FS#7914 : security issues in mplayer-1.0rc1

FS#7914 - security issues in mplayer-1.0rc1

Attached to Project: Arch Linux
Opened by Nicolai Lissner (blackpenguin) - Thursday, 30 August 2007, 16:47 GMT
Last edited by Dan McGee (toofishes) - Thursday, 06 September 2007, 03:28 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Thomas Bächler (brain0)
Architecture	All
Severity	Critical
Priority	Normal
Reported Version	2007.08 Don't Panic
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:
I noticed archlinux's mplayer does not fix the cddb-issue (arbitrary remote code execution under the user ID running the player!) announced in June. Please fix this.

Additional info:
http://www.mplayerhq.hu/design7/news.html

This task depends upon

Closed by Dan McGee (toofishes)
Thursday, 06 September 2007, 03:28 GMT
Reason for closing: Not a bug
Additional comments about closing: already fixed

Comment by Dan McGee (toofishes) - Thursday, 06 September 2007, 01:49 GMT

This looks like it is fixed in the PKGBUILD to me...take a look at the sources array.

Comment by Nicolai Lissner (blackpenguin) - Thursday, 06 September 2007, 02:14 GMT

oops. true. false alarm then. I probably examined only the patches in cvs only. Sorry about the noise :>

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#7914 - security issues in mplayer-1.0rc1

Details

Loading...