Recherche avancée

Médias (1)

Mot : - Tags -/ticket

Autres articles (67)

  • MediaSPIP v0.2

    21 juin 2013, par

    MediaSPIP 0.2 est la première version de MediaSPIP stable.
    Sa date de sortie officielle est le 21 juin 2013 et est annoncée ici.
    Le fichier zip ici présent contient uniquement les sources de MediaSPIP en version standalone.
    Comme pour la version précédente, il est nécessaire d’installer manuellement l’ensemble des dépendances logicielles sur le serveur.
    Si vous souhaitez utiliser cette archive pour une installation en mode ferme, il vous faudra également procéder à d’autres modifications (...)

  • MediaSPIP version 0.1 Beta

    16 avril 2011, par

    MediaSPIP 0.1 beta est la première version de MediaSPIP décrétée comme "utilisable".
    Le fichier zip ici présent contient uniquement les sources de MediaSPIP en version standalone.
    Pour avoir une installation fonctionnelle, il est nécessaire d’installer manuellement l’ensemble des dépendances logicielles sur le serveur.
    Si vous souhaitez utiliser cette archive pour une installation en mode ferme, il vous faudra également procéder à d’autres modifications (...)

  • Contribute to translation

    13 avril 2011

    You can help us to improve the language used in the software interface to make MediaSPIP more accessible and user-friendly. You can also translate the interface into any language that allows it to spread to new linguistic communities.
    To do this, we use the translation interface of SPIP where the all the language modules of MediaSPIP are available. Just subscribe to the mailing list and request further informantion on translation.
    MediaSPIP is currently available in French and English (...)

Sur d’autres sites (6841)

  • How to convert YUV420SP to YUV420P using ffmpeg sws_scale or other efficient method ?

    3 septembre 2011, par limitfan

    Thanks in advance. Any suggestion will be appreciated.

  • Merge commit 'b9129ec4668c511e0a79e25c6f25d748cee172c9'

    10 novembre 2017, par James Almer
    Merge commit 'b9129ec4668c511e0a79e25c6f25d748cee172c9'

    * commit 'b9129ec4668c511e0a79e25c6f25d748cee172c9' :
    
  h264dec : add a CUVID hwaccel
    
  decode : add a per-frame private data for hwaccel use
    
  decode : add a mechanism for performing delayed processing on the decoded frames
    
  decode : add a method for attaching lavc-internal data to frames
    
  decode : avoid leaks on failure in ff_get_buffer()
    

    This commit is a noop, see
    
4776c61424fa32394e251e9769e1ad2c2fa55598
    
9f1cfd88af88a7d7d5c56a368a46639dfdfdef75
    
7fa64514c8d2ec4d3dcb5f194511609ddcc288e6
    
81c021c6a2d7848c31984d65f225ba54bdd6f560
    
0e00624389955bc559d75855d5c4876266d9575f
    

    Merged-by : James Almer <jamrial@gmail.com>

  • avformat/hls : Check local file extensions

    3 juin 2017, par Sysiphus
    avformat/hls : Check local file extensions

    This reduces the attack surface of local file-system
    
information leaking.
    

    It prevents the existing exploit leading to an information leak. As
    
well as similar hypothetical attacks.
    

    Leaks of information from files and symlinks ending in common multimedia extensions
    
are still possible. But files with sensitive information like private keys and passwords
    
generally do not use common multimedia filename extensions.
    
It does not stop leaks via remote addresses in the LAN.
    

    The existing exploit depends on a specific decoder as well.
    
It does appear though that the exploit should be possible with any decoder.
    
The problem is that as long as sensitive information gets into the decoder,
    
the output of the decoder becomes sensitive as well.
    
The only obvious solution is to prevent access to sensitive information. Or to
    
disable hls or possibly some of its feature. More complex solutions like
    
checking the path to limit access to only subdirectories of the hls path may
    
work as an alternative. But such solutions are fragile and tricky to implement
    
portably and would not stop every possible attack nor would they work with all
    
valid hls files.
    

    Developers have expressed their dislike / objected to disabling hls by default as well
    
as disabling hls with local files. There also where objections against restricting
    
remote url file extensions. This here is a less robust but also lower
    
inconvenience solution.
    
It can be applied stand alone or together with other solutions.
    
limiting the check to local files was suggested by nevcairiel
    

    Found-by : Emil Lerner and Pavel Cheremushkin
    
Reported-by : Thierry Foucu <tfoucu@google.com>
    

    Signed-off-by : Michael Niedermayer <michael@niedermayer.cc>
    • [DH] libavformat/hls.c

Navigation