[FFmpeg-devel] Reintroducing FFmpeg to Debian
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Mon Aug 18 15:15:36 CEST 2014
Hi Moritz,
On 18.08.2014 14:05, Moritz Mühlenhoff wrote:
> Andreas Cadhalpun <andreas.cadhalpun at googlemail.com> schrieb:
>> On 18.08.2014 08:36, Thomas Goirand wrote:
>>> There's been a very well commented technical reason stated here: the
>>> release team don't want to deal with 2 of the same library that are
>>> doing (nearly) the same things, with potentially the same security
>>> issues that we'd have to fix twice rather than once.
>>
>> Why is it a security problem to have FFmpeg and Libav, but apparently no
>> problem to have MySQL, MariaDB and PerconaDB?
>
> Raphael Geissert already wrote that mysql/mariadb/percona will be
> addressed as well; we haven't come around to since since we need to
> deal with a lot of stuf and being dragged into endless discussions
> on -devel is certainly not helpful.
I don't remember Raphael Geissert writing anything about security
concerns with having MySQL, MariaDB and PerconaDB, only that you wrote
half a year ago, that the security team will "be working with the
release team to sort this out for jessie" [1].
As I haven't seen any further discussion about this and the recent mail
about MySQL, MariaDB and PerconaDB on debian-devel [2] indicated that
the plan was to have all of them as alternatives, I assumed this was
resolved.
There wouldn't be any discussion about the security of FFmpeg and Libav
as well, if you hadn't started it [3].
Why is FFmpeg treated differently than MariaDB/PerconaDB?
Best regards,
Andreas
1: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729203#435
2: https://lists.debian.org/debian-devel/2014/08/msg00016.html
3: https://lists.debian.org/debian-devel/2014/02/msg00668.html
More information about the ffmpeg-devel
mailing list