Date: Fri, 15 Jan 2016 02:58:20 +0000 From: bugzilla-noreply@freebsd.org To: multimedia@FreeBSD.org Subject: maintainer-feedback requested: [Bug 206282] multimedia/ffmpeg zero-day vulnerability HLS Message-ID: <bug-206282-12827-6L6p2ECycs@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-206282-12827@https.bugs.freebsd.org/bugzilla/> References: <bug-206282-12827@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
sasamotikomi@gmail.com has reassigned Bugzilla Automation <bugzilla@FreeBSD.org>'s request for maintainer-feedback to multimedia@FreeBSD.org: Bug 206282: multimedia/ffmpeg zero-day vulnerability HLS https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206282 --- Description --- Attacker can simple put m3u8 in media container and get access to your local file( for example password). I recommend build ffmpeg with --disable-network http://news.softpedia.com/news/zero-day-ffmpeg-vulnerability-lets-anyone-st= eal- files-from-remote-machines-498880.shtml
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-206282-12827-6L6p2ECycs>