Vulnerability question
Harald Weis
hawei at free.fr
Tue Jun 30 15:08:42 UTC 2009
On Mon, Jun 29, 2009 at 08:40:52PM +0200, Roland Smith wrote:
> On Sun, Jun 28, 2009 at 10:56:54PM +0200, Harald Weis wrote:
> > Building lxdvdrip stops because linux-pango has known
> > vulnerabilities.
>
> You can ignore vulnerabilities by setting the environment variable
> DISABLE_VULNERABILITIES. See ports(7).
Yes, I've done this already, but I've stepped back because I cannot
evaluate the risk.
> Are you running a linux binary of mplayer? Because a native mplayer
> binary does not require linux-pango! It just uses the native pango.
In fact, it's lxdvdrip which requires linux-pango [via linux-gtk2].
lxdvdrip is happy with the native mplayer.
> If you want to rip DVDs, you can simply use mplayer:
>
> mplayer dvd://N -dumpstream -dumpfile title.mpg
>
> where N is the number of the title you want.
That's interesting. I will try that soon. I hope the manpage does
explain how to burn it then.
But what happens if the title is too long for a DVD5 ?
lxdvdrip is such a marvellous tool. Too bad, that nobody has found
the time yet to debug linux-pango.
Now, do I understand correctly, that the risk is there as soon as
linux-pango is running for the local lxdvdrip operation ?
That means that I must keep off-line during lxdvdrip to be safe ?
Is that true ?
Harald
More information about the freebsd-stable
mailing list