Re: [FFmpeg-devel] [RFC] ffmpeg security

2017-02-11 19:05 GMT+08:00 Michael Niedermayer : > On Sat, Feb 11, 2017 at 11:57:31AM +0800, Steven Liu wrote: > > 2017-02-11 11:14 GMT+08:00 Michael Niedermayer : > > > > > On Fri, Feb 10, 2017 at 04:43:17PM -0300, James Almer wrote: > > > > On

Re: [FFmpeg-devel] [RFC] ffmpeg security

On Sat, Feb 11, 2017 at 11:57:31AM +0800, Steven Liu wrote: > 2017-02-11 11:14 GMT+08:00 Michael Niedermayer : > > > On Fri, Feb 10, 2017 at 04:43:17PM -0300, James Almer wrote: > > > On 2/10/2017 4:03 PM, Michael Niedermayer wrote: > > > > Hi community > > > > > > > >

Re: [FFmpeg-devel] [RFC] ffmpeg security

2017-02-11 11:14 GMT+08:00 Michael Niedermayer : > On Fri, Feb 10, 2017 at 04:43:17PM -0300, James Almer wrote: > > On 2/10/2017 4:03 PM, Michael Niedermayer wrote: > > > Hi community > > > > > > what do you prefer about the ffmpeg-security alias ? > > > in no particular

Re: [FFmpeg-devel] [RFC] ffmpeg security

On Fri, Feb 10, 2017 at 04:43:17PM -0300, James Almer wrote: > On 2/10/2017 4:03 PM, Michael Niedermayer wrote: > > Hi community > > > > what do you prefer about the ffmpeg-security alias ? > > in no particular order > > > > Should everyone on the alias be listed in MAINTAINERs under a > >

Re: [FFmpeg-devel] [RFC] ffmpeg security

On 2/10/2017 4:03 PM, Michael Niedermayer wrote: > Hi community > > what do you prefer about the ffmpeg-security alias ? > in no particular order > > Should everyone on the alias be listed in MAINTAINERs under a > ffmpeg-security point? I'd say yes. From a transparency PoV, people should know

[FFmpeg-devel] [RFC] ffmpeg security

Hi community what do you prefer about the ffmpeg-security alias ? in no particular order Should everyone on the alias be listed in MAINTAINERs under a ffmpeg-security point? Should for everyone who is on the alias a reason be listed in MAINTAINERs why (s)he is on the alias ? Should everyone on

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

> > > > > > > I dont think we should give access to ffmpeg-security to everyone who > > > wants to be on the list. This is of course something the community > > > has to decide and not me, iam just err-ing on the safe side and am very > > > restrictive on who is added. > > > > > > > This is a

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On 2/9/2017 10:24 AM, Kieran Kunhya wrote: >> >> I dont think we should give access to ffmpeg-security to everyone who >> wants to be on the list. This is of course something the community >> has to decide and not me, iam just err-ing on the safe side and am very >> restrictive on who is added. >>

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Thu, Feb 09, 2017 at 03:29:40PM +0100, Paul B Mahol wrote: > On 2/9/17, Michael Niedermayer wrote: > > On Thu, Feb 09, 2017 at 08:25:43AM +0100, wm4 wrote: > >> On Wed, 8 Feb 2017 22:07:24 +0100 > >> Michael Niedermayer wrote: > >> > >> > Hi all

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Thu, Feb 09, 2017 at 09:07:39AM -0500, Compn wrote: > On Thu, 09 Feb 2017 13:24:53 +, Kieran Kunhya > wrote: > > > > > > > I dont think we should give access to ffmpeg-security to everyone who > > > wants to be on the list. This is of course something the community > > >

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Thu, 9 Feb 2017 15:27:03 +0100 Michael Niedermayer wrote: > On Thu, Feb 09, 2017 at 08:25:43AM +0100, wm4 wrote: > > On Wed, 8 Feb 2017 22:07:24 +0100 > > Michael Niedermayer wrote: > > > > > Hi all > > > > > > On Sat, Aug 08, 2015 at

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Thu, Feb 09, 2017 at 08:25:43AM +0100, wm4 wrote: > On Wed, 8 Feb 2017 22:07:24 +0100 > Michael Niedermayer wrote: > > > Hi all > > > > On Sat, Aug 08, 2015 at 03:51:11AM +0200, Michael Niedermayer wrote: > > > On Fri, Aug 07, 2015 at 07:46:55PM -0400, compn wrote:

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Thu, 09 Feb 2017 13:24:53 +, Kieran Kunhya wrote: > > > > I dont think we should give access to ffmpeg-security to everyone who > > wants to be on the list. This is of course something the community > > has to decide and not me, iam just err-ing on the safe side and am

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

> > I dont think we should give access to ffmpeg-security to everyone who > wants to be on the list. This is of course something the community > has to decide and not me, iam just err-ing on the safe side and am very > restrictive on who is added. > This is a bogus argument considering how many

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Wed, 8 Feb 2017 22:07:24 +0100 Michael Niedermayer wrote: > Hi all > > On Sat, Aug 08, 2015 at 03:51:11AM +0200, Michael Niedermayer wrote: > > On Fri, Aug 07, 2015 at 07:46:55PM -0400, compn wrote: > > > hello, > > > > > > some of you know that we have a list for

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

Hi all On Sat, Aug 08, 2015 at 03:51:11AM +0200, Michael Niedermayer wrote: > On Fri, Aug 07, 2015 at 07:46:55PM -0400, compn wrote: > > hello, > > > > some of you know that we have a list for security / CVE issues. > > some of you did not know this. > > > > i think it is a private list due to

[FFmpeg-devel] [rfc] ffmpeg security issue mailing list

hello, some of you know that we have a list for security / CVE issues. some of you did not know this. i think it is a private list due to not wanting people to make exploits before we have a chance to fix them. of course, if no one is subscribed to review/fix issues then they will never get

Re: [FFmpeg-devel] [rfc] ffmpeg security issue mailing list

On Fri, Aug 07, 2015 at 07:46:55PM -0400, compn wrote: hello, some of you know that we have a list for security / CVE issues. some of you did not know this. i think it is a private list due to not wanting people to make exploits before we have a chance to fix them. of course, if no one is