Bug#729203: [FFmpeg-devel] Reintroducing FFmpeg to Debian
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Mon Jul 28 11:10:18 UTC 2014
Hi Julien,
On 28.07.2014 10:44, Julien Cristau wrote:
>> It remains to be seen, what the release team prefers: frustrated users and
>> developers or both forks in jessie.
>>
> The release team is likely to let the people involved in multimedia foo
> fight it out among themselves and pick a winner.
I am not interested in a "fight" and would prefer it very much if this
discussion remained purely technical.
Having a fresh memory of the last fight that took place on debian-devel,
I do not think that repeating a similar disaster is a good idea.
> We're not going to ship both and hand that mess over to the security team.
Could you please explain what "mess" you are talking about?
According to the changelog[1], there have been 8 security updates for
ffmpeg in squeeze. Two of them (4:0.5.6-2 and 4:0.5.6-3) do not contain
security related fixes, but rather fix build failures of the previous
security upload, so they do not really count.
That makes about 6 security fix uploads in about 3 years for squeeze,
i.e. 1 upload per 6 month.
If there were both forks in Jessie, this might double the number of
uploads to 12 in 3 years, but probably some of them could also go
through stable-updates instead of stable-security.
Is that an unbearable burden?
A lot of other software in Debian has already alternatives, like desktop
environments, web browsers, text editors and even init systems.
Why should this not be the case for a multimedia framework?
There is also one particularly similar case, as in the packages are
forks and require many security updates:
MySQL and MariaDB are currently in Debian testing.
Just for comparison, MySQL in squeeze had 3 uploads to stable-security
and 3 to oldstable(-security) [2].
As I mentioned this particular example in my discussion with Moritz, he
said that the security team will "be working with the release
team to sort this out for jessie"[3].
Now, 5 months later, he seems to have changed his mind, as I am not
aware of any such attempt, but instead Moritz seems to support both [4][5].
Thanks in advance for taking the time to answer these questions.
Best regards,
Andreas
1:
http://metadata.ftp-master.debian.org/changelogs//main/f/ffmpeg/ffmpeg_0.5.10-1_changelog
2:
http://metadata.ftp-master.debian.org/changelogs//main/m/mysql-5.1/mysql-5.1_5.1.73-1_changelog
3: https://bugs.debian.org/729203#435
4: https://bugs.debian.org/754940
5: https://bugs.debian.org/754941
More information about the pkg-multimedia-maintainers
mailing list