You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2008-09-12 23:29:39
- forkboy
- Member
- From: Blackpool, England
- Registered: 2005-09-03
- Posts: 74
amarok security bug
I see that amarok-base and amarok-engine-xine have been flaged out of date a while ago, I've tried using abs to compile 1.4.10 but the compile fails, I'm just a little concerned about this bug http://cve.mitre.org/cgi-bin/cvename.cg … -2008-3699
Offline
#2 2008-09-13 02:17:50
- Gullible Jones
- Member
- Registered: 2004-12-29
- Posts: 4,863
Re: amarok security bug
You should probably file a bug report... The package isn't just out of date now if it's also got a security vulnerability.
Edit: although that doesn't look too huge to me, it isn't a remote vulnerability... After all, someone with local access to your computer already has the ability to screw it up in many ways, no?
Last edited by Gullible Jones (2008-09-13 02:20:18)
Offline
#3 2008-09-14 01:29:50
- warlord
- Member
- Registered: 2007-07-04
- Posts: 58
Re: amarok security bug
Amarok 1.4.10 pkgbuild from abs fails, but I found the latest version at tanis kde3 repo.
There is not a pkgbuild, only the 2 packages.
http://csclub.uwaterloo.ca/~jkschmid/arch/kde3/x86_64
BTW, why is amarok unflagged out of date???
Offline
#4 2008-09-14 02:21:11
- Allan
- Developer
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 9,939
- Website
Re: amarok security bug
There was a bug with the web interface. Flag them out of date again and file a bug report about the security vulnerability.
Offline
#5 2008-09-14 13:33:33
- warlord
- Member
- Registered: 2007-07-04
- Posts: 58
Re: amarok security bug
Done...
Offline
#6 2008-09-14 19:45:00
- forkboy
- Member
- From: Blackpool, England
- Registered: 2005-09-03
- Posts: 74
Re: amarok security bug
Done...
Whats the bug number? I can't find it...
Offline
#7 2008-09-14 20:01:29
- warlord
- Member
- Registered: 2007-07-04
- Posts: 58
Re: amarok security bug
I mean I flagged the packages out of date. 
Anyway, I just filled and the bug report
http://bugs.archlinux.org/task/11483
Last edited by warlord (2008-09-14 20:05:11)
Offline
#8 2008-09-14 20:23:16
- forkboy
- Member
- From: Blackpool, England
- Registered: 2005-09-03
- Posts: 74
Re: amarok security bug
OK, I have flagged the i686 packages too.
Offline
#9 2008-09-28 18:54:04
- BKJ
- Member
- Registered: 2008-09-19
- Posts: 71
Re: amarok security bug
FYI... Looks as though the package has been updated and is out in the repos.... This security bug should now be fixed in the new version.
Offline
#10 2008-09-28 18:55:28
- warlord
- Member
- Registered: 2007-07-04
- Posts: 58
Re: amarok security bug
Yes, the bug report I opened was closed this morning.
Offline
Pages: 1