xine-lib may allow remote code execution!
in [Slackware]
|
Prev: [Security] xine-lib may allow remote code execution!
Next: Wifi on HP 6720s laptop Broadcom 4312 card Slackware 12.1current
From: Eef Hartman on 18 Apr 2008 06:09 Manuel Reimer <mreimer(a)expires-30-04-2008.news-group.org> wrote: > I, so far, didn't check if mplayer has to be patched less often, but I > think so, as I much more often read about holes in xine-lib on news > sites. Actually that is more due to that mplayer is maintained less: Mplayer 1.0rc2 has been out since October last year, but since then all security problems have been fixed only als patches to the SVN version, no patched "rc" has been brought out. You have to download and apply the patch(es) yourself. All released patches can be found in the directory www.mplayerhq.hu/MPlayer/patches The News gives info about what has been fixed and you can download individual patches from there too. -- ******************************************************************** ** Eef Hartman, Delft University of Technology, dept. EWI/TW ** ** e-mail: E.J.M.Hartman(a)math.tudelft.nl, fax: +31-15-278 7295 ** ** snail-mail: P.O. Box 5031, 2600 GA Delft, The Netherlands ** ********************************************************************
From: Manuel Reimer on 18 Apr 2008 06:54 Eef Hartman wrote: > Actually that is more due to that mplayer is maintained less: > Mplayer 1.0rc2 has been out since October last year, but since then > all security problems have been fixed only als patches to the SVN > version, no patched "rc" has been brought out. You have to download > and apply the patch(es) yourself. > All released patches can be found in the directory > www.mplayerhq.hu/MPlayer/patches > The News gives info about what has been fixed and you can download > individual patches from there too. Interesting... That's a pretty long release time... But if they at least release patches, then mplayer seems to be still maintained and even with the long release time, there are only four patches, that have to be added for security reasons. Seems like they have less security problems as xine has. CU Manuel
From: Someone on 18 Apr 2008 16:13 On Fri, 18 Apr 2008 12:54:11 +0200 Manuel Reimer <mreimer(a)expires-30-04-2008.news-group.org> wrote: > Eef Hartman wrote: > > Actually that is more due to that mplayer is maintained less: > > Mplayer 1.0rc2 has been out since October last year, but since then > > all security problems have been fixed only als patches to the SVN > > version, no patched "rc" has been brought out. You have to download > > and apply the patch(es) yourself. > > All released patches can be found in the directory > > www.mplayerhq.hu/MPlayer/patches > > The News gives info about what has been fixed and you can download > > individual patches from there too. > > Interesting... That's a pretty long release time... > > But if they at least release patches, then mplayer seems to be still > maintained and even with the long release time, there are only four > patches, that have to be added for security reasons. Seems like they > have less security problems as xine has. > > CU > > Manuel > -- So will Pat Volkerding ever replace Xine with Mplayer?
From: Thomas Overgaard on 18 Apr 2008 16:29 Someone wrote : > So will Pat Volkerding ever replace Xine with Mplayer? Never. MPlayer uses codecs wich have some major issues with copyright. -- Thomas O. This area is designed to become quite warm during normal operation.
From: marksouth on 18 Apr 2008 16:38 On Fri, 18 Apr 2008 22:29:03 +0200, Thomas Overgaard wrote: > Someone wrote : > >> So will Pat Volkerding ever replace Xine with Mplayer? > > Never. MPlayer uses codecs wich have some major issues with copyright. Well, Xine will play Flash videos, what's the copyright/patent status of those?
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: [Security] xine-lib may allow remote code execution! Next: Wifi on HP 6720s laptop Broadcom 4312 card Slackware 12.1current |