Date: Fri, 15 Jan 2016 02:58:20 +0000 From: bugzilla-noreply@freebsd.org To: multimedia@FreeBSD.org Subject: [Bug 206282] multimedia/ffmpeg zero-day vulnerability HLS Message-ID: <bug-206282-12827@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206282 Bug ID: 206282 Summary: multimedia/ffmpeg zero-day vulnerability HLS Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: multimedia@FreeBSD.org Reporter: sasamotikomi@gmail.com Assignee: multimedia@FreeBSD.org Flags: maintainer-feedback?(multimedia@FreeBSD.org) Attacker can simple put m3u8 in media container and get access to your local file( for example password). I recommend build ffmpeg with --disable-network http://news.softpedia.com/news/zero-day-ffmpeg-vulnerability-lets-anyone-st= eal-files-from-remote-machines-498880.shtml --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-206282-12827>