This has already been reported before (https://bugs.debian.org/786670) and my opinion hasn't changed: I don't think these external libraries increase the attack surface much.
The bug I mentioned was closed by disabling the two external libraries that turned out to be problematic, libopenjpeg and libschroedinger. The issues in openjpeg have been fixed (in openjpeg2), while libschroedinger got removed entirely. As I don't think there is anything else to be done about this, I'm closing this bug as won't fix. ** Bug watch added: Debian Bug tracker #786670 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786670 ** Changed in: ffmpeg (Ubuntu) Status: New => Confirmed ** Changed in: ffmpeg (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1653782 Title: remove / compile without libschroedinger, libtheora, libspeex, ... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1653782/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs