Language Selection

English French German Italian Portuguese Spanish

Alleged critical holes in Xvid

Filed under
Security

According to reports from several security services, the Xvid 1.1.2 Video Codec Library has a security hole which attackers could use to gain control over a PC. For a successful attack, a victim only needs to open a prepared Xvid-AVI file with an application which makes calls to the library. Both Windows and Linux applications are affected.

The errors are located in the file mbcoding.c in the get_intra_block, get_inter_block_h263 and get_inter_block_mpeg functions. Array indexing errors can lead to an overrun which throws parts of the memory into confusion.

The problem is not restricted to AVI files alone but also affects all container formats such as MP4, Ogg and Matroska.

More Here.




More in Tux Machines

UKSM Is Still Around For Data Deduplication Of The Linux Kernel

Several years back we wrote about Ultra Kernel Samepage Merging (UKSM) for data de-duplication within the Linux kernel for transparently scanning all application memory and de-duping it where possible. While the original developer is no longer active, a new developer has been maintaining the work and continues to support it on the latest Linux kernel releases. Read more

Why Dell’s gamble on Linux laptops has paid off

The whole juggernaut that is now Linux on Dell started as the brainchild of two core individuals, Barton George (Senior Principal Engineer) and Jared Dominguez (OS Architect and Linux Engineer). It was their vision that began it all back in 2012. It was long hours, uncertain futures and sheer belief that people really did want Linux laptops that sustained them. Here is the untold story of how Dell gained the top spot in preinstalled Linux on laptops. Where do you start when no one has ever really even touched such a concept? The duo did have some experience of the area before. George explained that the XPS and M3800 Linux developer’s laptops weren’t Dell’s first foray into Linux laptops. Those with long memories may remember Dell testing the waters for a brief while by having a Linux offering alongside Windows laptops. By their own admission it didn’t work out. “We misread the market,” commented George. Read more Also: New Entroware Aether Laptop for Linux Powered with Ubuntu

A Short MATE Desktop 1.17 Review in February 2017

MATE 1.17 is a testing release, it has no official announcement like 1.16 stable release (odd = unstable, even = stable). But what made me interested is because Ubuntu MATE 17.04 includes it by default so I write this short review. The most fundamental news is about MATE Desktop is now completely ported to GTK+3 leaving behind GTK+2. You may be interested seeing few changes and I have tried Ubuntu MATE 17.04 Alpha 2 to review MATE 1.17 below. Enjoy MATE 1.17! Read more Also: What's up with the hate towards Freedesktop?

Linux Graphics