http://opus-codec.org/release/stable/2017/01/20/libopus-1_1_4.html "This Opus 1.1.4 release fixes a single bug. A specially-crafted Opus packet could cause an integer wrap-around in the SILK LSF stabilization code. This would cause an out-of-bounds read 256 bytes before a constant table. In most circumstances, the consequences are harmless and the result is simply noise in the audio. This was reported as CVE-2017-0381. Contrary to that report, our own analysis shows that no remote code execution is possible. However, we are making this release as a precaution."
Ralph - feel like updating libopus?
Priority: -- → P1
Comment on attachment 8837264 [details] Bug 1332953 - Update libopus to 1.1.4. https://reviewboard.mozilla.org/r/112432/#review113860
Attachment #8837264 - Flags: review?(kinetik) → review+
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/4b5f50f51228 Update libopus to 1.1.4. r=kinetik
Needinfo myself to nominate for aurora uplift.
Assignee: nobody → giles
Let's get this on Beta ahead of the next ESR as well.
Whoops, lost track of this one. Ralph, can you please request Aurora approval on this still?
Thanks for the reminder.
Comment on attachment 8837264 [details] Bug 1332953 - Update libopus to 1.1.4. Approval Request Comment [Feature/Bug causing the regression]: Opus/WebM audio playback. [User impact if declined]: Firefox will be vulnerable to a minor CVE. We do not believe this is exploitable, but it is reassuring to ship the fix sooner. [Is this code covered by automated tests?]: yes. [Has the fix been verified in Nightly?]: yes. [Needs manual test from QE? If yes, steps to reproduce]: No. [List of other uplifts needed for the feature/fix]: None. [Is the change risky?]: No. [Why is the change risky/not risky?]: Change is a single line applying saturating instead wrapping arithmetic, and that change is well tested in other applications. The only possible change of behaviour is better audio output for invalid files. [String changes made/needed]: None
Attachment #8837264 - Flags: approval-mozilla-aurora?
Comment on attachment 8837264 [details] Bug 1332953 - Update libopus to 1.1.4. Shipping this more quickly sounds good to me. Let's uplift for aurora 53. Too late for 52 though.
Attachment #8837264 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
2 years ago
You need to log in before you can comment on or make changes to this bug.