[FFmpeg-devel] FYI: wine patchbot software

Martin Lindhe martin
Fri Jun 5 10:16:12 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

M?ns Rullg?rd wrote:
> Martin Lindhe <martin at startwars.org> writes:
> 
>> Hello, I just wanted to let you all know that the Wine project has
>> prodcued a "patch bot" software.
>>
>> The concept is simple:
>>
>> * A script pulls patches sent to wine devel list, applies to TRUNK,
>> compiles & perform regression tests
> 
> That is security suicide.  What if someone sends a patch that makes it
> do something really nasty?
> 

Another approach could be to whitelist certain email addresses where
patches will be accepted from

Best regards
Martin Lindhe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkoo1EwACgkQbY7g2XMFHOAOmACbBpgTnBH+pq2qwhHAPJtjo8sK
t1UAoLDkmM4xq7Ik6nNEmIt6UdOCit2L
=e0+r
-----END PGP SIGNATURE-----



More information about the ffmpeg-devel mailing list