559934 – (CVE-2015-5198) <x11-libs/libvdpau-1.1.1: multiple vulnerabilities (CVE-2015-{5198,5199,5200})

Bug 559934 (CVE-2015-5198) - <x11-libs/libvdpau-1.1.1: multiple vulnerabilities (CVE-2015-{5198,5199,5200})

Summary: <x11-libs/libvdpau-1.1.1: multiple vulnerabilities (CVE-2015-{5198,5199,5200})

Status:	RESOLVED FIXED

Alias:	CVE-2015-5198

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [noglsa/cve]
Keywords:

Depends on:
Blocks:

Reported:	2015-09-08 05:23 UTC by Jeroen Roovers (RETIRED)
Modified:	2015-10-31 16:23 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jeroen Roovers (RETIRED) gentoo-dev

2015-09-08 05:23:27 UTC

commit af517f56d64118520aa0c8456318dd9ec3307e94
Author: Aaron Plattner <aplattner@nvidia.com>
Date:   Mon Aug 31 13:59:50 2015 -0700
 
    Bump version to 1.1.1
    
    Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
 
commit d1f9c16b1a8187110e501c9116d21ffee25c0ba4
Author: José Hiram Soltren <jsoltren@nvidia.com>
Date:   Mon Aug 17 16:01:44 2015 -0500
 
    Use secure_getenv(3) to improve security
    
    This patch is in response to the following security vulnerabilities
    (CVEs) reported to NVIDIA against libvdpau:
    
    CVE-2015-5198
    CVE-2015-5199
    CVE-2015-5200
    
    To address these CVEs, this patch:
    
    - replaces all uses of getenv(3) with secure_getenv(3);
    - uses secure_getenv(3) when available, with a fallback option;
    - protects VDPAU_DRIVER against directory traversal by checking for '/'
    
    On platforms where secure_getenv(3) is not available, the C preprocessor
    will print a warning at compile time. Then, a preprocessor macro will
    replace secure_getenv(3) with our getenv_wrapper(), which utilizes the check:
    
      getuid() == geteuid() && getgid() == getegid()
    
    See getuid(2) and getgid(2) for further details.
    
    Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
    Reviewed-by: Florian Weimer <fweimer@redhat.com>

Comment 1 Agostino Sarubbo gentoo-dev

2015-09-08 07:25:58 UTC

CC arches when it can go to stable, thanks.

Comment 2 Jeroen Roovers (RETIRED) gentoo-dev

2015-09-12 05:36:26 UTC

Arch teams, please test and mark stable:
=x11-libs/libvdpau-1.1.1
Targeted stable KEYWORDS : amd64 x86

Comment 3 Agostino Sarubbo gentoo-dev

2015-09-15 12:28:27 UTC

amd64 stable

Comment 4 Agostino Sarubbo gentoo-dev

2015-09-15 12:29:05 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please vote.

Comment 5 Yury German Gentoo Infrastructure

2015-09-24 01:30:21 UTC

Arches, Thank you for your work.

GLSA Vote: No

Comment 6 Yury German Gentoo Infrastructure

2015-10-10 03:02:50 UTC

Maintainer(s), Thank you for you for cleanup.

Comment 7 Kristian Fiskerstrand (RETIRED) gentoo-dev

2015-10-31 16:23:16 UTC

GLSA Vote: No