03 August 2004
Big bug fix for Linux a month in coming
And you thought Microsoft took a while to patch holes.
Linux vendors are urging users to patch a serious bug in the graphical user interface of the popular Mplayer media player application, which could allow a remote attacker to execute malicious code on a Linux or Unix system.
...
In a message to a Mplayer developers' email list in early June, programmer Richard Felker said he had discovered "lots" of buffer overflows in the file. "I would recommend not using the GUI," he wrote. "This code is so nasty and broken that I'm not going to spend my time fixing it... if you want the GUI to work, and don't want to be embarrassed by remote [vulnerabilities] in Mplayer, step up and fix it."
...
McKrackene, dobar ti ovaj MPlayer :) Ti ga onomad baš nahvali, a vidi sad pa "this code is so nasty and broken.."