On Sat, 2009-10-31 at 09:12 +0100, Reinhard Tartler wrote: > One problem, it breaks build. Therefore, I had to backport svn r18016 > aka 'MOV-Support-stz2-Compact-Sample-Size-Box' to fix FTBFS. without > this patch, libavformat/mov.c won't compile, as field_size is introduced > with this commit. While this patch is strictly speaking not in scope of > an security update, it is easier to stick with upstream and backport > this patch in addition.
Agreed. > > How to proceed now? In any case, I'll prepare an upload for lucid once > it opens. Will you prepare uploads for stable ubuntu security pockets? The next step, IMO, is to get CVE numbers assigned. Since CVE numbers aren't usually given to client application crashes, someone needs to analyze each issue to see if it is exploitable or not. Marc. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
