Quoting Mozilla Foundation Security Advisory 2009-63: http://www.mozilla.org/security/announce/2009/mfsa2009-63.html Georgi Guninski reported a crash in liboggz. Advisory provides following bug list: https://bugzilla.mozilla.org/buglist.cgi?bug_id=515376,512327 with only 512327 being public at the moment, which is for liboggz rebase to 0.9.9.
Looking into liboggz upstream ChangeLog, mozilla bug 515376 is mentioned as fixed in version 1.0.0: * Mozilla #515376: Check index in dirac_parse_info() git commit: http://github.com/kfish/liboggz/commit/164e35e743e7681fbed34c66a015a779f73176f2 It is not tagged as security fix in liboggz changelog, even though there's a fairly large list of security fixes mentioned in 0.9.9: Security: * Handle allocation failure due to out of memory throughout, for Mozilla bug 468280. Adds new error return OGGZ_ERR_OUT_OF_MEMORY * skeleton.c::ogg_from_fisbone(): avoid memcpy of NULL fp->message_header_fields. Fixes ticket:408, reported by j^ * Mozilla bug 463756: return an error when a hole (ie. missing sequence number) is detected in the headers of a track * Remove dead code from oggz_read.c for ticket:439, reported by Coverity * Check for NULL return value of val in cgi.c (ticket:438, reported by Coverity) * Add NULL return checks (ticket:440, reported by Coverity) * Check for integer overflows in calculations for realloc and when using strlen returns. For Mozilla bug 480014 * Don't map all errors to OGGZ_ERR_STOP_ERR Required for Mozilla bug 481933 Exposes detected HOLE_IN_DATA as return value from oggz_read(), oggz_read_input(), and add documentation for extra return values * Apply patch by Jim Blandy from Mozilla bug 480521 Avoid overflow in comment lengths
What is the plan for Fedora with this? Lots of backports or move to 1.0+ in all current versions?
Looking at this one. I think it is better to update it to latest 1.xx releases.
liboggz-1.1.1-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/liboggz-1.1.1-1.fc13
liboggz-1.1.1-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/liboggz-1.1.1-1.fc12
liboggz-1.1.1-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
libannodex-0.7.3-14.fc13,mod_annodex-0.2.2-13.fc13,liboggz-1.1.1-1.fc13,libfishsound-0.9.1-5.fc13,sonic-visualiser-1.7.2-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/libannodex-0.7.3-14.fc13,mod_annodex-0.2.2-13.fc13,liboggz-1.1.1-1.fc13,libfishsound-0.9.1-5.fc13,sonic-visualiser-1.7.2-1.fc13
libannodex-0.7.3-14.fc13, mod_annodex-0.2.2-13.fc13, liboggz-1.1.1-1.fc13, libfishsound-0.9.1-5.fc13, sonic-visualiser-1.7.2-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.