Ubuntu
libvdpau package

  1. Bug #1490826
  2. Activity log

Activity log for bug #1490826

Date Who What changed Old value New value Message
2015-09-01 05:47:33 dino99 bug added bug
2015-09-01 05:48:30 dino99 tags bot-stop-nagging
2015-09-01 05:51:16 dino99 description http://lists.x.org/archives/xorg-announce/2015-August/002630.html http://anzwix.com/a/VDPAU/UseSecuregetenv3ToImproveSecurity NVIDIA released the libvdpau 1.1.1 library today to fix three new CVE security issues. Aaron Plattner of NVIDIA announced today: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files. See CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200 for more details. This release uses the secure_getenv() function, when available, to fix these problems. On platforms where secure_getenv() is not available, the VDPAU environment variables will not be honored by the library. The secure_getenv() call is used now rather than getenv() for obtaining the environment variable values of DRI_PRIME, VDPAU_DRIVER, VDPAU_DRIVER_PATH, VDPAU_TRACE, and VDPAU_TRACE_FILE, per this commit. The secure_getenv() call has been present since glibc 2.17 is GNU-specific and will return null in cases where secure execution is required, details via the man page. From a Phoronix post: http://lists.x.org/archives/xorg-announce/2015-August/002630.html http://anzwix.com/a/VDPAU/UseSecuregetenv3ToImproveSecurity NVIDIA released the libvdpau 1.1.1 library today to fix three new CVE security issues. Aaron Plattner of NVIDIA announced today: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files. See CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200 for more details. This release uses the secure_getenv() function, when available, to fix these problems. On platforms where secure_getenv() is not available, the VDPAU environment variables will not be honored by the library. The secure_getenv() call is used now rather than getenv() for obtaining the environment variable values of DRI_PRIME, VDPAU_DRIVER, VDPAU_DRIVER_PATH, VDPAU_TRACE, and VDPAU_TRACE_FILE, per this commit. The secure_getenv() call has been present since glibc 2.17 is GNU-specific and will return null in cases where secure execution is required, details via the man page.
2015-09-01 19:02:12 dino99 summary NVIDIA's VDPAU Library Exposed To Security Issue [CVE] NVIDIA's VDPAU Library Exposed To Security Issue
2015-09-02 15:38:13 dino99 cve linked 2015-5198
2015-09-02 15:38:13 dino99 cve linked 2015-5199
2015-09-02 15:38:13 dino99 cve linked 2015-5200
2015-09-02 15:38:26 dino99 libvdpau (Ubuntu): status New Fix Released