# motion vulnerability

## ysbeer

https://bugs.gentoo.org/show_bug.cgi?id=475120

Above link points to a vulnerability in the motion camera software.

Question: is motion safe to use on Gentoo?

----------

## Hu

As I read that thread, the ebuild in tree as of the last developer comment still has the cited vulnerabilities.  There is interest in providing a non-vulnerable version, but that has not been published to Portage yet.  In the meantime, "safe" depends on whether your installation can be accessed in a way necessary to provoke the vulnerabilities.  Even an unlocked door can be "safe" if the only people who can reach it can be trusted not to abuse the lack of a lock.

----------

## ysbeer

 *Hu wrote:*   

> As I read that thread, the ebuild in tree as of the last developer comment still has the cited vulnerabilities.  There is interest in providing a non-vulnerable version, but that has not been published to Portage yet.  In the meantime, "safe" depends on whether your installation can be accessed in a way necessary to provoke the vulnerabilities.  Even an unlocked door can be "safe" if the only people who can reach it can be trusted not to abuse the lack of a lock.

 

thanks for your response, i will not be using it then, until they patch it, because the vulnerability seems to be possibly exploited when visiting a malicious website crafted for the exploit.

----------

## tnt

can we expect update of this package or we have to search for some alternative?

----------

