cvs commit: ports/security/vuxml vuln.xml
Remko Lodder
remko at FreeBSD.org
Sat Sep 16 08:41:04 PDT 2006
Peter Jeremy wrote:
> On Thu, 2006-Sep-14 14:26:44 +0000, Remko Lodder wrote:
>> remko 2006-09-14 14:26:44 UTC
>> Rewrite the win32-codecs entry to even better explain the vulnerability [2].
>
> Since there's no longer a maintainer and there doesn't appear to be a
> fix at the master site, this port may be broken for some time. Is it
> possible to just not install the QuickTime dll's?
>
> Based on the codec breakdown, QuickTime support is the following files:
> 3ivX.qtx
> ACTLComponent.qtx
> AvidQTAVUICodec.qtx
> BeHereiVideo.qtx
> Indeo4.qtx
> On2_VP3.qtx
> ZyGoVideo.qtx
> QuickTime.qts
> QuickTimeEssentials.qtx
> QuickTimeInternetExtras.qtx
> qtmlClient.dll
>
> Does anyone know if those files can just be removed to avoid the
> vulnerability whilst still have the remaining win32 codecs work?
>
Hello Peter,
I am not sure, and I am not going to look into it as we speak
(Not that I do not want, but I am planning to go on holiday
in a few hours, so need to do other things instead and make sure
most of my open items are known etc).
I will have a look when I get back if no one looked prior to that.
Cheers,
Remko
--
Kind regards,
Remko Lodder ** remko at elvandar.org
FreeBSD ** remko at FreeBSD.org
/* Quis custodiet ipsos custodes */
More information about the cvs-all
mailing list