Re: [Retired] gstreamer & gstreamer-plugins-base

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Feb 11, 2020 at 10:00 am, Dominik 'Rathann' Mierzejewski <dominik@xxxxxxxxxxxxxx> wrote:
It means that the fixes are available and can be applied to Fedora
package if necessary. I'm still waiting for someone to point out a
specific *unfixed* *critical* vulnerability that some of the folks
posting in this thread mentioned. Otherwise, I see no reason to prevent me or anyone else from keeping gstreamer 0.10 packages alive in Fedora.

CVE-2019-9928, buffer overflow in RTSP parsing

Yeah it would be a one-line patch to fix that, but that's not the point. Point is the vast majority of security issues never get CVEs and we rely on regular updates to the latest upstream version to avoid those.

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux