Bugzilla – Bug 913071
VUL-0: CVE-2014-8154: vala: Heap-buffer overflow in vala-gstreamer bindings at Gst.MapInfo()
Last modified: 2015-02-19 02:04:44 UTC
CVE-2014-8154 Sergey "Shnatsel" Davidoff reported a heap-based buffer overflow in Vala Gstreamer bindings in the Gst.MapInfo() function. Further details are available in the following Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1177840 References: https://git.gnome.org/browse/vala/commit/?id=3092537db65887e24a3d3e87a27caf9c5295e4f7 (fix) https://bugzilla.redhat.com/show_bug.cgi?id=1181404 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8154 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8154
Please note (from the RH bug report): "All binaried built with the buggy bindings package that use Gst.MapInfo() function are affected. Binaries such as shotwell-video-thumbnailer run this function on untrusted input, which probably makes this bug fairly easy to exploit." This implies shotwell, but I don't know how many others are affected :(
Affected openSUSE releases: 13.2 & Tumbleweed for 13.2: preparing update for TW : Updated vala version should hit fairly soon The 'main issue' will be to identify the packages requiring a rebuild.
It looks like shotwell in SLED12 is not affected
bugbot adjusting priority
Update submitted - assigning to maintenance for followup
while vala is shipped on the SLE12 BSK, we probably do not need to update it there. opensuse update will be released soonish
openSUSE-SU-2015:0131-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 913071 CVE References: CVE-2014-8154 Sources used: openSUSE 13.2 (src): shotwell-0.20.1-5.2, vala-0.26.1-4.1