From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Dec 1 12:32:46 2008 Return-Path: Delivered-To: freebsd-ports-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B10A8106564A; Mon, 1 Dec 2008 12:32:46 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 5B09F8FC1C; Mon, 1 Dec 2008 12:32:46 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=ONudt0xP6LDYsSOSbhz8aigV5aiGxfHyGQQn7OVycZgK/7D6XSQ88H/UEXpKm7YTUzC8JazfZHt0jciQk9TxdlgmLX7w35jzajuQOiOaAW/89NQq7oxVsVcp/yWBMeCT27I3c1kCS4RCLTHp3qAkPafI1iRi5qdU/0lV4mdYyYc=; Received: from daemon.grid.kiae.ru (daemon.grid.kiae.ru [144.206.66.47]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1L77xD-00019w-VY; Mon, 01 Dec 2008 15:32:44 +0300 Date: Mon, 1 Dec 2008 15:32:48 +0300 From: Eygene Ryabinkin To: bug-followup@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org Message-ID: References: <20081129211244.505D817115@amnesiac.at.no.dns> <200811292120.mATLK38v098563@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="da4uJneut+ArUgXk" Content-Disposition: inline In-Reply-To: <200811292120.mATLK38v098563@freefall.freebsd.org> Sender: rea-fbsd@codelabs.ru Cc: Subject: Re: ports/129282: [vuxml] multimedia/vlc-devel: document CVE-2008-4654 and CVE-2008-4686 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Dec 2008 12:32:46 -0000 --da4uJneut+ArUgXk Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Joseph, good day. According to Joseph Atkinson: > This is generally correct. The affected version is NOT 0.9.5 > though. 0.9.5 was the release that addressed the issues. So the > affected versions are effectively 0.9.0 through 0.9.4. I mentioned > both of these CVEs in a follow up to ports/128359, which was the > 0.9.5 submission. Sure, 0.9.5. is clean from this issue as the VuXML entry suggests: '>=3D0.9.0.20080223<0.9.5'. > FreeBSD moved from 0.9.0-test1 directly to 0.9.5, so it is possible that > FreeBSD never included an affected version. As I wrote in the original PR, I had traced this down to 0.9.0.20080223 through the vlc-devel port history. > I can't confirm this at this > time because of being busy (holidays) and that there is no -test1 marked > in their git for easy reference. However, I have no objections to > documenting them to be complete/precise/safe. -test1 can be downloaded from ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/vlc-0.9.0-test1.tar.bz2 Is has the code in question: look at modules/demux/ty.c for the following entries: ----- int i_seq_table_size; /* number of entries in SEQ table */ int i_bits_per_seq_entry; /* # of bits in SEQ table bitmask */ -- for (i=3D0; ii_seq_table_size; i++) { stream_Read(p_demux->s, mst_buf, 8 + i_map_size); ----- > It is also worth noting that 0.9.5 is vulnerable to other issues that > have already been documented in vulnxml. I mention this to avoid any > confusion. 0.9.5 is not "clean", it's just not affected by these CVEs > specifically. Yes, it is correct. No one claimed that 0.9.5 is vulnerable: this VuXML entry meant to document old vulnerabilities that are still valid for the older port versions. --=20 Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual =20 )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook=20 {_.-``-' {_/ # --da4uJneut+ArUgXk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkkz2XAACgkQthUKNsbL7YiFTwCggm0VePdA1HM5Y/qJBm6iL20p lgkAniZzLjpUsRfsRxGKvuFfl6GNgOD2 =T8Mw -----END PGP SIGNATURE----- --da4uJneut+ArUgXk--