[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#729203: Packaging for FFmpeg avoiding conflicts with libav

On Sun, Feb 23, 2014 at 10:53:18AM +0100, Moritz Mühlenhoff wrote:
> On Sat, Feb 22, 2014 at 08:18:20PM +0100, Andreas Cadhalpun wrote:
>...
> > But should they decide that it will not be possible to support both
> > packages for security updates, your argumentation would clearly
> > favor ffmpeg over libav, probably leading to the removal of libav
> > from the archive.
> 
> I don't think that's the case. We've looked into many security issues
> in ffmpeg which didn't affect libav, either because experimental
> code wasn't merged yet or because code was rewritten in libav and not
> affected.

A significant factor is that libav provides a subset of FFmpeg,
and breaks existing APIs frequently.

E.g. except for the idea of removing this pretty popular package
in favour of a dead fork, I don't recall any solution proposed
for getting MPlayer compile again in unstable.

More code tends to have more bugs, so it's not fair to compare the
raw number of bugs for two projects where one provides a subset of
the other.


And is there any explanation for the claim that libav is much slower 
than FFmpeg in merging fixes for issues that seem to be clear bugs,
many of them might have a security impact? [1]


> Also ffmpeg hasn't have long term branches which is a major
> benefit of libav.

If there is demand, my impression is that FFmpeg upstream would be 
willing to discuss providing stable branches that are supported for
2 years like libav.

A Debian release is supported by you for around 4 years after the 
release of the latest libav.[2] Is there any commitment from libav
upstream to provide support for the second half of that time?[3]


> Cheers,
>         Moritz

cu
Adrian

[1] http://googleonlinesecurity.blogspot.fi/2014/01/ffmpeg-and-thousand-fixes.html
[2] the libav branch is on average half a year old when Debian freezes,
    plus half a year freeze plus 2 years until the next Debian stable
    plus 1 year
[3] this is not meant against libav, I am just asking about the status quo

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed
Reply to: