Bug#729203: [FFmpeg-devel] Reintroducing FFmpeg to Debian
Raphael Geissert
geissert at debian.org
Wed Jul 30 10:28:37 UTC 2014
Andreas Cadhalpun wrote:
> Given the amount of software in Debian and thus the amount of security
> fixes necessary for a stable release, I think that the additional
> stable-security uploads for FFmpeg in the order of 10 per release will
> be hardly noticeable.
They are surely noticeable to the security team: the release process of a
security update is more than just a "throw and forget".
Tracking every single vulnerability for each copy of the code consumes time.
Every single update also consumes team's time, and that of many organisations
external to Debian.
> What is particularly hard for me to understand is why e.g. MySQL and
> MariaDB can be in testing at the same time without much resistance from
> the security team, but FFmpeg and Libav can apparently not.
There is resistance - we only want one, not two, not three (percona).
IMH (and personal) O, if you want to see ffmpeg in Jessie or later, you should
replace libav - i.e. no silly one binary + libraries that won't work for
anything else.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the pkg-multimedia-maintainers
mailing list