doug.dimick 13 Posted January 14, 2016 Posted January 14, 2016 Is Emby impacted by the recently announced ffmpeg remote file access vulnerability? 1
Luke 42078 Posted January 15, 2016 Posted January 15, 2016 We're not using concat unless you're transcoding folder rips and very few people are doing that.
doug.dimick 13 Posted January 15, 2016 Author Posted January 15, 2016 Perhaps I'm misunderstanding the vulnerability, but I believe the concat element would be included in a video file modified by the attacker, which would then be downloaded by the victim, and the vulnerability would be realized as soon as ffmpeg read the file for any reason. http://seclists.org/oss-sec/2016/q1/85
Luke 42078 Posted January 15, 2016 Posted January 15, 2016 no, it's with the concat protocol which we're not using.
overClocked! 65 Posted January 16, 2016 Posted January 16, 2016 (edited) We're not using concat unless you're transcoding folder rips and very few people are doing that. Let me read about this, then. Got lots of DVD folder rips still. Sent from my iPhone using Tapatalk Edited January 16, 2016 by overClocked!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now