1 |
Kent Fredric posted on Wed, 31 Aug 2016 03:11:07 +1200 as excerpted: |
2 |
|
3 |
> On Tue, 30 Aug 2016 09:37:51 +0200 Alexis Ballier <aballier@g.o> |
4 |
> wrote: |
5 |
> |
6 |
>> Most are fixed, but for me this implies that the space for breaking |
7 |
>> users setup is much wider with bundled ffmpeg... |
8 |
> |
9 |
> But that fallout is limited to firefox. |
10 |
> |
11 |
> As opposed to "roll out ffmpeg 3 prematurely" which will break *more* |
12 |
> than just firefox. |
13 |
|
14 |
Umm... you mean chromium, not firefox, correct? |
15 |
|
16 |
Because I checked a couple of the bugs wondering how on earth a chromium- |
17 |
bundled ffmpeg would bug out firefox, and they're definitely chromium |
18 |
bugs, generally build-related, not firefox. |
19 |
|
20 |
Either way, having to stick with an old and likely vulnerable browser |
21 |
because the new one won't build isn't a bug I'd like to have. |
22 |
|
23 |
(In fact, that's one reason I'm downloading my browser updates direct |
24 |
from upstream, now, at least firefox ebuilds can be far enough behind for |
25 |
even ~arch, that I get worried I'm risking my security due to browsing |
26 |
with an outdated browser with known flaws published for several days, |
27 |
long enough the bad guys are likely exploiting them! Yes, there's |
28 |
additional risk from running the same binary build everyone else is, but |
29 |
when it's days after the upstream update and security flaws notification, |
30 |
and there's no ~arch or even hard-masked ebuild for it, even in the |
31 |
mozilla overlay let alone in the main tree, on an app as security- |
32 |
critical as a browser...) |
33 |
|
34 |
-- |
35 |
Duncan - List replies preferred. No HTML msgs. |
36 |
"Every nonfree program has a lord, a master -- |
37 |
and if you use the program, he is your master." Richard Stallman |