#1450 closed defect (fixed)
Mpg123 Security Vulnerability
| Reported by: | Randy McMurchy | Owned by: | |
|---|---|---|---|
| Priority: | highest | Milestone: | |
| Component: | BOOK | Version: | SVN |
| Severity: | critical | Keywords: | |
| Cc: |
Description ¶
The maintainer's site for the Mpg123 package says that you should *not* use the source code we show in the BLFS book.
There may be a fix (patches) on the Debian or Gentoo sites, though I did not check into this.
For the time being we need to decide if perhaps commenting out this package from the multimedia section in BLFS might not be the best plan.
Change History (5)
comment:1 by , 20 years ago
| Owner: | changed from to |
|---|
comment:2 by , 20 years ago
| Status: | new → assigned |
|---|
comment:3 by , 20 years ago
mpg321 is a drop-in replacement for mpg123. Can be found at <http://sourceforge.net/projects/mpg321/>.
comment:4 by , 20 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Mpg321 seems a bit dated too. I see it uses lib mad and libid3. I'll play with it, see how it performs. Maybe then we can discuss switching.
Note:
See TracTickets
for help on using tickets.
I will fix this for now because I still like gqmpeg. However, it is getting a bit dated too. Maybe this should be the last update.