[MPlayer-users] Why no security advisory for CVE-2008-3827
Manuel Reimer
Manuel.Spam at nurfuerspam.de
Sun Oct 12 14:18:48 CEST 2008
Loren Merritt wrote:
> Did you miss the part in the very page you linked which says the bug was
> fixed before the CERT was published, and links to the commit?
And so it's my job to backport this commit to get it to work with
Mplayer 1.0 RC2?
> Or do you expect us to release a new official binary every time some bug
> gets fixed?
No, but you could have placed the patch to
ftp://ftp1.mplayerhq.hu/MPlayer/patches
and you could have published some information to the homepage of
mplayer. How should Mplayer 1.0 RC2 users find out that they have to
patch and recompile if you don't tell them?
CU
Manuel
More information about the MPlayer-users
mailing list