Bug#641478: Upload of ffmpeg for Squeeze

Reinhard Tartler siretart at tauware.de
Wed Nov 2 19:28:36 UTC 2011


On Mi, Nov 02, 2011 at 15:33:20 (CET), Yves-Alexis Perez wrote:

> Hey,
>
> I'm considering the various open issues in ffmpeg in Squeeze
> (CVE-2011-{3362,3504,3973,3974}). They were fixed in sid (in libav) but
> not yet in Squeeze, so I intented to take a look at them and maybe do an
> upload to stable-security but Moritz told me that you maintained a
> stable branch so maybe you already have something ready.
>
> What do you think? Should I start preparing something or do you want to
> handle it?

Thank you for pointing out theses issues.

I'm maintaining a stable branch upstream here:

http://git.libav.org/?p=libav.git;a=shortlog;h=refs/heads/release/0.5

If you could point me out the corresponding commits that fix these CVEs
the master branch, I'm happy to backport them to that branch and roll a
0.5.5 release on short notice.  Based on that release, we then update
our stable packaging branch here:

http://anonscm.debian.org/gitweb/?p=pkg-multimedia/libav.git;a=shortlog;h=refs/heads/squeeze

I'd propose to then build a package from that branch and upload it to
stable-security. Would that work for you?

Cheers,
Reinhard
-- 
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4





More information about the pkg-multimedia-maintainers mailing list