https://bugs.kde.org/show_bug.cgi?id=428726
Stefan Brüns <stefan.bru...@rwth-aachen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |stefan.bruens@rwth-aachen.d
| |e
--- Comment #5 from Stefan Brüns <stefan.bru...@rwth-aachen.de> ---
(In reply to Nate Graham from comment #4)
> (In reply to Bosco Robinson from comment #3)
> > I will report this information back to the appropriate Debian folks if you
> > can tell me the minimum version of KDE in which this issue is resolved.
> Thanks. I think the fix was in 5.58, but it's always recommended to use the
> newest version of KDE frameworks if possible. It was designed as a rolling
> release product and distros that lock a particular version and never update
> it are deviating from the developers' intentions for how it should be
> offered to users.
It is not only the packages provided by the KDE project (Frameworks,
Applications), but also third party dependencies.
For metadata extraction, baloo uses KFileMetadata, which in turn uses many
third party libraries, e.g. taglib, ffmpeg, libepub.
We try to keep the effects of upstream library bugs as small as possible, by
doing extra checks, and by running this code in separate processes.
We have found several bugs in taglib and libepub (that I can remember), and
where fixes have been incorporated upstream (Taglib), or at least patches been
created to pick up for distributions (libepub, dormant/nonexisting upstream).
In this case, the crash is in the Exiv2 library, which is horribly outdated.
Buster uses libexiv 0.25, which is from 2015. Debian is doing a very bad job
here.
--
You are receiving this mail because:
You are watching all bug changes.
