Xvid 1.2.2 stable release This release is Xvid 1.2.2 bugfix release. It is API compatible with the previous 1.2.1 stable release. This release contains important, security-related fixes. Update is highly recommended. Changes since 1.2.1: xvidcore library * Workaround for nasm bug with Mach-O/OSX target * Fix for missing resync marker range check (reported by IBM X-Force. Thanks go to John McDonald and Christopher Valasek) * Improved precision for RGB<->YUV conversions * Fix for potential RGB24 access violation * Updated compiler options for Apple PPC target * Fixed MSVC6 projects to work for path names with spaces ... DShow frontend * Bugfix for wrong handling of xvidcore XVID_ERR_MEMORY return code (reported by IBM X-Force. Thanks to John McDonald and Mark Dowd)
Issue 1: resync marker range check http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.80.2.1&view=patch Issue 2: RGB24 access violation http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/image/image.c?r1=1.43&r2=1.43.2.1 Issue 3: dshow xvidcore XVID_ERR_MEMORY return code http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/dshow/src/CXvidDecoder.cpp?r1=1.16&r2=1.17&view=patch
*xvid-1.2.2 (29 May 2009) 29 May 2009; Samuli Suominen <ssuominen@gentoo.org> +xvid-1.2.2.ebuild: Version bump for security #271786, thanks to Robert Buchholz.
(In reply to comment #2) > *xvid-1.2.2 (29 May 2009) > > 29 May 2009; Samuli Suominen <ssuominen@gentoo.org> +xvid-1.2.2.ebuild: > Version bump for security #271786, thanks to Robert Buchholz. > Sorry, I've fixed execstacks as well. *xvid-1.2.2-r1 (29 May 2009) 29 May 2009; Samuli Suominen <ssuominen@gentoo.org> -xvid-1.2.1.ebuild, -xvid-1.2.2.ebuild, +xvid-1.2.2-r1.ebuild, +files/xvid-1.2.2-no_execstacks.patch: Fix execstacks wrt #258804, thanks to en.ABCD at gmail.org. Test this instead.
Arches, please test and mark stable: =media-libs/xvid-1.2.2-r1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
Commented out the no_execstacks patch, it wasn't working properly afterall. So, 1.2.2-r1 is basically same as 1.2.2. As in, vanilla xvid. Please do proceed, reopened bug 258804.
ppc64 done
ppc done
Stable for HPPA.
amd64/x86 stable
alpha/arm/ia64/sparc stable
CVE-2009-0893 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0893): Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a "missing resync marker range check" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions. CVE-2009-0894 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0894): Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vectors involving the DirectShow (aka DShow) frontend and improper handling of the XVID_ERR_MEMORY return code during processing of a crafted movie file. NOTE: some of these details are obtained from third party information.
<media-libs/xvid-1.2.2-r1 is no longer in portage.
This issue has been fixed since Jun 02, 2009. No GLSA will be issued.