LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 10-08-2012, 02:45 PM   #1
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Rep: Reputation: 26
Is frei0r a harmful dependency to ffmpeg?


Howdy Slackers:

Thought I would bring the following to your attention:

On slackbuilds.org, frei0r is an optional dependency of ffmpeg, and when clicking on the source download: frei0r-plugins-1.3.tar.gz at http://slackbuilds.org/repository/14...raries/frei0r/, I am directed to http://www.piksel.no/frei0r/releases...ins-1.3.tar.gz, where firefox gives me the following warning:
Quote:
Reported Attack Page!

This web page at www.piksel.no has been reported as an attack page and has been blocked based on your security preferences.

Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
hmmm... guess I'll skip this dependency for now...
 
Old 10-08-2012, 02:53 PM   #2
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Original Poster
Rep: Reputation: 26
but frei0r is mandatory dependency for openshot

But uh-oh... I like openshot, and frei0r is a mandatory dependency of openshot, so does anybody know whether frei0r really is harmful, or is firefox just being too paranoid, and I should add an exception and proceed...
 
Old 10-08-2012, 03:15 PM   #3
ponce
Senior Member
 
Registered: Aug 2004
Location: Pisa, Italy
Distribution: Slackware
Posts: 2,402

Rep: Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852
here clicking on the link under firefox shows no warning (downloads the frior sources)...
 
Old 10-08-2012, 03:17 PM   #4
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Original Poster
Rep: Reputation: 26
i guess I'll live dangerously (nothing new), and download it anyways, because I like openshot, and most likely, any malware there would hopefully be directed towards windows...
 
Old 10-08-2012, 03:19 PM   #5
dugan
Senior Member
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 4,562

Rep: Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394
I looked up Frei0r on Freshmeat, and it gave me the following safe mirror:

http://ftp.dyne.org/.index/index.php...i0r%2Freleases

Last edited by dugan; 10-08-2012 at 03:23 PM.
 
1 members found this post helpful.
Old 10-08-2012, 03:22 PM   #6
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Original Poster
Rep: Reputation: 26
I'm using the 15.0.1 version of firefox that came with slackware64-14.0, and noticed in the "security" pane of its preferences a checkbox for "block reported attack sites"... maybe yours is unchecked, ponce? thanks dugan, I'll try that one, and compare it to the one I dangerously downloaded...
 
Old 10-08-2012, 03:23 PM   #7
XGizzmo
Member
 
Registered: Mar 2007
Distribution: Slackware
Posts: 264

Rep: Reputation: 68
frei0r is not harmful. The website that host frei0r's source code seems to have been blacklisted.
If you are worried about using the site download the source code via wget.
 
1 members found this post helpful.
Old 10-08-2012, 03:27 PM   #8
ponce
Senior Member
 
Registered: Aug 2004
Location: Pisa, Italy
Distribution: Slackware
Posts: 2,402

Rep: Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852Reputation: 852
the md5sum of the file is the same of the one on Jaromil's site (I verified the signature too).

Quote:
Originally Posted by slac-in-the-box View Post
I'm using the 15.0.1 version of firefox that came with slackware64-14.0, and noticed in the "security" pane of its preferences a checkbox for "block reported attack sites"... maybe yours is unchecked, ponce? thanks
I just tried with it checked, but still no probs.

Last edited by ponce; 10-08-2012 at 03:29 PM.
 
1 members found this post helpful.
Old 10-08-2012, 03:32 PM   #9
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Original Poster
Rep: Reputation: 26
Quote:
the md5sum of the file is the same of the one on Jaromil's site (I verified the signature too).
just verified the same thing

I clicked a link that said "why is this site blocked" and this was the report:

Quote:
Safe Browsing
Diagnostic page for piksel.no

What is the current listing status for piksel.no?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 10 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-10-08, and the last time suspicious content was found on this site was on 2012-10-06.

Malicious software is hosted on 2 domain(s), including rrhyiomkc.ns02.info/, qfwjrs.3-a.net/.

This site was hosted on 2 network(s) including AS224 (UNINETT), AS15169 (Google Internet Backbone).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, piksel.no did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
 
Old 10-08-2012, 03:37 PM   #10
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.1
Posts: 160

Original Poster
Rep: Reputation: 26
Thanks everybody... I guess it's just trivial, and nothing to worry about! I'm moving on.
 
Old 10-08-2012, 05:55 PM   #11
dc_eros
Member
 
Registered: Nov 2006
Distribution: Slackware
Posts: 292

Rep: Reputation: 39
I just installed ffmpeg two days ago with all dependencies installed. Never noticed the warning since I'm using sbopkg

But when I visit the download page, I do get the security warning.
 
Old 10-08-2012, 08:41 PM   #12
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, Slackware-14.1, PCBSD-10.0
Posts: 2,877
Blog Entries: 15

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
I normally never install optional dependencies. Often you can get away with the default dependencies without penalty.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ffmpeg.SlackBuild: line 194: cd: /tmp/SBo/package-ffmpeg/usr/man: No such file or dir darkstarbyte Linux - Software 7 12-29-2010 05:45 PM
Help me in installing ffmpeg, ffmpeg-PHP, Mplayer, Mencoder, flv2tool, LAME MP3 Encod mitesh.ever Red Hat 5 05-16-2009 12:14 PM
dependency issue: libx264.so.54 needed by ffmpeg PhilTR Fedora 22 01-23-2007 11:06 AM
Is this harmful ?? Wynand1 Linux - Wireless Networking 3 09-03-2005 07:55 AM


All times are GMT -5. The time now is 05:16 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration