U radu programskog paketa ffmpeg otkriveni su i ispravljeni brojni nedostaci. Udaljeni napadač može iskoristiti spomenute nedostatke za pokretanje proizvoljnog programskog koda te izvođenje DoS napada.
| Paket: | ffmpeg 4.x |
| Operacijski sustavi: | Mandriva Linux 2011, Mandriva Linux Enterprise Server 5.0 |
| Kritičnost: | 8.1 |
| Problem: | cjelobrojno prepisivanje, neodgovarajuće rukovanje memorijom, pogreška u programskoj funkciji, pogreška u programskoj komponenti, preljev međuspremnika |
| Iskorištavanje: | udaljeno |
| Posljedica: | proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS) |
| Rješenje: | programska zakrpa proizvođača |
| CVE: | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579 |
| Izvorni ID preporuke: | MDVSA-2012:148 |
| Izvor: | Mandriva |
| Problem: | |
| Ranjivosti su posljedica nepravilnog zauzimanja memorije, implementacija dekodera Vorbis i Sierra VMD, pogrešaka u datoteci "cavsdec.c" te pogrešaka u funkcijama "decode_residual_inter", "decode_residual_block", "av_image_fill_pointers", "vp5_parse_coeff", "vp6_parse_coeff", "svq1_decode_frame" i "vp3_dequant". |
|
| Posljedica: | |
| Propuste je moguće iskoristiti za izvođenje napada uskraćivanjem usluge te pokretanje proizvoljnog programskog koda. |
|
| Rješenje: | |
| Kako bi se zaštitili, korisnicima se savjetuje korištenje odgovarajuće programske nadogradnje. |
|
Izvorni tekst preporuke
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:148
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ffmpeg
Date : August 30, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in ffmpeg. This
advisory provides updated versions which resolves various security
issues.
_______________________________________________________________________
References:
http://ffmpeg.org/security.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
81021a98362e01dbddbf3dd965c44048
2011/i586/ffmpeg-0.7.13-0.1-mdv2011.0.i586.rpm
7dad425d75ae882d6b110fbc002c29be
2011/i586/libavfilter1-0.7.13-0.1-mdv2011.0.i586.rpm
5581d8f84cb9aa7bd338d3e2ce3e42bb
2011/i586/libavformats52-0.7.13-0.1-mdv2011.0.i586.rpm
2a127eb1ca05d4f690081688d6816784
2011/i586/libavutil50-0.7.13-0.1-mdv2011.0.i586.rpm
5d00d58ccaa5b2d4851f3d758adec03c
2011/i586/libffmpeg52-0.7.13-0.1-mdv2011.0.i586.rpm
f92daad11480b2bda5c7669b22d8a1e6
2011/i586/libffmpeg-devel-0.7.13-0.1-mdv2011.0.i586.rpm
7570f171617af585e85f837e520deadf
2011/i586/libffmpeg-static-devel-0.7.13-0.1-mdv2011.0.i586.rpm
122855ddf284250312cede9f67aa1f3b
2011/i586/libpostproc51-0.7.13-0.1-mdv2011.0.i586.rpm
0039f2b3e96c0e31b45acec5207c0c6d
2011/i586/libswscaler0-0.7.13-0.1-mdv2011.0.i586.rpm
65d28a30a254476ef2c81a1b167bb845 2011/SRPMS/ffmpeg-0.7.13-0.1.src.rpm
Mandriva Linux 2011/X86_64:
ec67985f3b387aa496a504b9d7d485a9
2011/x86_64/ffmpeg-0.7.13-0.1-mdv2011.0.x86_64.rpm
5b965d84954026782cf845187adc0d7b
2011/x86_64/lib64avfilter1-0.7.13-0.1-mdv2011.0.x86_64.rpm
