svn commit: r414781 - head/multimedia/ffmpeg
Jan Beich
jbeich at vfemail.net
Mon May 9 17:23:20 UTC 2016
Thomas Zander <riggs at freebsd.org> writes:
> On 7 May 2016 at 21:40, Jan Beich <jbeich at vfemail.net> wrote:
>> Can you MFH all patch-level updates by default? Those contain stability
>> and security fixes much desired on quaterly branches.
>
> I'd be happy to do that, I was just not aware of this policy.
I'm not sure if there's such a policy but 2.8.7 is covered by "runtime fixes"
intent when quaterly branches were first announced. When requesting MFH
just state if there's ABI or POLA impact and link to the changelog.
> For ffmpeg, I routinely double-check
> https://www.ffmpeg.org/security.html and noticed that 2.8.7 does not
> fix any known vulnerability.
The page sometimes lags behind fixes for months. Here's a list from 2.8.7
that may (or may not) end up there. Firefox stake can be easily noticed.
https://git.videolan.org/?p=ffmpeg.git;a=commit;h=2a158602273f
https://trac.ffmpeg.org/ticket/5412
https://git.videolan.org/?p=ffmpeg.git;a=commit;h=ef54c144250a
https://trac.ffmpeg.org/ticket/5371
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5127cb2e78c0
https://hg.mozilla.org/releases/mozilla-beta/rev/e69afe7adf97
https://bugzilla.mozilla.org/show_bug.cgi?id=1266129 (Access Denied ;)
https://git.videolan.org/?p=ffmpeg.git;a=commit;h=1e9aa7907ed4
https://trac.ffmpeg.org/ticket/5259
https://git.videolan.org/?p=ffmpeg.git;a=commit;h=536f6c4ec2f8
https://trac.ffmpeg.org/ticket/4899
> Since no build or runtime errors were reported in bugzilla for 2.8.6,
> it seemed to me that the quarterly branch does not have a problem that
> needs fixing.
ffmpeg runtime issues tend to be OS-agnostic. As such users are
discouraged to report them on downstream bugtrackers like our bugzilla.
> Is patch-level updating covered by a blanket?
No. I think, only extreme cases (e.g., startup crash) are covered by
stability blanket where the commit doesn't carry other "baggage"
that often comes with updates.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 602 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-head/attachments/20160508/89982499/attachment.sig>
More information about the svn-ports-head
mailing list