From ${URL} : Two issues were reported in vorbis-tools on Full Disclosure: http://seclists.org/fulldisclosure/2015/Jan/78 Issues in question: https://trac.xiph.org/ticket/2137 -- a divide-by-zero issue leading to a crash https://trac.xiph.org/ticket/2136 -- an integer overflow leading to an out-of-bounds memory read In addition: https://trac.xiph.org/ticket/2009 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2014-9640 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9640): oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file. CVE-2014-9639 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9639): Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. CVE-2014-9638 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9638): oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
Upstream patch for https://trac.xiph.org/ticket/2136 (CVE-2014-9639) and https://trac.xiph.org/ticket/2137 (CVE-2014-9638): https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e Upstream patch for https://trac.xiph.org/ticket/2009 (CVE-2014-9640) https://trac.xiph.org/changeset/19117 @ Maintainer(s): No new upstream release for years. Please rev bump and cherry-pick!
If no one else is doing it...
x86 stable
amd64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2dfc5ae242f93ece77c3a3c9521b8425f9412315 commit 2dfc5ae242f93ece77c3a3c9521b8425f9412315 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-06-11 10:51:42 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-06-11 10:52:01 +0000 media-sound/vorbis-tools: stable 1.4.0-r5 for ia64, bug #537422 Bug: https://bugs.gentoo.org/537422 Package-Manager: Portage-2.3.40, Repoman-2.3.9 RepoMan-Options: --include-arches="ia64" media-sound/vorbis-tools/vorbis-tools-1.4.0-r5.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db2d2ab2036eb73c74b9558c528bfa35653f7644 commit db2d2ab2036eb73c74b9558c528bfa35653f7644 Author: Rolf Eike Beer <eike@sf-mail.de> AuthorDate: 2018-06-12 18:49:15 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-06-12 20:47:54 +0000 media-sound/vorbis-tools: stable 1.4.0-r5 for sparc Bug: https://bugs.gentoo.org/537422 Package-Manager: Portage-2.3.24, Repoman-2.3.6 RepoMan-Options: --include-arches="sparc" media-sound/vorbis-tools/vorbis-tools-1.4.0-r5.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Stable on alpha.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9afc87376c3585285280d6fb4825bb42a00d24d0 commit 9afc87376c3585285280d6fb4825bb42a00d24d0 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-06-24 19:46:37 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-06-24 20:20:18 +0000 media-sound/vorbis-tools: stable 1.4.0-r5 for ppc64, bug #537422 Bug: https://bugs.gentoo.org/537422 Package-Manager: Portage-2.3.40, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc64" media-sound/vorbis-tools/vorbis-tools-1.4.0-r5.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
arm stable
ppc stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e4925d1c1aa39bacd24a5f575d21e2a08dcc02d commit 7e4925d1c1aa39bacd24a5f575d21e2a08dcc02d Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-07-15 23:32:38 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-07-15 23:45:27 +0000 media-sound/vorbis-tools: Cleanup vulnerable Bug: https://bugs.gentoo.org/537422 Package-Manager: Portage-2.3.42, Repoman-2.3.9 .../vorbis-tools/vorbis-tools-1.4.0-r3.ebuild | 45 ---------------------- 1 file changed, 45 deletions(-)
ping sec...
...well, package maintainers are done, here, anyway...
All I see are DoS' here... tree is clean.
