[MPlayer-users] Why no security advisory for CVE-2008-3827
Reimar Döffinger
Reimar.Doeffinger at stud.uni-karlsruhe.de
Sun Oct 12 16:52:27 CEST 2008
On Sun, Oct 12, 2008 at 02:18:48PM +0200, Manuel Reimer wrote:
> Loren Merritt wrote:
> > Did you miss the part in the very page you linked which says the bug was
> > fixed before the CERT was published, and links to the commit?
>
> And so it's my job to backport this commit to get it to work with
> Mplayer 1.0 RC2?
It should apply flawlessly, if not I can make and upload a modified patch somewhere.
_But_ you really should not be using rc2, there were many fixes since
then, and particularly FFmpeg/libavcodec has had a lot of fixes out of
which a few are somewhat likely to be a security issue.
If someone drafts a message it should not be a problem to add something
to our home page, but I am certainly not going to do it, I already have more
responsibilities than I'd like to have.
Greetings,
Reimar Döffinger
More information about the MPlayer-users
mailing list