MKVToolNix v9.4.2 released

Unfortunately the just-released v9.4.2 contained a nasty regression in both the AVC and HEVC readers. I’m therefore releasing v9.4.2 mere hours after v9.4.1. The only difference is the fix to the aforementioned regression. I’m including the whole announcement for v9.4.1 below.

Somewhat unscheduled I’m releasing v9.4.1. It fixes several errors in mkvmerge, most of which are exploitable via specially crafted file. They were found by fuzzing done by Justin Smith.

Nothing’s been changed regarding the packagin since v9.4.0.

You can download the source code or one of the binaries. The Windows and Mac OS binaries are available. Most of the Linux binaries are still being built and will be available in a couple of hours.

Here’s the full ChangeLog since the previous release:

  • 2016-09-11 Moritz Bunkus <moritz@bunkus.org>
    • Released v9.4.2 "So High".
    • mkvmerge: bug fix: AVC & HEVC readers: release v9.4.1 contains a change to both readers so that they will refuse to handle files where the detected pixel width or height is equal to or less than 0. This check was wrong in certain cases causing mkvmerge to reject a file as an unsupported file type. This has been fixed while keeping the constraints on width & height having to be positive.
    • Released v9.4.1 "Black Rain".
  • 2016-09-07 Moritz Bunkus <moritz@bunkus.org>
    • Note: most of the bugs fixed on 2016-09-06 and 2016-09-07 for issue #1780 are potentially exploitable. The scenario is arbitrary code execution with specially-crafted files. Updating is highly recommended.
    • mkvmerge: bug fix: AVC & HEVC readers: the readers will now refuse to handle files where the detected pixel width or height is equal to or less than 0. Before this fix the muxing process aborted with an assertion inside libMatroska. Fixes the last test case of #1780.
    • mkvmerge: bug fix: HEVC parser: fixed another invalid memory access (beyond the end of allocated space). Fixes two test cases of #1780.
  • 2016-09-06 Moritz Bunkus <moritz@bunkus.org>
    • mkvmerge: bug fix: HEVC parser: fixed another invalid memory access (beyond the end of a fixed-size array). Fixes several test cases of #1780.
    • mkvmerge: bug fix: MP4 reader: an error message will be printed instead of an uncaught exception when an invalid atom chunk size is encountered during resync. Fixes a test case of #1780.
    • mkvmerge: bug fix: AAC reader: fixed mkvmerge throwing an uncaught exception due to the sample rate being 0. Fixes a test case of #1780.
    • mkvmerge: bug fix: MP4 reader: fixed an invalid memory access (beyond the end of allocated space). Fixes several test cases of #1780.
    • mkvmerge: bug fix: HEVC parser: fixed an invalid memory access (beyond the end of allocated space). Fixes several test cases of #1780.
    • mkvmerge: bug fix: fixed an invalid memory access (use after free) during global destruction phase. Fixes several test cases of #1780.
  • 2016-09-02 Moritz Bunkus <moritz@bunkus.org>
    • mkvmerge: bug fix: using very large –sync values (several minutes) with certain container formats was causing mkvmerge to abort muxing. Fixes #1774.

Have fun :)

5 thoughts on “MKVToolNix v9.4.2 released

  1. Henry

    Hi,I use Norton Security on my computer~

    And after I download 32bit/64bit latest version app,only 64bit detected a virus in it. (32bit is okay)~

    could you plaese fix this problem~:) thx

  2. SorryForMyEN

    I liked the new GUI, but I can’t extract attachments with mkvextract, and curiously gMKVextractGUI stopped working too. So I’m going back to version 7.8 of this wonderful application and I will follow future versions waiting for an interface that to gather in the same place merge, info, extraction and editing. Thanks and congratulations for job.

    1. mosu Post author

      gMKVExtractGUI is under active development, and the thread on Doom9 shows that it’s working with current MKVToolNix just fine. You should look into updating gMKVExtractGUI, too, and if you still encounter problems with the latest version then post that on the Doom9 thread I’ve linked to.

Comments are closed.