Ciao Alessandro,
and thanks for sharing your thoughts, it's genuinely appreciated.
On Mon, May 18, 2015 at 1:26 PM, Alessandro Ghedini gh...@debian.org wrote:
And it's already clear that libav just doesn't provide enough security
coverage,
Can you please elaborate? AFAICS the versions in
Quoting Alessandro Ghedini (2015-05-18 14:33:18)
On Mon, May 18, 2015 at 11:15:04AM +0200, Jonas Smedegaard wrote:
There are multiple ways to handle packages unsuitable for long-term
maintenance:
* Treat as experimental - e.g. mpv
How is mpv unsuitable for long-term maintainance?
Oh, I
Hi Reinhard,
2015-05-18 12:16 GMT+02:00 Reinhard Tartler siret...@gmail.com:
...
These days, FFmpeg for
sure asks for most (if not all) CVE numbers recently assigned, and
claims
to provide patches for them.
FFmpeg not only claims to provide patches, but actually does provide them:
On Sun, May 17, 2015 at 10:53:37PM +0200, Jonas Smedegaard wrote:
Quoting Alessandro Ghedini (2015-05-17 21:58:15)
The issues mentioned in the page were hardly wide ranging. One was
about the fact that libav doesn't implement some video filters, which
forces mpv to carry its own
2015-05-18 14:29 GMT+02:00 Felipe Sateler fsate...@debian.org:
On 18 May 2015 at 05:55, IOhannes m zmölnig (Debian/GNU)
umlae...@debian.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2015-05-18 10:04, nore...@alioth.debian.org wrote:
Joining with my fab...@debian.org
On Mon, May 18, 2015 at 11:15:04AM +0200, Jonas Smedegaard wrote:
There are multiple ways to handle packages unsuitable for long-term
maintenance:
* Treat as experimental - e.g. mpv
How is mpv unsuitable for long-term maintainance?
* Have security team treat as too unreliable - e.g.
On lun, mag 18, 2015 at 01:47:25 +0100, Alessio Treglia wrote:
Ciao Alessandro,
and thanks for sharing your thoughts, it's genuinely appreciated.
On Mon, May 18, 2015 at 1:26 PM, Alessandro Ghedini gh...@debian.org wrote:
And it's already clear that libav just doesn't provide enough
Quoting Dmitry Smirnov (2015-05-17 03:28:28)
I also found an interesting comparison where mpv upstream shares
their assessment of the problem:
https://web.archive.org/web/20150115005029/https://github.com/mpv-player/mpv/wiki/FFmpeg-versus-Libav
Quoting Alessandro Ghedini (2015-05-18
Processing commands for cont...@bugs.debian.org:
tags 785141 + unreproducible
Bug #785141 [inkscape] inkscape crashes when opening any files if there are
strange items in the recent files list
Added tag(s) unreproducible.
thanks
Stopping processing here.
Please contact me if you need
Your message dated Mon, 18 May 2015 18:21:15 +0200
with message-id 20150518162115.GA5886@localhost
and subject line Re: Fixed upstream in 0.91
has caused the Debian Bug report #758986,
regarding inkscape: Inkscape crashes printing to Postscript from the command
line
to be marked as done.
This
On Sat, May 16, 2015 at 03:43:37PM +0200, Alessandro Ghedini wrote:
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
Version: 6:11.3-1
On
2015-05-18 17:50 GMT+02:00 Jonas Smedegaard d...@jones.dk:
...
and I don't really understand why you are asking for explanation.
I thought is was obvious from above that I merely bounced a question
asked by Alessandro back to himself.
I suggest stopping that.
Define how you quantify long-term
Quoting Bálint Réczey (2015-05-18 16:59:34)
2015-05-18 16:45 GMT+02:00 Jonas Smedegaard d...@jones.dk:
Quoting Alessandro Ghedini (2015-05-18 14:33:18)
On Mon, May 18, 2015 at 11:15:04AM +0200, Jonas Smedegaard wrote:
There are multiple ways to handle packages unsuitable for long-term
Processing commands for cont...@bugs.debian.org:
severity 785141 normal
Bug #785141 [inkscape] inkscape crashes when opening any files if there are
strange items in the recent files list
Severity set to 'normal' from 'important'
thanks
Stopping processing here.
