Search found 14 matches
- Tue Jan 29, 2013 4:50 pm
- Forum: ZoneMinder 1.25.x
- Topic: Security issue
- Replies: 2
- Views: 4808
Re: Security issue
By the way, CVE-2013-0232 was assigned for this issue: https://access.redhat.com/security/cve/CVE-2013-0232
- Fri Jan 25, 2013 5:48 pm
- Forum: ZoneMinder 1.25.x
- Topic: Security issue
- Replies: 2
- Views: 4808
Security issue
The Fedora security team passed the following URL on to me, which describes an arbitrary command execution vulnerability. Unfortunately this is in the PHP portion of ZM and PHP is not a language I'm particularly good at, so I don't feel up to having a go at fixing it. I haven't been able to find any...
- Tue Aug 02, 2011 2:14 pm
- Forum: Feature Requests
- Topic: Openssl license exemption
- Replies: 4
- Views: 4111
Re: Openssl license exemption
Or, maybe, I could try reading the code. It looks like all of this openssl/gnutls stuff is used for exactly one thing: the MD5 function, for hashing passwords. Is that really the case? If so, I suspect I'll just rip it all out and insert one of the public domain implementations, or call libmd.
- Tue Aug 02, 2011 1:13 pm
- Forum: Feature Requests
- Topic: Openssl license exemption
- Replies: 4
- Views: 4111
Openssl license exemption
It embarrasses and dismays me to make this request, but circumstances force me to at least try. I am the maintainer of zoneminder in Fedora. Fedora (or specifically, a couple of people involved with it) have decided to stop shipping libgnutls-openssl, which provides enough openssl compatibility for ...
- Fri Mar 25, 2011 3:05 am
- Forum: ZoneMinder 1.24.x
- Topic: Building ZoneMinder
- Replies: 2
- Views: 1749
Re: Building ZoneMinder
If you want to rebuild the package, just don't apply patch 3. I think that's the only thing we change to disable ffmpeg.
- Tue Jan 25, 2011 9:23 pm
- Forum: ZoneMinder 1.24.x
- Topic: Building with 2.6.38
- Replies: 1
- Views: 1500
Just to follow up, 1.24.3 does indeed fail to compile on 2.6.38. Looking at zm_local_camera.h an .cpp I see that at least some of the code can handle HAVE_LINUX_VIDEODEV_H being undefined, so I patched configure.ac to warn instead of abort when videodev.h is not found but there is plenty of stuff th...
- Sat Jan 22, 2011 11:57 pm
- Forum: ZoneMinder 1.24.x
- Topic: Building with 2.6.38
- Replies: 1
- Views: 1500
Building with 2.6.38
So, it looks like v4l1 is officially gone in 2.6.38 and hence 1.24.2 doesn't build. I haven't tried digging through SVN to see if anything's happened there, but searching only turned up some v4l2 work from 2007 that doesn't appear to have gone anywhere. Is there a plan for making this work with mode...
- Mon Jul 20, 2009 7:43 pm
- Forum: ZoneMinder 1.24.x
- Topic: Event view controls stopped working in 1.24.2
- Replies: 2
- Views: 2623
- Mon Jul 20, 2009 7:18 pm
- Forum: ZoneMinder 1.24.x
- Topic: Event view controls stopped working in 1.24.2
- Replies: 2
- Views: 2623
Event view controls stopped working in 1.24.2
I'm trying to push 1.24.2 packages to Fedora but while testing the new version I found that the VCR controls on the event view seem to have stopped working. The progress bar is not present (though it doesn't really seem to work in 1.24.1 either), the text above where the progress bar would be always...
- Wed Jun 10, 2009 1:35 am
- Forum: ZoneMinder 1.24.x
- Topic: HowTo - Configuring ZoneMinder on Fedora 11
- Replies: 8
- Views: 7162
- Wed Jun 10, 2009 12:06 am
- Forum: ZoneMinder 1.24.x
- Topic: HowTo - Configuring ZoneMinder on Fedora 11
- Replies: 8
- Views: 7162
Hmm, well the file does say that in order to upgrade, you need to run zmupdate.pl. I'm certainly open to suggestions if you think we could word that better. Upgrades ======== 1. You will need to upgrade the ZoneMinder database as described in the manual. This command should be sufficient: zmupdate.p...
- Tue Jun 09, 2009 11:47 pm
- Forum: ZoneMinder 1.24.x
- Topic: HowTo - Configuring ZoneMinder on Fedora 11
- Replies: 8
- Views: 7162
If there's anything that we (the folks who package Zoneminder for Fedora) missed from the README.Fedora file included in the Fedora packages which would have helped you get up and going faster, please let us know. I suspect that after doing an install myself today, I'll be updating it with info abou...
- Tue Sep 02, 2008 5:18 pm
- Forum: ZoneMinder Previous Versions
- Topic: New security issue?
- Replies: 6
- Views: 3351
CVEs have been assigned
I'm dismayed that there's no response to this. I note that four CVEs have been assigned to these issues: CVE-2008-3880: SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter. CVE...
- Wed Aug 27, 2008 8:45 pm
- Forum: ZoneMinder Previous Versions
- Topic: New security issue?
- Replies: 6
- Views: 3351
New security issue?
I searched around this forum but I haven't seen any mention of the security issues disclosed on bugtraq yesterday: http://marc.info/?l=bugtraq&m=121976722628485&w=4 I happen to not agree with the "critical" severity as I believe the issues are only exploitable by authenticated user...