Recherche avancée

Médias (0)

Mot : - Tags -/content

Aucun média correspondant à vos critères n’est disponible sur le site.

Autres articles (100)

  • MediaSPIP 0.1 Beta version

    25 avril 2011, par

    MediaSPIP 0.1 beta is the first version of MediaSPIP proclaimed as "usable".
    The zip file provided here only contains the sources of MediaSPIP in its standalone version.
    To get a working installation, you must manually install all-software dependencies on the server.
    If you want to use this archive for an installation in "farm mode", you will also need to proceed to other manual (...)

  • Multilang : améliorer l’interface pour les blocs multilingues

    18 février 2011, par

    Multilang est un plugin supplémentaire qui n’est pas activé par défaut lors de l’initialisation de MediaSPIP.
    Après son activation, une préconfiguration est mise en place automatiquement par MediaSPIP init permettant à la nouvelle fonctionnalité d’être automatiquement opérationnelle. Il n’est donc pas obligatoire de passer par une étape de configuration pour cela.

  • Personnaliser en ajoutant son logo, sa bannière ou son image de fond

    5 septembre 2013, par

    Certains thèmes prennent en compte trois éléments de personnalisation : l’ajout d’un logo ; l’ajout d’une bannière l’ajout d’une image de fond ;

Sur d’autres sites (12151)

  • avcodec/dstdec : Use local channels variable

    13 février 2020, par Michael Niedermayer
    avcodec/dstdec : Use local channels variable

    Reviewed-by : Paul B Mahol <onemda@gmail.com>
    
Signed-off-by : Michael Niedermayer <michael@niedermayer.cc>
    • [DH] libavcodec/dstdec.c

  • avformat/hls : Check local file extensions

    3 juin 2017, par Sysiphus
    avformat/hls : Check local file extensions

    This reduces the attack surface of local file-system
    
information leaking.
    

    It prevents the existing exploit leading to an information leak. As
    
well as similar hypothetical attacks.
    

    Leaks of information from files and symlinks ending in common multimedia extensions
    
are still possible. But files with sensitive information like private keys and passwords
    
generally do not use common multimedia filename extensions.
    
It does not stop leaks via remote addresses in the LAN.
    

    The existing exploit depends on a specific decoder as well.
    
It does appear though that the exploit should be possible with any decoder.
    
The problem is that as long as sensitive information gets into the decoder,
    
the output of the decoder becomes sensitive as well.
    
The only obvious solution is to prevent access to sensitive information. Or to
    
disable hls or possibly some of its feature. More complex solutions like
    
checking the path to limit access to only subdirectories of the hls path may
    
work as an alternative. But such solutions are fragile and tricky to implement
    
portably and would not stop every possible attack nor would they work with all
    
valid hls files.
    

    Developers have expressed their dislike / objected to disabling hls by default as well
    
as disabling hls with local files. There also where objections against restricting
    
remote url file extensions. This here is a less robust but also lower
    
inconvenience solution.
    
It can be applied stand alone or together with other solutions.
    
limiting the check to local files was suggested by nevcairiel
    

    Found-by : Emil Lerner and Pavel Cheremushkin
    
Reported-by : Thierry Foucu <tfoucu@google.com>
    

    Signed-off-by : Michael Niedermayer <michael@niedermayer.cc>
    • [DH] libavformat/hls.c

  • Revision 41aede61e9 : Use intra4x4_predict_d parameter names Rename the local variables for consisten

    1er août 2012, par Johann

    Changed Paths : Modify /vp8/decoder/decodframe.c Modify /vp8/decoder/threading.c Modify /vp8/encoder/pickinter.c Use intra4x4_predict_d parameter names Rename the local variables for consistency. Change-Id : Ic202ff54551332f706d97da9b67b2e0959ee7f61

Navigation