Reporting fixes so that vuxml can be updated
Michael Jung
mikej at mikej.com
Wed Dec 23 19:27:11 UTC 2015
On 2015-12-23 11:55, Lowell Gilbert wrote:
> Michael Jung <mikej at mikej.com> writes:
>
>> "pkg audit" on my system returns the following CVE's for ffmpeg. I
>> have noted
>> in the list below that http://www.ffmpeg.org/security.html claims
>> these CVE's
>> were fixed in the ffmpeg version noted.
>>
>> Is this the correct place/list to report updates to that vuxml can be
>> updated?
>
> No updates to vuxml are needed (or appropriate).
>
> Update your ffmpeg port and you'll be fine.
> _______________________________________________
> freebsd-ports at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to
> "freebsd-ports-unsubscribe at freebsd.org"
I neglected to state that my port is current
ffmpeg-2.8.3_2,1 Realtime audio/video encoder/converter
and streaming server
Yet all the CVE's reported by "pkg audit" have been fixed according to
the ffmpeg security link provided in my previous email and my notes as
to what
version of ffmpeg they were corrected in.
This would seem to me that vuxml is not current as of the current
maintainers
package version.
PORTNAME= ffmpeg
PORTVERSION= 2.8.3
PORTREVISION= 2
PORTEPOCH= 1
Please let me know what I am missing here.
Regards,
--mikej
More information about the freebsd-ports
mailing list