On 20.01.2016 13:42, Anton Khirnov wrote: > It is of very limited usefulness and is a source of important security > problems. > > Bug-Id: CVE-2016-1897 > Bug-Id: CVE-2016-1898 > --- > Changelog | 1 + > doc/protocols.texi | 26 ------- > libavformat/Makefile | 1 - > libavformat/allformats.c | 1 - > libavformat/concat.c | 191 > ----------------------------------------------- > 5 files changed, 1 insertion(+), 219 deletions(-) > delete mode 100644 libavformat/concat.c
Why not fix the issue properly instead of removing useful functionality? Removing this protocol doesn't fix the underlying problem, so another protocol, which might be added at some point in the future, could expose the same vulnerabilities. Best regards, Andreas _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
