diff options
author | Tim-Philipp Müller <tim@centricular.com> | 2024-07-19 12:34:03 +0100 |
---|---|---|
committer | Tim-Philipp Müller <tim@centricular.com> | 2024-07-19 13:11:29 +0100 |
commit | c116d7fa2f4cd99f2dda2601f433756cdf4b5833 (patch) | |
tree | e7d6a06d3d2901dfe8908ee5c257027ac8b85b48 | |
parent | fdfe5beab44d0d471095e6d401087a3bf9ddb362 (diff) |
Add Orc 0.4.39 release
Part-of: <https://gitlab.freedesktop.org/gstreamer/www/-/merge_requests/119>
-rw-r--r-- | src/htdocs/entities.gst | 2 | ||||
-rw-r--r-- | src/htdocs/news/news.xml | 39 | ||||
-rw-r--r-- | src/htdocs/security/Makefile.am | 1 | ||||
-rw-r--r-- | src/htdocs/security/sa-2024-0003.md | 50 | ||||
-rw-r--r-- | src/htdocs/security/security.md | 1 |
5 files changed, 92 insertions, 1 deletions
diff --git a/src/htdocs/entities.gst b/src/htdocs/entities.gst index d5424b87..329a97d3 100644 --- a/src/htdocs/entities.gst +++ b/src/htdocs/entities.gst @@ -2,7 +2,7 @@ <!ENTITY gst-version-stable "1.24.5"> <!ENTITY gst-version-devel "git main"> -<!ENTITY orc-version-stable "0.4.38"> +<!ENTITY orc-version-stable "0.4.39"> <!ENTITY orc-version-devel "git main"> <!ENTITY gst-repo-http "https://gitlab.freedesktop.org/gstreamer/"> diff --git a/src/htdocs/news/news.xml b/src/htdocs/news/news.xml index 5a3d3255..9709d6a7 100644 --- a/src/htdocs/news/news.xml +++ b/src/htdocs/news/news.xml @@ -15296,4 +15296,43 @@ Binaries for Android, iOS, Mac OS X and Windows will be available shortly. </content> </item> + + <item> + <date>2024-07-19 12:30</date> + <title>Orc 0.4.39 bug-fix release</title> + <content> + <p> +The GStreamer team is pleased to announce another release of liborc, +the Optimized Inner Loop Runtime Compiler, which is used for SIMD acceleration +in GStreamer plugins such as audioconvert, audiomixer, compositor, videoscale, +and videoconvert, to name just a few. + </p> + <p> +This is a minor bug-fix release, and also includes a security fix. + </p> + <p> + <b>Highlights:</b> + <ul> + <li>Security: Fix error message printing buffer overflow leading to possible code execution in orcc with specific input files (CVE-2024-40897). This only affects developers and CI environments using orcc, not users of liborc.</li> + <li>div255w: fix off-by-one error in the implementations</li> + <li>x86: only run AVX detection if xgetbv is available</li> + <li>x86: fix AVX detection by implementing the check recommended by Intel</li> + <li>Only enable JIT compilation on Apple arm64 if running on macOS, fixes crashes on iOS</li> + <li>Fix potential crash in emulation mode if logging is enabled</li> + <li>Handle undefined TARGET_OS_OSX correctly</li> + <li>orconce: Fix typo in GCC __sync-based implementation</li> + <li>orconce: Fix usage of __STDC_NO_ATOMICS__</li> + <li>Fix build with MSVC 17.10 + C11</li> + <li>Support stack unwinding on Windows</li> + <li>Major opcode and instruction set code clean-ups and refactoring</li> + <li>Refactor allocation and chunk initialization of code regions</li> + <li>Fall back to emulation on Linux if JIT support is not available, e.g. because of SELinux sandboxing or noexec mounting)</li> + </ul> + </p> + <p> +Direct tarball download: <a href="&site;/src/orc/orc-0.4.39.tar.xz">orc-0.4.39.tar.xz</a>. + </p> + </content> + </item> + </news> diff --git a/src/htdocs/security/Makefile.am b/src/htdocs/security/Makefile.am index 36477ba5..47447113 100644 --- a/src/htdocs/security/Makefile.am +++ b/src/htdocs/security/Makefile.am @@ -26,6 +26,7 @@ ALERTS = \ sa-2023-0011.md \ sa-2024-0001.md \ sa-2024-0002.md \ + sa-2024-0003.md \ $(NULL) security_pages = $(patsubst %.md,%.html,$(ALERTS)) diff --git a/src/htdocs/security/sa-2024-0003.md b/src/htdocs/security/sa-2024-0003.md new file mode 100644 index 00000000..bdf04a67 --- /dev/null +++ b/src/htdocs/security/sa-2024-0003.md @@ -0,0 +1,50 @@ +# Security Advisory 2024-0003 (JVN#02030803, JPCERT#92912620, CVE-2024-40897) + +<div class="vertical-table"> + +| | | +| ----------------- | --- | +| Summary | Orc compiler stack-based buffer overflow | +| Date | 2024-07-19 12:30 | +| Affected Versions | orc < 0.4.39 | +| IDs | GStreamer-SA-2024-0003<br/>JVN#02030803 / JPCERT#92912620<br/>CVE-2024-40897 | + +</div> + +## Details + +Stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files. + +## Impact + +It is possible for a malicious third party to trigger a buffer overflow and +effect code execution with the same privileges as the orc compiler is called +with by feeding it with malformed orc source files. + +This only affects developers and CI environments using orcc, not users of liborc. + +## Solution + +The Orc 0.4.39 release address the issue. +People using older branches of Orc should apply the patches and recompile. + +## References + +### The GStreamer project + +- [https://gstreamer.freedesktop.org](https://gstreamer.freedesktop.org) + +### CVE Database Entries + +- [CVE-2024-40897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40897) + +### GStreamer Orc releases + +#### 0.4.39 + +- [Orc 0.4.39 release notes](https://discourse.gstreamer.org/t/orc-0-4-39-release/1969) +- [Orc 0.4.39 tarball (.tar.xz)](/src/orc/orc-0.4.39.tar.xz) + +### Patches + +- [Patch](https://gitlab.freedesktop.org/gstreamer/orc/-/merge_requests/191.patch) diff --git a/src/htdocs/security/security.md b/src/htdocs/security/security.md index d4e61b47..7a31a9e3 100644 --- a/src/htdocs/security/security.md +++ b/src/htdocs/security/security.md @@ -13,6 +13,7 @@ The GStreamer project encourages [responsible disclosure](https://en.wikipedia.o | ID | Summary | Date | | | --- | ------- | :----: | --- | +| **GStreamer-SA-2024-0003**<br/>JVN#02030803 / JPCERT#92912620<br/>CVE-2024-40897 | Orc compiler stack-based buffer overflow | 2024-07-19 12:30 | [Details](sa-2024-0003.html) | | **GStreamer-SA-2024-0002**<br/>ZDI-CAN-23896<br/>CVE-2024-4453 | Integer overflow in EXIF metadata parser leading to potential heap overwrite | 2024-04-29 20:00 | [Details](sa-2024-0002.html) | | **GStreamer-SA-2024-0001**<br/>ZDI-CAN-22873<br/>CVE-2024-0444 | AV1 codec parser potential buffer overflow during tile list parsing | 2024-01-24 20:00 | [Details](sa-2024-0001.html) | | **GStreamer-SA-2023-0011**<br/>ZDI-CAN-22300<br/>CVE-2023-50186 | AV1 codec parser buffer overflow | 2023-12-18 14:00 | [Details](sa-2023-0011.html) | |