Re: [FFmpeg-user] 2.8.14 security updates

2018-05-16 Thread Carl Eugen Hoyos
2018-05-16 9:39 GMT+02:00, Moritz Barsnick : > On Tue, May 15, 2018 at 17:25:56 -0500, Bryan Duff wrote: >> OK, and the reason I'm using 2.8 is because that's as high as the el7 >> rpmfusion repo goes to. > > Okay, if it was the libraries you needed, because you had an old >

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-16 Thread Moritz Barsnick
On Tue, May 15, 2018 at 17:25:56 -0500, Bryan Duff wrote: > OK, and the reason I'm using 2.8 is because that's as high as the el7 > rpmfusion repo goes to. Okay, if it was the libraries you needed, because you had an old program which has never been adapted to ffmpeg's new APIs/ABIs, that would

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-15 Thread Carl Eugen Hoyos
2018-05-16 0:25 GMT+02:00, Bryan Duff : > On Tue, May 15, 2018 at 4:46 PM, Carl Eugen Hoyos wrote: [...] >> Could you elaborate what you want to know exactly? >> The issue in question was introduced after 2.8 was released but >> I wonder why you chose this example: This is a

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-15 Thread Bryan Duff
On Tue, May 15, 2018 at 4:46 PM, Carl Eugen Hoyos wrote: > 2018-05-15 22:02 GMT+02:00, Bryan Duff : > > Is 2.8.14 up-to-date as far as known security issues (e.g > > CVE's) are concerned? > > 2.8 is still supported and gets security updates: >

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-15 Thread Carl Eugen Hoyos
2018-05-15 22:02 GMT+02:00, Bryan Duff : > Is 2.8.14 up-to-date as far as known security issues (e.g > CVE's) are concerned? 2.8 is still supported and gets security updates: http://ffmpeg.org/download.html Note that nearly no fixed FFmpeg security issue gets a CVE, so CVE's

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-15 Thread Paul B Mahol
On 5/15/18, Bryan Duff wrote: > Is 2.8.14 up-to-date as far as known security issues (e.g CVE's) are > concerned? > > Looking at CVE's for ffmpeg, some will say "3.x.y and before" - does that > mean that they only affect 3.x? If not and they affect 2.8.14, then there > are a

Re: [FFmpeg-user] 2.8.14 security updates

2018-05-15 Thread Reindl Harald
Am 15.05.2018 um 22:02 schrieb Bryan Duff: > Is 2.8.14 up-to-date as far as known security issues (e.g CVE's) are > concerned? > > Looking at CVE's for ffmpeg, some will say "3.x.y and before" - does that > mean that they only affect 3.x? If not and they affect 2.8.14, then there > are a