[Secure-testing-team] Bug#610510: CVE-2010-4489: Integer Overflow in VP8 decoding leads to memory corruption
Giuseppe Iuculano
iuculano at debian.org
Wed Jan 19 10:11:41 UTC 2011
Package: libvpx
Severity: serious
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for libvpx.
CVE-2010-4489[0]:
| Google Chrome before 8.0.552.215 does not properly handle WebM video,
| which allows remote attackers to cause a denial of service
| (out-of-bounds read) via unspecified vectors. NOTE: this vulnerability
| exists because of a regression.
Please ask upstream for an isolated patch for squeeze.
- From the chromium side, they fixed this isssue with the following commits:
http://src.chromium.org/viewvc/chrome?view=rev&revision=65287
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/libvpx/source/libvpx/vp8/vp8_dx_iface.c?r1=65147&r2=65287&pathrev=65287
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/libvpx/source/libvpx/vp8/decoder/decodframe.c?r1=65147&r2=65287&pathrev=65287
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489
http://security-tracker.debian.org/tracker/CVE-2010-4489
Cheers,
Giuseppe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk02uNoACgkQNxpp46476ao4YQCeIqJuuWg6L1VSQz1iebm49sUz
ddEAn33+fQlL4Ytg7XglpS7SlGd3Z50W
=WEhI
-----END PGP SIGNATURE-----
More information about the Secure-testing-team
mailing list