Language Selection

English French German Italian Portuguese Spanish

Security Flaws Found in Mplayer and Elm

Filed under

Two serious security flaws have turned up in software widely distributed with Linux and Unix. The bugs affect Electronic Mail for Unix (Elm), a venerable e-mail client still used by many Linux and Unix systems administrators, and Mplayer, a cross-platform movie player that is one of the most popular of its kind on Linux.

The Elm flaw involves a boundary error when the client reads an e-mail's "Expires" header. A specially crafted e-mail could exploit the bug to cause a buffer overflow and execute malicious code on a system, according to security researchers.

The bug in Mplayer is the latest media-player bug to plague systems administrators. Widely used desktop applications such as media players are more difficult to patch than server-side bugs, because there are many times more copies in use, often without the knowledge of IT managers.

The flaw affects Mplayer versions 1.0pre7 and earlier and hasn't been patched, according to an advisory from FrSIRT.

Full Story.

More in Tux Machines

Cloudy Issues and the Perfect Distro

Today in Linux news, Bruce Byfield hits the cloud nail on the head with his thoughts on the cloud. Are folks sacrificing the independence gained by switching to Linux by trusting cloud vendors? Elsewhere, Bryan Lunduke ponders the perfect Linux distribution and an update on the new Debian Live emerged. Pavlo Rudyi posted a look back at GIMP's 20 years and Samuel Mehrbrodt discussed improving LibreOffice's toolbars. Read more

AMD's Radeon Software Crimson doesn't live up to the hype on Linux

Good news, gamers! AMD just launched Radeon Software Crimson for both Windows and Linux. The Windows drivers saw some serious improvements and contain a slick new control panel. But despite promises of performance improvements for games on Linux, little has changed on open-source operating systems. These are the same old Linux drivers with some new branding. Read more

The Linux approach to human and ecosystem well-being

In the end, what the horizontal economy aims to pursue is a system of distributed governance, reinvigorating citizens’ inputs into both political and economic processes. In a sense, it is the Linux approach to human and ecosystem well being. Read more

Microsoft and Linux: True Romance or Toxic Love?

We shouldn't be slow to forget Microsoft's mantra of Embrace, Extend and Exterminate. Right now, Microsoft is very much in the early stages of embracing Linux. Will Microsoft seek to splinter the community through custom extensions and proprietary "standards"? Read more