Hi, I noticed today on Debian Weekly News that FFMpeg has had a security-related bug. Are you aware that ffmpeg in Debian ships static libraries? If I understand correctly, this means other packages building against FFMpeg (Xine, GStreamer and VLC comes to my mind) actually contain a copy of the libavcodec library rather than linking to it dynamically - and must then also all of them be rebuilt, pulling in the security-fixed library. The reason for the static linking, I believe, is that FFMpeg upstream has recommended to use static linking due to the ABI (or is it API) not yet stable. I suspect, however, that this could be dealt with differently for Debian (and I suspect this to be against policy, but is incapable technically to take up an argument about that). - Jonas -- * Jonas Smedegaard - idealist og Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ - Enden er nær: http://www.shibumi.org/eoti.htm
Attachment:
pgpV7k1iPXVZV.pgp
Description: PGP signature