Porteus

Porteus User Forum
https://forum.porteus.org/

ffmpeg Exploit Zero-Day Vulnerability

https://forum.porteus.org/viewtopic.php?f=117&t=5431

Page 1 of 1

ffmpeg Exploit Zero-Day Vulnerability

Posted: 19 Jan 2016, 23:09
by lukaluki
Zero-Day FFmpeg Vulnerability Lets Anyone Steal Files from Remote Machines
Please read this: http://news.softpedia.com/news/zero-day ... 8880.shtml

How about porteus, It should also be affected by it. In SMPlayer I found the ffmpeg being used for mpeg files.

Re: ffmpeg Exploit Zero-Day Vulnerability

Posted: 19 Jan 2016, 23:27
by aus9
thanks for the heads up. I use Nemesis and users will find an update replaces the vulnerable 2.8.4 version with 2.8.5

Code: Select all

pacman -S ffmpeg
warning: ffmpeg-1:2.8.5-2 is up to date
^^ either prefix pacman command with sudo if you login as guest or leave it alone

For normal Porteus users please check what usm has to say when you search it please.

Re: ffmpeg Exploit Zero-Day Vulnerability

Posted: 20 Jan 2016, 03:58
by francois
As mentioned in the first post hyperlink: Please update to FFmpeg 2.8.5 .

Re: ffmpeg Exploit Zero-Day Vulnerability

Posted: 24 Apr 2016, 08:49
by lukaluki
I am using KDE on the 64bit, how to get the FFmpeg 2.8.5 package as xzm for loading it on every restart? as I am using the toram (non persistence) feature

regards

Re: ffmpeg Exploit Zero-Day Vulnerability

Posted: 24 Apr 2016, 11:21
by Bogomips
Copy to porteus/modules folder.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/