Update libopus to 1.1.4 release

RESOLVED FIXED in Firefox 53

Status

()

defect
P1
normal
RESOLVED FIXED
3 years ago
2 years ago

People

(Reporter: ionnv, Assigned: rillian)

Tracking

unspecified
mozilla54
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox-esr45 unaffected, firefox51 wontfix, firefox52 wontfix, firefox53 fixed, firefox54 fixed)

Details

Attachments

(1 attachment)

http://opus-codec.org/release/stable/2017/01/20/libopus-1_1_4.html

"This Opus 1.1.4 release fixes a single bug. A specially-crafted Opus packet could cause an integer wrap-around in the SILK LSF stabilization code. This would cause an out-of-bounds read 256 bytes before a constant table. In most circumstances, the consequences are harmless and the result is simply noise in the audio.

This was reported as CVE-2017-0381. Contrary to that report, our own analysis shows that no remote code execution is possible. However, we are making this release as a precaution."
Depends on: 1288091
Ralph - feel like updating libopus?
Flags: needinfo?(giles)
Priority: -- → P1
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.

https://reviewboard.mozilla.org/r/112432/#review113860
Attachment #8837264 - Flags: review?(kinetik) → review+
Pushed by rgiles@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4b5f50f51228
Update libopus to 1.1.4. r=kinetik
Needinfo myself to nominate for aurora uplift.
Assignee: nobody → giles
Flags: needinfo?(giles)
Let's get this on Beta ahead of the next ESR as well.
https://hg.mozilla.org/mozilla-central/rev/4b5f50f51228
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
Whoops, lost track of this one. Ralph, can you please request Aurora approval on this still?
Flags: needinfo?(giles)
Thanks for the reminder.
Flags: needinfo?(giles)
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.

Approval Request Comment
[Feature/Bug causing the regression]: Opus/WebM audio playback.
[User impact if declined]: Firefox will be vulnerable to a minor CVE. We do not believe this is exploitable, but it is reassuring to ship the fix sooner.
[Is this code covered by automated tests?]: yes.
[Has the fix been verified in Nightly?]: yes.
[Needs manual test from QE? If yes, steps to reproduce]: No.
[List of other uplifts needed for the feature/fix]: None.
[Is the change risky?]: No.
[Why is the change risky/not risky?]: Change is a single line applying saturating instead wrapping arithmetic, and that change is well tested in other applications. The only possible change of behaviour is better audio output for invalid files.
[String changes made/needed]: None
Attachment #8837264 - Flags: approval-mozilla-aurora?
Comment on attachment 8837264 [details]
Bug 1332953 - Update libopus to 1.1.4.

Shipping this more quickly sounds good to me. Let's uplift for aurora 53. Too late for 52 though.
Attachment #8837264 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.