Description: "cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check." Patch: https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726 Disclosure bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734
@maintainer(s), please apply the supplied patch.
CVE-2020-12284 (https://nvd.nist.gov/vuln/detail/CVE-2020-12284): cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
A collection of other flaws found by oss-fuzz were fixed in 4.2.3. @maintainer(s): fixed in 4.2.3. Please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbf1dc0a317be65d039d8b9ff171571b6c721840 commit fbf1dc0a317be65d039d8b9ff171571b6c721840 Author: Sam James (sam_c) <sam@cmpct.info> AuthorDate: 2020-05-22 15:03:03 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-23 20:05:21 +0000 media-video/ffmpeg: Security bump to 4.2.3 Bug: https://bugs.gentoo.org/719940 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Sam James (sam_c) <sam@cmpct.info> Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> media-video/ffmpeg/Manifest | 1 + media-video/ffmpeg/ffmpeg-4.2.3.ebuild | 551 +++++++++++++++++++++++++++++++++ 2 files changed, 552 insertions(+)
ppc/ppc64 stable
amd64 stable
sparc stable
arm stable
x86 stable
arm64 stable ---- @maintainer(s), please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5aad0c4b02393043056f044fa39114bc1aa595ae commit 5aad0c4b02393043056f044fa39114bc1aa595ae Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-07-23 21:06:52 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-27 16:40:18 +0000 media-video/ffmpeg: security cleanup (drop <4.2.4) Bug: https://bugs.gentoo.org/711144 Bug: https://bugs.gentoo.org/718012 Bug: https://bugs.gentoo.org/719940 Bug: https://bugs.gentoo.org/727450 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Signed-off-by: Sam James <sam@gentoo.org> media-video/ffmpeg/Manifest | 2 - media-video/ffmpeg/ffmpeg-3.4.6-r1.ebuild | 490 ------------------ media-video/ffmpeg/ffmpeg-4.2.3.ebuild | 556 --------------------- media-video/ffmpeg/files/chromium.patch | 36 -- ...mpeg-3.4.6-fix-building-against-fdk-aac-2.patch | 74 --- media-video/ffmpeg/metadata.xml | 1 - 6 files changed, 1159 deletions(-)
Unable to check for sanity: > no match for package: =media-video/ffmpeg-4.2.3
GLSA vote: yes, with bug 718012.
This issue was resolved and addressed in GLSA 202007-58 at https://security.gentoo.org/glsa/202007-58 by GLSA coordinator Sam James (sam_c).