Closed Bug 1332953 Opened 6 years ago Closed 6 years ago

Update libopus to 1.1.4 release


(Core :: Audio/Video: Playback, defect, P1)




Tracking Status
firefox-esr45 --- unaffected
firefox51 --- wontfix
firefox52 --- wontfix
firefox53 --- fixed
firefox54 --- fixed


(Reporter: ionnv, Assigned: rillian)




(1 file)

"This Opus 1.1.4 release fixes a single bug. A specially-crafted Opus packet could cause an integer wrap-around in the SILK LSF stabilization code. This would cause an out-of-bounds read 256 bytes before a constant table. In most circumstances, the consequences are harmless and the result is simply noise in the audio.

This was reported as CVE-2017-0381. Contrary to that report, our own analysis shows that no remote code execution is possible. However, we are making this release as a precaution."
Depends on: 1288091
Ralph - feel like updating libopus?
Flags: needinfo?(giles)
Priority: -- → P1
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.
Attachment #8837264 - Flags: review?(kinetik) → review+
Pushed by
Update libopus to 1.1.4. r=kinetik
Needinfo myself to nominate for aurora uplift.
Assignee: nobody → giles
Flags: needinfo?(giles)
Let's get this on Beta ahead of the next ESR as well.
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
Whoops, lost track of this one. Ralph, can you please request Aurora approval on this still?
Flags: needinfo?(giles)
Thanks for the reminder.
Flags: needinfo?(giles)
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.

Approval Request Comment
[Feature/Bug causing the regression]: Opus/WebM audio playback.
[User impact if declined]: Firefox will be vulnerable to a minor CVE. We do not believe this is exploitable, but it is reassuring to ship the fix sooner.
[Is this code covered by automated tests?]: yes.
[Has the fix been verified in Nightly?]: yes.
[Needs manual test from QE? If yes, steps to reproduce]: No.
[List of other uplifts needed for the feature/fix]: None.
[Is the change risky?]: No.
[Why is the change risky/not risky?]: Change is a single line applying saturating instead wrapping arithmetic, and that change is well tested in other applications. The only possible change of behaviour is better audio output for invalid files.
[String changes made/needed]: None
Attachment #8837264 - Flags: approval-mozilla-aurora?
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.

Shipping this more quickly sounds good to me. Let's uplift for aurora 53. Too late for 52 though.
Attachment #8837264 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.