Quoting Andreas Cadhalpun (2016-01-21 23:03:25) > On 20.01.2016 13:42, Anton Khirnov wrote: > > It is of very limited usefulness and is a source of important security > > problems. > > > > Bug-Id: CVE-2016-1897 > > Bug-Id: CVE-2016-1898 > > --- > > Changelog | 1 + > > doc/protocols.texi | 26 ------- > > libavformat/Makefile | 1 - > > libavformat/allformats.c | 1 - > > libavformat/concat.c | 191 > > ----------------------------------------------- > > 5 files changed, 1 insertion(+), 219 deletions(-) > > delete mode 100644 libavformat/concat.c > > Why not fix the issue properly instead of removing useful functionality? > > Removing this protocol doesn't fix the underlying problem, so another > protocol, which might be added at some point in the future, could > expose the same vulnerabilities.
Just so it's clear what we're talking about, what is "properly" for you? And what do you see as "the underlying problem"? -- Anton Khirnov _______________________________________________ libav-devel mailing list libav-devel@libav.org https://lists.libav.org/mailman/listinfo/libav-devel
