Hi On Sun, Feb 23, 2025 at 09:56:35AM +0100, Michael Niedermayer wrote: > Hi all > > Today ffmpeg-security was asked why 5 security fixes are missing in 6.1 > and from our security page. > > These issues where posted publically on trac, and fixed by FFmpeg developers. > Then someone seems to have registered CVE #s but not mailed ffmpeg-security > > I suggest > 1. if you fix a security issue or apply a security fix, make sure it is > backported to all supported releases > 2. if you see a CVE # thats not on the security page, mail ffmpeg-security > 3. If you see issues on trac that seem important, please make sure they > are fixed and backported, having someone like carl who knew and maintained > all issues would be quite usefull
4. Someone should cross check https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ffmpeg and our security page and backported fixes and backport missing fixes and fix unfixed issues. thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The smallest minority on earth is the individual. Those who deny individual rights cannot claim to be defenders of minorities. - Ayn Rand
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
