[FFmpeg-devel] [PATCH v4] Unbreak av_malloc_max(0) API/ABI
Joakim Tjernlund
Joakim.Tjernlund at infinera.com
Fri Nov 6 18:10:00 EET 2020
On Fri, 2020-11-06 at 15:05 +0100, Moritz Barsnick wrote:
>
> On Wed, Nov 04, 2020 at 14:08:23 +0000, Joakim Tjernlund wrote:
> > > No it doesn't. It forces them to upgrade away from a known vulnerable
> > > old Chromium version to one that does not have the issue.
> >
> > I was referring to what is out/released now. Eventually all SW will upgrade for one reason or another.
>
> Are you saying rolled out (or released) applications can update the
> bundled ffmpeg (I guess libffmpeg which is part of Chromium) to include
> this fix, but not update the bundled Chromium? Would updates not switch
> to version 86 because 85 is discontinued?
We unbundle the ffmpeg/mesa and use system mesa/ffmpeg, god knows what versions they ship but they are older.
At some point apps will update and won't need this hack, I have no control over when.
Anyhow, ffmpeg breaks the ABI(by accident) and it breaks some apps.
Question is, do you care or not?
If yes, this patch (or reverting the cleanup patch that broke ABI) is needed.
I don't want to discuss this matter forever, I just want a decision now.
Jocke
More information about the ffmpeg-devel
mailing list