Date: Thu, 05 May 2016 13:55:03 +0300 From: =?UTF-8?Q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=80_?= =?UTF-8?Q?=D0=A3=D1=88=D0=B0=D0=BA=D0=BE=D0=B2?= <alexander@polyvizor.ru> To: multimedia@FreeBSD.org Subject: multimedia/ffmpeg port - add "disable network" option Message-ID: <9da35199c85f250388304808b85761ac@polyvizor.ru>
next in thread | raw e-mail | index | archive | help
Dear, ffmpeg maintainer, FFmpeg is known for several cross-origin vulnerabilities (https://www.cvedetails.com/cve/CVE-2016-1898/ for example) which allow to get data from local system even if it processes only local files (Theses files may be uploaded to local system from insecure places). There is a flag for ffmpeg configure "--disable-network" which completely disables ffmpeg interaction with network and gives protection from such vulnerabilities (and some others). It will be very useful for users who process with ffmpeg only local files to add such an option to the ffmpeg port. -- Regards, Alexander Ushakov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9da35199c85f250388304808b85761ac>