On Wed, Sep 14, 2016 at 12:09:05PM +0200, Hugo Lefeuvre wrote: > > This is not how libav security updates are handled in Debian; we've > > always shipped the 0.8.x and 11.x bugfix releases in -security. > > So, should we wait for the new upstream release to make a Debian LTS/Security > upload ? > > IMHO, directly packaging the new upstream release is a good idea but it will > probably modify a large quantity of source code at once, and thus make debugging > harder in case of regressions. If you look at the type of changes that go into libav release branches, it is mostly leaf code, almost never changes to the core itself. Thus, if there was a regression, there would only be 1-2 relevant changes and very little source code change to investigate. Diego
Attachment:
signature.asc
Description: Digital signature