[Bug 215271] www/chromium: maybe use system ffmpeg

bugzilla-noreply Tue, 13 Dec 2016 00:49:26 -0800

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215271


            Bug ID: 215271
           Summary: www/chromium: maybe use system ffmpeg
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://www.freebsd.org/doc/en/books/porters-handbook/
                    bundled-libs.html
                OS: Any
            Status: New
          Keywords: feature, needs-patch, security
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: [email protected]
          Reporter: [email protected]
             Flags: maintainer-feedback?([email protected])
          Assignee: [email protected]

Chromium bundles out of date FFmpeg snapshot. While upstream limits the attack
surface to what's defined in HTML5 video/audio + WebRTC and backports security
fixes, some may fly under the radar e.g.,

    CVE-2016-6164 is still unfixed as of 55.0.2883.87:
    https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/054db631200c

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-chromium
To unsubscribe, send any mail to "[email protected]"

[Bug 215271] www/chromium: maybe use system ffmpeg

Reply via email to