First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 238445
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Alexis Ballier <aballier@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
main_overflow.diff main_overflow.diff patch Robert Buchholz 2008-09-23 12:12 0000 609 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 238445 depends on: Show dependency tree
Bug 238445 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-09-23 06:21 0000 
While going on the faad2 homepage, I found this:

2008-09-16      
Security patch  Earlier today I was notified of a possible security flaw in the
command line frontend for FAAD2, on a specially constructed file the frontend
can cause a heap overflow when reading from a buffer returned by the decoder
library. A patch can be found here. Note that this only affects the frontend,
not the library. Many thanks to ICST-ERCIS (Peking University) for reporting
this issue.



I don't have more info; I think I could just apply the patch in a new revision.
Do you have more information about this (like the impact, a POC, etc.)?

------- Comment #1 From Robert Buchholz 2008-09-23 12:12:37 0000 ------- 
Created an attachment (id=166174) [details]
main_overflow.diff

Make the thing apply cleanly.

------- Comment #2 From Peter Alfredsen 2008-09-23 12:38:38 0000 ------- 
+*faad2-2.6.1-r2 (23 Sep 2008)
+
+  23 Sep 2008; Peter Alfredsen <loki_val@gentoo.org>
+  +files/faad2-2.6.1-main-overflow.patch, +faad2-2.6.1-r2.ebuild:
+  Security bump w/ patch from bug 238445
+

------- Comment #3 From Pierre-Yves Rofes 2008-09-23 22:05:47 0000 ------- 
Arches, please test and mark stable media-libs/faad2-2.6.1-r2. Target keywords:
"alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 ~sh sparc x86 ~x86-fbsd"

------- Comment #4 From Richard Freeman 2008-09-24 00:21:19 0000 ------- 
amd64 stable

------- Comment #5 From Jeroen Roovers 2008-09-24 06:12:10 0000 ------- 
Stable for HPPA.

------- Comment #6 From Ferris McCormick 2008-09-24 12:15:59 0000 ------- 
Sparc stable for -2.6.1-r2.

------- Comment #7 From Robert Buchholz 2008-09-24 15:45:09 0000 ------- 
CVE-2008-4201 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4201):
  Heap-based buffer overflow in the decodeMP4file function
  (frontend/main.c) in FAAD2 before 2.6.1 allows remote attackers to
  cause a denial of service (crash) and possibly execute arbitrary code
  via a crafted MPEG-4 (MP4) file.

------- Comment #8 From Markus Rothe 2008-09-24 17:46:20 0000 ------- 
ppc64 stable

------- Comment #9 From Raúl Porcel 2008-09-25 11:40:07 0000 ------- 
alpha/ia64/x86 stable

------- Comment #10 From Tobias Scherbaum 2008-10-01 17:49:04 0000 ------- 
ppc stable

------- Comment #11 From Tobias Heinlein 2008-10-01 21:21:01 0000 ------- 
GLSA request filed.

------- Comment #12 From Tobias Heinlein 2008-11-10 17:57:41 0000 ------- 
GLSA 200811-03, thanks everyone, sorry about the delay.
First Last Prev Next    No search results available      Search page      Enter new bug