Language Selection

English French German Italian Portuguese Spanish

Security Flaws Found in Mplayer and Elm

Filed under
Security

Two serious security flaws have turned up in software widely distributed with Linux and Unix. The bugs affect Electronic Mail for Unix (Elm), a venerable e-mail client still used by many Linux and Unix systems administrators, and Mplayer, a cross-platform movie player that is one of the most popular of its kind on Linux.

The Elm flaw involves a boundary error when the client reads an e-mail's "Expires" header. A specially crafted e-mail could exploit the bug to cause a buffer overflow and execute malicious code on a system, according to security researchers.

The bug in Mplayer is the latest media-player bug to plague systems administrators. Widely used desktop applications such as media players are more difficult to patch than server-side bugs, because there are many times more copies in use, often without the knowledge of IT managers.

The flaw affects Mplayer versions 1.0pre7 and earlier and hasn't been patched, according to an advisory from FrSIRT.

Full Story.

More in Tux Machines

today's howtos

Leftovers: Gaming

More Mandriva Eulogies

  • Good-bye, Mandriva!
    I think that it is sad that the Mandriva star twinkles no more in the OS universe, but it is good that other distros can continue with its legacy: Mageia, OpenMandriva Lx and, up to a certain extent, PCLinuxOS.
  • Finally! It's the year of Linux on the desktop TITSUP
    Mandriva, a French purveyor of desktop Linux, is being wound up, after becoming totally incapable of supporting usual performance (TITSUP), financially at least. The liquidation notice suggests the company's 2013 was around €600,000 and that the company has between 10 and 19 staff.
  • Goodbye, Mandriva, Thank You for the Mandriva Linux OS
    It is with sadness in our hearts that we inform you today, May 27, about the termination of the French Mandriva company, which is currently in the process of being liquidated, according to a notice posted on the societe.com website.
  • A Linux company that spent 17 years competing with Windows is officially over
    It also had some success in Malaysia. But by 2012, the company was on the brink of bankruptcy, a situation that had happened several times since its early days, in 1998. It was saved for a few more years by Jean-Manuel Croset, who joined as COO in 2011 and soon after became CEO.

Android Leftovers