Please contact me if you need
Your message dated Mon, 18 May 2015 18:39:09 +0200
with message-id 20150518163909.GA7476@localhost
and subject line Re: inkscape presumably built against pre-stable libraries
has caused the Debian Bug report #731973,
regarding inkscape presumably built against pre-stable libraries
to be marked as
On 18 May 2015 at 15:49, ross-gu...@users.alioth.debian.org wrote:
The following commit has been merged in the master branch:
commit 0c491f273939fc71808989727f71351be3893661
Author: Ross Gammon rossgam...@mail.dk
Date: Mon May 18 20:48:23 2015 +0200
Fix errors from log add first RFP
On 2015-05-18 20:01:47, Alessandro Ghedini wrote:
On Sat, May 16, 2015 at 03:43:37PM +0200, Alessandro Ghedini wrote:
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian
Hi Reinhard,
On 18.05.2015 12:16, Reinhard Tartler wrote:
Please excuse my previous unfinished reply, it was sent in accident.
No problem, such things can happen.
I'm not sure if this post really adds to this discussion, please
consider it as clarifications to my previous post.
I find it
Package: mpv
Version: 0.6.2-2
Severity: grave
Justification: renders package unusable
Dear Maintainer,
* What led up to the situation?
I wanted to play a video.
* What exactly did you do (or not do) that was effective (or
ineffective)?
At a shell prompt, I typed /usr/bin/mpv
binary:libffms2-4 is NEW.
Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are valid), so please be patient.
Packages are routinely processed through to the
ffms2_2.21-1_amd64.changes uploaded successfully to localhost
along with the files:
ffms2_2.21-1.dsc
ffms2_2.21.orig.tar.gz
ffms2_2.21-1.debian.tar.xz
ffmsindex_2.21-1_amd64.deb
libffms2-4_2.21-1_amd64.deb
libffms2-dev_2.21-1_amd64.deb
Greetings,
Your Debian queue daemon
On 05/18/2015 08:52 PM, Felipe Sateler wrote:
On 18 May 2015 at 15:49, ross-gu...@users.alioth.debian.org wrote:
The following commit has been merged in the master branch:
commit 0c491f273939fc71808989727f71351be3893661
Author: Ross Gammon rossgam...@mail.dk
Date: Mon May 18 20:48:23 2015
On 05/18/2015 09:38 PM, Ross Gammon wrote:
On 05/18/2015 08:52 PM, Felipe Sateler wrote:
On 18 May 2015 at 15:49, ross-gu...@users.alioth.debian.org wrote:
The following commit has been merged in the master branch:
commit 0c491f273939fc71808989727f71351be3893661
Author: Ross Gammon
On May 15, 2015 4:56 PM, Andreas Cadhalpun
andreas.cadhal...@googlemail.com wrote:
Hi Reinhard,
thanks for explaining your point of view here.
On 15.05.2015 09:23, Reinhard Tartler wrote:
Thanks for this insightful post, Dmitry,
On Mon, May 11, 2015 at 5:44 AM, Dmitry Smirnov
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2015-05-18 10:04, nore...@alioth.debian.org wrote:
Joining with my fab...@debian.org account.
congratulations fabian, for becoming a DD!
fgmsdr
IOhannes
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
Quoting IOhannes m zmölnig (Debian/GNU) (2015-05-18 09:36:51)
On 2015-05-17 22:53, Jonas Smedegaard wrote:
I use bleeding edge tools for some of my own work. And I use FFmpeg
for some of that. But I will continue to use bleeding edge tools for
that work - which renders it irrelevant for
Please excuse my previous unfinished reply, it was sent in accident.
I'm not sure if this post really adds to this discussion, please consider
it as clarifications to my previous post.
On May 15, 2015 4:56 PM, Andreas Cadhalpun
I think security is not a decisive topic where either project
Processing commands for cont...@bugs.debian.org:
# bugs with submitter fab...@greffrath.com
submitter 692141 !
Bug #692141 {Done: Andreas Henriksson andr...@fatal.se} [gnome-menus]
gnome-menus: Please black-list that Imagemagick (display) icon
Changed Bug submitter to 'fab...@debian.org' from
28 matches
Mail list logo