Bug#847417: depends on gstreamer-plugins-bad, which is an ongoing source of security holes
Joey Hess
id at joeyh.name
Thu Dec 8 02:01:42 UTC 2016
Package: gnome-video-effects
Version: 0.4.1-3
Severity: normal
gstreamer-plugins-bad has been in the news at least twice recently for
security holes.
http://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-compromising-linux-desktop.html
https://scarybeastsecurity.blogspot.dk/2016/11/0day-poc-risky-design-decisions-in.html
It seems likely that it will continue to be a source of such security
holes.
I wanted to remove gstreamer-plugins-bad from my system, but this would
remove gnome-video-effects, which would remove cheese. I don't know why
cheese needs a ton of insecurely implemented codecs for playing Nintendo
games etc in order to take snapshots and record videos. Probably it doesn't?
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnome-video-effects depends on:
ii gstreamer1.0-plugins-bad 1.10.0-1
ii gstreamer1.0-plugins-good 1.10.0-1
gnome-video-effects recommends no packages.
Versions of packages gnome-video-effects suggests:
pn gnome-video-effects-frei0r <none>
-- no debconf information
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20161207/36a0f070/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list