Date: Wed, 23 Dec 2015 14:26:47 -0500 From: Michael Jung <mikej@mikej.com> To: freebsd-ports@freebsd.org Subject: Re: Reporting fixes so that vuxml can be updated Message-ID: <2633f9da097370a82c04c83d9cc3a11a@192.168.6.63> In-Reply-To: <44zix1yuj1.fsf@lowell-desk.lan> References: <f24ccbebdbd250ca0d5436d8605929ff@192.168.6.63> <44zix1yuj1.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2015-12-23 11:55, Lowell Gilbert wrote: > Michael Jung <mikej@mikej.com> writes: > >> "pkg audit" on my system returns the following CVE's for ffmpeg. I >> have noted >> in the list below that http://www.ffmpeg.org/security.html claims >> these CVE's >> were fixed in the ffmpeg version noted. >> >> Is this the correct place/list to report updates to that vuxml can be >> updated? > > No updates to vuxml are needed (or appropriate). > > Update your ffmpeg port and you'll be fine. > _______________________________________________ > freebsd-ports@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to > "freebsd-ports-unsubscribe@freebsd.org" I neglected to state that my port is current ffmpeg-2.8.3_2,1 Realtime audio/video encoder/converter and streaming server Yet all the CVE's reported by "pkg audit" have been fixed according to the ffmpeg security link provided in my previous email and my notes as to what version of ffmpeg they were corrected in. This would seem to me that vuxml is not current as of the current maintainers package version. PORTNAME= ffmpeg PORTVERSION= 2.8.3 PORTREVISION= 2 PORTEPOCH= 1 Please let me know what I am missing here. Regards, --mikej
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2633f9da097370a82c04c83d9cc3a11a>