Date: Fri, 6 Oct 2006 09:35:31 +0400 From: "Andrew Pantyukhin" <infofarmer@FreeBSD.org> To: secteam@freebsd.org, hackers@FreeBSD.org Subject: Tracing binaries statically linked against vulnerable libs Message-ID: <cb5206420610052235t78033639vaa90429f07581078@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I wonder if there is a way to deal with statically linked binaries, which use vulnerable libraries. There's this advisory: http://www.vuxml.org/freebsd/964161cd-6715-11da-99f6-00123ffe8333.html But mplayer and libxine are linked statically against ffmpeg, as are reportedly many other apps like gstreamer. Of course I can install every port that requires ffmpeg directly, look for "lavc" strings and compare it to ldd output, but it sounds like a nightmare. Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5206420610052235t78033639vaa90429f07581078>