| Summary: | media-tv/xdtv includes vulnerable ffmpeg? (CVE-2005-4048) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | media-tv |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B2? [?] jaervosz | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-09-12 08:39:06 UTC
I'd say mask it, and leave it masked until upstream decides to release a version that can use external FFmpeg, if it's vulnerable. But for what I heard from them, it shouldn't be vulnerable to any FFmpeg vulnerability, at least the latest ~arch version, it might require to be stabled by x86. Diego/media-tv do you want to mask it or stable it? The stable version is not affected, I've masked 2.3.3 for safety, and will remain masked till upstream decides on that matter. Thx Diego. Closing this one as INVALID. |