3cf0212de0e06d6f8231830ca8770cff
2011/x86_64/lib64avformats52-0.7.13-0.1-mdv2011.0.x86_64.rpm
3b6c6abba1a9041879e11cc7c848854f
2011/x86_64/lib64avutil50-0.7.13-0.1-mdv2011.0.x86_64.rpm
1c43bb7a26851a826bab1acff5a4812c
2011/x86_64/lib64ffmpeg52-0.7.13-0.1-mdv2011.0.x86_64.rpm
2052b2840cb232c3c959d615a004b463
2011/x86_64/lib64ffmpeg-devel-0.7.13-0.1-mdv2011.0.x86_64.rpm
3d58cfc7f128e4c3fafedf74dfd805cb
2011/x86_64/lib64ffmpeg-static-devel-0.7.13-0.1-mdv2011.0.x86_64.rpm
ba824887013a5d3508dc84e4309b9228
2011/x86_64/lib64postproc51-0.7.13-0.1-mdv2011.0.x86_64.rpm
55bea2b18028773f2f97a584088f94ff
2011/x86_64/lib64swscaler0-0.7.13-0.1-mdv2011.0.x86_64.rpm
65d28a30a254476ef2c81a1b167bb845 2011/SRPMS/ffmpeg-0.7.13-0.1.src.rpm
Mandriva Enterprise Server 5:
ef6875fca1ba220fd63706695e6f4161
mes5/i586/ffmpeg-0.5.10-0.1mdvmes5.2.i586.rpm
ee216fb3e3e217dd3696571a16af5e2b
mes5/i586/libavformats52-0.5.10-0.1mdvmes5.2.i586.rpm
801a41637d4fba241706457741a7fa29
mes5/i586/libavutil49-0.5.10-0.1mdvmes5.2.i586.rpm
b4ef0cbce571fa6d4908a07d6f4680fa
mes5/i586/libffmpeg52-0.5.10-0.1mdvmes5.2.i586.rpm
8a23fdcaefb1ea6c37b221e18fadd7b4
mes5/i586/libffmpeg-devel-0.5.10-0.1mdvmes5.2.i586.rpm
07698c0e43cab8ae750e4911bb2fb9d1
mes5/i586/libffmpeg-static-devel-0.5.10-0.1mdvmes5.2.i586.rpm
412c1a53f42d5551f557a6cb4a03bf34
mes5/i586/libpostproc51-0.5.10-0.1mdvmes5.2.i586.rpm
8ec97cbe708fd21a1c078cc4a6f03d58
mes5/i586/libswscaler0-0.5.10-0.1mdvmes5.2.i586.rpm
c3f31c0adf6d38d5c41838c0cfe61acb
mes5/SRPMS/ffmpeg-0.5.10-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
94fd300dc87d7ec63d8bd31e6a56c77d
mes5/x86_64/ffmpeg-0.5.10-0.1mdvmes5.2.x86_64.rpm
cc913cfe30d9c5eed0828671039e9924
mes5/x86_64/lib64avformats52-0.5.10-0.1mdvmes5.2.x86_64.rpm
f7cc86fe522a549512b4d733994a4705
mes5/x86_64/lib64avutil49-0.5.10-0.1mdvmes5.2.x86_64.rpm
e65c7e167feeaa1b8a33d49facf191ab
mes5/x86_64/lib64ffmpeg52-0.5.10-0.1mdvmes5.2.x86_64.rpm
d699b9e6392d4aa9bb077346bff9bbb7
mes5/x86_64/lib64ffmpeg-devel-0.5.10-0.1mdvmes5.2.x86_64.rpm
321e678bb1d3834e2f057bfe08f37018
mes5/x86_64/lib64ffmpeg-static-devel-0.5.10-0.1mdvmes5.2.x86_64.rpm
2ee1d833254d74cfbab5bae073f78d99
mes5/x86_64/lib64postproc51-0.5.10-0.1mdvmes5.2.x86_64.rpm
f82ea605d14afc702e85d3d55a68a3a7
mes5/x86_64/lib64swscaler0-0.5.10-0.1mdvmes5.2.x86_64.rpm
c3f31c0adf6d38d5c41838c0cfe61acb
mes5/SRPMS/ffmpeg-0.5.10-0.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQP1wGmqjQ0CJFipgRAohlAKDPaFlqit5fLAVr/9yOXlrY65+8IgCeNi2m
wODpRK3zEoIJFMrhNbtxoR8=
=JRFl
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:074-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ffmpeg
Date : August 30, 2012
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in ffmpeg:
The Matroska format decoder in FFmpeg does not properly allocate
memory, which allows remote attackers to execute arbitrary code via
a crafted file (CVE-2011-3362, CVE-2011-3504).
cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause
a denial of service (incorrect write operation and application
crash) via an invalid bitstream in a Chinese AVS video (aka CAVS)
file, related to the decode_residual_block, check_for_slice,
and cavs_decode_frame functions, a different vulnerability than
CVE-2011-3362 (CVE-2011-3973).
Integer signedness error in the decode_residual_inter function in
cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a
denial of service (incorrect write operation and application crash)
via an invalid bitstream in a Chinese AVS video (aka CAVS) file,
a different vulnerability than CVE-2011-3362 (CVE-2011-3974).
FFmpeg does not properly implement the MKV and Vorbis media
handlers, which allows remote attackers to cause a denial of service
(out-of-bounds read) via unspecified vectors (CVE-2011-3893).
Heap-based buffer overflow in the Vorbis decoder in FFmpeg allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted stream (CVE-2011-3895).
An error within the QDM2 decoder (libavcodec/qdm2.c) can be exploited
to cause a buffer overflow (CVE-2011-4351).
An integer overflow error within the "vp3_dequant()" function
(libavcodec/vp3.c) can be exploited to cause a buffer overflow
(CVE-2011-4352).
Errors within the "av_image_fill_pointers()", the
"vp5_parse_coeff()",
and the "vp6_parse_coeff()" functions can be exploited to trigger
out-of-bounds reads (CVE-2011-4353).
It was discovered that Libav incorrectly handled certain malformed
VMD files. If a user were tricked into opening a crafted VMD file,
an attacker could cause a denial of service via application crash,
or possibly execute arbitrary code with the privileges of the user
invoking the program (CVE-2011-4364).
It was discovered that Libav incorrectly handled certain malformed SVQ1
streams. If a user were tricked into opening a crafted SVQ1 stream
file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the
user invoking the program (CVE-2011-4579).
The updated packages have been upgraded to the 0.5.9 version where
these issues has been corrected.
Additionally a couple of packages needed to be rebuilt for the new
ffmpeg version and is also being provided with this advisory.
Update:
A missing dependency was discovered which prevented the sox library
from installing properly. This updated advisory provided the missing
libwavpack1 and lib64wavpack1 packages.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4579
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
e5eb142288909af6edc2a4e8de5da929
mes5/i586/libwavpack1-4.50.1-1.1mdvmes5.2.i586.rpm
3c13b4549f16fc37a1f1a2c26eb4b0ca
mes5/i586/libwavpack-devel-4.50.1-1.1mdvmes5.2.i586.rpm
a2b9c040c0716a2f857db06216a804bb
mes5/i586/wavpack-4.50.1-1.1mdvmes5.2.i586.rpm
f918f7bee89f6b3683709dfe936208df
mes5/SRPMS/wavpack-4.50.1-1.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
fa81de9663db8946cd5b3e86a8696291
mes5/x86_64/lib64wavpack1-4.50.1-1.1mdvmes5.2.x86_64.rpm
b31e5c045f36791a2b2dea8b9a9052fb
mes5/x86_64/lib64wavpack-devel-4.50.1-1.1mdvmes5.2.x86_64.rpm
35acbdb69bd2d53c1c425ae75273380d
mes5/x86_64/wavpack-4.50.1-1.1mdvmes5.2.x86_64.rpm
f918f7bee89f6b3683709dfe936208df
mes5/SRPMS/wavpack-4.50.1-1.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQP1IZmqjQ0CJFipgRAubBAKCaIkbhcGFB3+jbcozoXYF4CcScAACfQFna
E/rykoz10MK7BieunKf2evk=
=+MJv
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke