Subject: pkg/30340: realplayer and RealPlayerGold packages not security updated
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <perry@piermont.com>
List: pkgsrc-bugs
Date: 05/25/2005 19:40:01
>Number: 30340
>Category: pkg
>Synopsis: realplayer and RealPlayerGold packages not security updated
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed May 25 19:40:00 +0000 2005
>Originator: Perry E. Metzger
>Release: NetBSD 3.99.5
>Organization:
Perry E. Metzger perry@piermont.com
--
"Ask not what your country can force other people to do for you..."
>Environment:
System: NetBSD hackworth 3.99.5 NetBSD 3.99.5 (HACKWORTH) #0: Tue May 24 13:32:09 EDT 2005 perry@hackworth:/usr/src/sys/arch/i386/compile/HACKWORTH i386
Architecture: i386
Machine: i386
>Description:
The multimedia/realplayer and multimedia/RealPlayerGold
packages both have security holes. However, they have not been
updated to versions of the program without security holes. (It
appears such versions are available. See, for example,
https://player.helixcommunity.org/2004/downloads/ )
Without such an update, a user of the application is forced to
either run an insecure version or to forgo the use of the
application.
>How-To-Repeat:
>Fix:
>Unformatted: