lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1X4pSm-0001pG-TS@titan.mandriva.com>
Date: Wed, 09 Jul 2014 12:51:00 +0200
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2014:129 ] ffmpeg

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:129
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : ffmpeg
 Date    : July 9, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in ffmpeg:
 
 Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in
 FFmpeg before 0.11 have unknown impact and attack vectors related to
 (1) size of mclms arrays, (2) a get_bits(0) in decode_ac_filter, and
 (3) too many bits in decode_channel_residues(). (CVE-2012-2795).
 
 libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect
 data-structure size for certain coefficients, which allows remote
 attackers to cause a denial of service (memory corruption) or possibly
 have unspecified other impact via crafted WMA data (CVE-2014-2098).
 
 The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
 2.1.4 does not properly calculate line sizes, which allows remote
 attackers to cause a denial of service (out-of-bounds array access)
 or possibly have unspecified other impact via crafted Microsoft RLE
 video data (CVE-2014-2099).
 
 The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)
 muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,
 allows remote attackers to have unspecified impact and vectors,
 which trigger an out-of-bounds write (CVE-2014-2263).
 
 A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek
 operations on video data could allow remote attackers to cause a
 denial of service (CVE-2012-5150).
 
 An integer overflow can occur when processing any variant of a literal
 run in the av_lzo1x_decode function (CVE-2014-4609, CVE-2014-4610).
 
 The updated packages have been upgraded to the 0.10.14 version which
 is not vulnerable to these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2795
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5150
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610
 https://www.ffmpeg.org/security.html
 http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html
 http://www.openwall.com/lists/oss-security/2014/06/26/22
 http://seclists.org/oss-sec/2014/q2/668
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 b51959a114b898f61f4e9f2fa227164b  mbs1/x86_64/ffmpeg-0.10.14-1.mbs1.x86_64.rpm
 a01603d6bd7ce8062078477657d5f3f6  mbs1/x86_64/lib64avcodec53-0.10.14-1.mbs1.x86_64.rpm
 afbd4762fda0acee6e3c82077bafe7ea  mbs1/x86_64/lib64avfilter2-0.10.14-1.mbs1.x86_64.rpm
 f667967cd563412ceb5e59c89f6b4854  mbs1/x86_64/lib64avformat53-0.10.14-1.mbs1.x86_64.rpm
 fe233107398c0188cc562271c69fa385  mbs1/x86_64/lib64avutil51-0.10.14-1.mbs1.x86_64.rpm
 6ba5fccb492c998cd36fd61819e4da92  mbs1/x86_64/lib64ffmpeg-devel-0.10.14-1.mbs1.x86_64.rpm
 ccb2f3026cc84e27a464da14192a992b  mbs1/x86_64/lib64ffmpeg-static-devel-0.10.14-1.mbs1.x86_64.rpm
 24e803e02ce1abccc513c98f2aa9ed53  mbs1/x86_64/lib64postproc52-0.10.14-1.mbs1.x86_64.rpm
 f9d57b25aa155019199ba095a74d4e32  mbs1/x86_64/lib64swresample0-0.10.14-1.mbs1.x86_64.rpm
 6e50dd84e0667eca277d083ddbca0162  mbs1/x86_64/lib64swscaler2-0.10.14-1.mbs1.x86_64.rpm 
 de39ad82d3ac7982d5959714560ada9d  mbs1/SRPMS/ffmpeg-0.10.14-1.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFTvPbPmqjQ0CJFipgRAkl1AKDcwdrqkW1vL/fpk/Zxy8kf9ZW3hACguPxH
4gosVSoytWdei2eBER8E5Pk=
=8dsG
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