Hi Moritz,
On 18.08.2014 14:05, Moritz Mühlenhoff wrote:
Andreas Cadhalpun <andreas.cadhal...@googlemail.com> schrieb:
On 18.08.2014 08:36, Thomas Goirand wrote:
There's been a very well commented technical reason stated here: the
release team don't want to deal with 2 of the same library that are
doing (nearly) the same things, with potentially the same security
issues that we'd have to fix twice rather than once.
Why is it a security problem to have FFmpeg and Libav, but apparently no
problem to have MySQL, MariaDB and PerconaDB?
Raphael Geissert already wrote that mysql/mariadb/percona will be
addressed as well; we haven't come around to since since we need to
deal with a lot of stuf and being dragged into endless discussions
on -devel is certainly not helpful.
I don't remember Raphael Geissert writing anything about security
concerns with having MySQL, MariaDB and PerconaDB, only that you wrote
half a year ago, that the security team will "be working with the
release team to sort this out for jessie" [1].
As I haven't seen any further discussion about this and the recent mail
about MySQL, MariaDB and PerconaDB on debian-devel [2] indicated that
the plan was to have all of them as alternatives, I assumed this was
resolved.
There wouldn't be any discussion about the security of FFmpeg and Libav
as well, if you hadn't started it [3].
Why is FFmpeg treated differently than MariaDB/PerconaDB?
Best regards,
Andreas
1: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729203#435
2: https://lists.debian.org/debian-devel/2014/08/msg00016.html
3: https://lists.debian.org/debian-devel/2014/02/msg00668.html
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
