux-qt

Trying exactly the same operation on x86-64 fails.
Comment 5 Dave Hodgins 2012-08-07 23:24:38 CEST
The crash on x86-64 is not a regression, as I'm getting the same with
the core release version.

Do you want to try and fix it, or should I open a new bug report for
the crash, and validate this update?
Comment 6 David Walser 2012-08-07 23:28:39 CEST
I'd surmise this isn't something easy for us to fix, so I'd say ship it.

Florian, what do you think?
Comment 7 Florian Hubold 2012-08-12 19:14:02 CEST
If both versions crash, and noone reported this particular issue, it hasn't surface yet. I'd say ship it, this should not block the update.
Comment 8 Samuel Verschelde 2012-08-13 11:38:30 CEST
Update validated.

See comment #0 for advisory and SRPM.
Comment 9 Thomas Backlund 2012-08-18 10:46:08 CEST
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0218

Note You need to log in before you can comment on or make changes to this bug.