On Thu, Nov 03, 2016 at 10:29:59AM +0100, Hugo Lefeuvre wrote: > > I looked into backporting the fixes for > > > > https://lists.debian.org/debian-lts/2016/09/msg00211.html > > > > that the Mozilla people complained about from the 9 release branch to the > > 0.8 release branch. It's entirely nontrivial since the commits that fix > > the issue constitute a major refactoring. I'm about halfway into the > > process and my intermediate result is failing many tests. It's unclear to > > me at this point if the resulat is worth the trouble :-/ > > Well, the issue looks important, and I'd like to see it fixed, but if > you think it is not possible to do it without important risks of > regressions, then we should maybe consider dropping it. > > However, I have to say I'm not very well informed about this issue; The > libav bug tracker is just mentionning a potentially exploitable attempt > to free a corrupted pointer. Does this issue has a CVE assigned yet ?
I don't know of a CVE for the issue. In the meantime I have had an epiphany and found a simpler fix for the issue after staring at the code during the refactoring backport. I'll do some final tests and push it tomorrow. > > > Let me know if I can speed up the process by preparing patches. If yes, > > > please, > > > mention the issues you are currently working on, so we avoid duplicate > > > work. > > > > > > [0] https://security-tracker.debian.org/tracker/source-package/libav > > > > CVE-2016-7424: > > > > I cannot reproduce the crash with 0.8, so Wheezy should not have a problem. > > I'd like to perform some tests before definitively marking libav 0.8 as > unaffected in the tracker; could you quickly explain me how you attempted > to reproduce it ? > > The affected code in 11.x is almost the same as in 0.8. The reporter claims that it's specific to one clang version (3.8.1). I have installed that clang version and will retry to reproduce the issue. Diego
signature.asc
Description: Digital signature
