[FFmpeg-devel] [RFC] Commit tags : security

Ismail Dönmez ismail
Fri Oct 26 17:14:11 CEST 2007

Friday 26 October 2007 Tarihinde 04:59:38 yazm??t?:
> if you are asking for a mailing list where security issues and their fixes
> could be discussed and people could post found security issues that would
> be fine
> but if you are asking us to delay commiting fixes to secholes to svn so
> that you can prepare some fixed package this is completely out of question
> it would increase the security of ffmpeg packages in distros
> at the expense of the security of ffmpeg svn
> it would also significantly delay not only the point where a security fix
> is made public in svn but also when it is made available from distros
> having it public earlier forces distros to work faster :)

1-day early notice would do fine imho. :) But just CC'in the list for security 
issue after or before commiting would be fine too.

Also we could share our distro patches in that mailing list.


Faith is believing what you know isn't so -- Mark Twain

More information about the ffmpeg-devel mailing list