Brian Russo wrote:
> Because the 'realplayer' package does not actually contain anything
> substantial in it, rather it is an installer package -- frankly
> there's no entirely satisfactory solution.
postinst pseudo-code:
if [ `md5sum /dir/file.so` ne "201de7b7acbc467846fc9cd11ff90266" ]; then
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUMMARY
- ---
There is (apparently) a security vulnerability in realplayer.
Little detail is given by Real, presumably this is exploitable
remotely by an unscrupulous stream operator.
The file to upgrade is /usr/lib/RealPlayer8/Plugins/rmffplin
2 matches
Mail list logo
