[arch-dev-public] FFmpeg vulnerability
Maxime Gauduin
alucryd at archlinux.org
Wed Jan 13 18:24:13 UTC 2016
Hi all,
A vulnerability via which someone can steal files from remote machines has
been discovered in FFmpeg and was made public. See associated bug report
[1].
Disabling networking altogether seems a bit much, but James Darnley @
FFmpeg suggested that disabling HLS should do the trick until a fix is
committed so I'll go ahead and rebuild our FFmpeg without the HLS and
AppleHTTP demuxers.
[1] https://bugs.archlinux.org/task/47738
Cheers,
--
Maxime
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
This
email has been sent from a virus-free computer protected by Avast.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DDB4FAA8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
More information about the arch-dev-public
mailing list