Bug#729203: [FFmpeg-devel] Reintroducing FFmpeg to Debian
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Tue Jul 29 16:43:17 UTC 2014
Hi Raphael,
On 29.07.2014 09:47, Raphael Geissert wrote:
> Andreas Cadhalpun wrote:
>> According to the changelog[1], there have been 8 security updates for
>> ffmpeg in squeeze.
>
> There would have been more
You're right, my calculation is slightly flawed.
> but the code has evolved too much for it to be
> feasible to backport the patches.
That is likely true for some, but not for others.
The real reason that there have not been more security updates for
ffmpeg in squeeze is that since 0.5.6 this is actually Libav and Libav
upstream stopped providing backports to 0.5 after 0.5.10 in February
2013 [1]. FFmpeg upstream released 0.5.14 in July 2014 [2] with some
more fixes [3].
So had both been in squeeze, there would have been four more, i.e. 16
security updates.
> Not to mention that some bugs that are being
> fixed are, for example, for incomplete checks - checks that don't exist in the
> 0.5 branch.
What do you mean here? If the affected code is not there, then that's
nice, because a backport is not needed.
Best regards,
Andreas
1: https://www.libav.org/releases/
2: https://www.ffmpeg.org/releases/
3:
https://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=refs/heads/release/0.5
More information about the pkg-multimedia-maintainers
mailing list