The original problem has not been fixed: - it is even worse now as the current libcdio is published under a supposed GPLv3 or any later while it contains code that was published under "GPLv2 only". The authors of the related code have not been asked and would not give their OK for a license change (if asked).
- there is still the gstreamer library, being intentionally under LGPL because this is needed to make it usable by the intended application code that calls libcdio. A fix for audio playback is to use the replacement library (that calls cdda2wav) I wrote with Sun. This library has a clean privilege separation and thus does not create the problems that make users of libcdio a potential security risk. In general, it is a conceptional mistake to put high level stuff like CD/DVD writing high level code into a library as CD/DVD writing is a privileges operation that needs root privileges on most platforms. Thus applications developed based on such a library (including all libraries they call) would need a full in depth secutiry audit. Conclusion, I recommend to stop distributing libcdio as Sun did in 2007. -- libcdio GPL/license violation https://bugs.launchpad.net/bugs/181244 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gst-plugins-ugly0.10 in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
