multimedia/ffmpeg port - add "disable network" option
alexander at polyvizor.ru
Thu May 5 11:05:04 UTC 2016
Dear, ffmpeg maintainer,
FFmpeg is known for several cross-origin vulnerabilities
(https://www.cvedetails.com/cve/CVE-2016-1898/ for example) which allow
to get data from local system even if it processes only local files
(Theses files may be uploaded to local system from insecure places).
There is a flag for ffmpeg configure "--disable-network" which
completely disables ffmpeg interaction with network and gives protection
from such vulnerabilities (and some others). It will be very useful for
users who process with ffmpeg only local files to add such an option to
the ffmpeg port.
More information about the freebsd-multimedia