On Wed, 2020-11-04 at 10:51 +0100, Michael Niedermayer wrote: > > On Tue, Nov 03, 2020 at 02:38:52PM +0100, Andreas Rheinhardt wrote: > > Timo Rothenpieler: > > > Given the multitude of recent serious security issues in Chromium-Based > > > Browsers, is this even still an issue? > > > Anything not up to date enough to have already been fixed has serious > > > security issues and should be updated ASAP, which also fixes this issue > > > in turn. > > > > > > I'd rather see downstream users fix their stuff than introduce > > > workarounds for broken downstreams into ffmpeg. > > +1 > > I normally am in favor of helping downstreams but in this case > I think there is maybe some risk of adding code which could somehow > end up as part of an exploit. > Asking for a more restrictive limit should not disable the limit, > that feels a bit dangerous to me
Not adding this forces apps to stay on known vulnerable ffmpeg Jocke _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".