[sf-lug] bad news for streaming media users
Akkana Peck
akkana at shallowsky.com
Sat Dec 17 08:22:14 PST 2016
Rick Moen writes:
> Quoting Bobbie Sellers (bliss-sf4ever at dslextreme.com):
>
> > Hi LUGers,
> > If your desktop runs a mainstream release of Linux, chances are
> > you're vulnerable.
>
> Actually, oonly distibutions furnishing GNOME desktop _and_ GStreamer
> _and_ the buggy, unmaintained gstreamer-plugins-bad plugins, _and_ the
> user is using the Chromium Web browser or its Google Chrome proprietary
> variant.[0]
Thank you, Rick! I get so frustrated by these "all Linux desktops
are vulnerable" articles that give no clue which components are
actually involved in the exploit.
I have one remaining question: you mention the exploit depends on
Gnome Tracker, but the article says that Ubuntu desktops are
vulnerable. Does Unity also use Gnome Tracker, or is its search
software vulnerable in the same was as Tracker? (I don't use either
Gnome or Unity and the only system search I use is updatedb/locate,
but I know plenty of Ubuntu/Unity users who might need to know about
this.)
Oops, make that two questions. Is gstreamer-plugins-ugly as unsafe as
gstreamer-plugins-bad? I do use that, for mp3. Though generally not
with files downloaded from random untrusted websites.
...Akkana
More information about the sf-lug
mailing list