[FFmpeg-trac] #8973(undetermined:closed): ffmpeg dependency security bug
FFmpeg
trac at avcodec.org
Thu Nov 12 10:52:36 EET 2020
#8973: ffmpeg dependency security bug
-------------------------------------+-------------------------------------
Reporter: fastfading | Owner:
Type: defect | Status: closed
Priority: normal | Component:
| undetermined
Version: git-master | Resolution: invalid
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by mkver):
* priority: important => normal
* status: new => closed
* resolution: => invalid
Comment:
The FFmpeg project does not provide binaries at all, so you are reporting
this at the wrong place. You should report this to the providers of the
binaries you use; if it is actually a problem, of course. According to
[https://johnvansickle.com/ffmpeg/release-readme.txt] they are already
using libopenjpeg 2.3.1 and according to [libopenjpeg's changelog
https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md] the issue
you are mentioning has been fixed in 2.1.2.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8973#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list