From owner-freebsd-stable@FreeBSD.ORG Tue Jun 30 15:08:42 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 81F921065673 for ; Tue, 30 Jun 2009 15:08:42 +0000 (UTC) (envelope-from me@pollux.local.net) Received: from smtp4-g21.free.fr (smtp4-g21.free.fr [212.27.42.4]) by mx1.freebsd.org (Postfix) with ESMTP id EFB5E8FC17 for ; Tue, 30 Jun 2009 15:08:40 +0000 (UTC) (envelope-from me@pollux.local.net) Received: from smtp4-g21.free.fr (localhost [127.0.0.1]) by smtp4-g21.free.fr (Postfix) with ESMTP id 0529B4C80BD for ; Tue, 30 Jun 2009 17:08:36 +0200 (CEST) Received: from pollux.local.net (che78-3-82-246-30-233.fbx.proxad.net [82.246.30.233]) by smtp4-g21.free.fr (Postfix) with ESMTP id 1A2384C8190 for ; Tue, 30 Jun 2009 17:08:34 +0200 (CEST) Received: by pollux.local.net (Postfix, from userid 2000) id 4BF631CE3C; Tue, 30 Jun 2009 17:08:32 +0200 (CEST) Date: Tue, 30 Jun 2009 17:08:32 +0200 From: Harald Weis To: freebsd-stable@freebsd.org Message-ID: <20090630150832.GA2650@pollux.local.net> Mail-Followup-To: freebsd-stable@freebsd.org References: <20090628205654.GA6237@pollux.local.net> <20090629184052.GB3248@slackbox.xs4all.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090629184052.GB3248@slackbox.xs4all.nl> User-Agent: Mutt/1.4.2.3i Subject: Re: Vulnerability question X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jun 2009 15:08:42 -0000 On Mon, Jun 29, 2009 at 08:40:52PM +0200, Roland Smith wrote: > On Sun, Jun 28, 2009 at 10:56:54PM +0200, Harald Weis wrote: > > Building lxdvdrip stops because linux-pango has known > > vulnerabilities. > > You can ignore vulnerabilities by setting the environment variable > DISABLE_VULNERABILITIES. See ports(7). Yes, I've done this already, but I've stepped back because I cannot evaluate the risk. > Are you running a linux binary of mplayer? Because a native mplayer > binary does not require linux-pango! It just uses the native pango. In fact, it's lxdvdrip which requires linux-pango [via linux-gtk2]. lxdvdrip is happy with the native mplayer. > If you want to rip DVDs, you can simply use mplayer: > > mplayer dvd://N -dumpstream -dumpfile title.mpg > > where N is the number of the title you want. That's interesting. I will try that soon. I hope the manpage does explain how to burn it then. But what happens if the title is too long for a DVD5 ? lxdvdrip is such a marvellous tool. Too bad, that nobody has found the time yet to debug linux-pango. Now, do I understand correctly, that the risk is there as soon as linux-pango is running for the local lxdvdrip operation ? That means that I must keep off-line during lxdvdrip to be safe ? Is that true ? Harald