https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w... so I downloaded https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87... and turned it into ffmpeg-5.1.patch6 (attached) from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
Upgrading to ffmpeg 5.1.2 is more likely to not cause problems so hopefully I can test that too. On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin < [email protected]> wrote:
https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w...
so I downloaded
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87...
and turned it into ffmpeg-5.1.patch6 (attached)
from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
-- Cin mailing list [email protected] https://lists.cinelerra-gg.org/mailman/listinfo/cin
Checked into GIT, the ffmpeg 5.1 patch 6 as Andrew had attached. We will have to remember to exclude this patch on the next ffmpeg upgrade (did not think necessary to upgrade this soon to 5.1.2 after all). On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin < [email protected]> wrote:
https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w...
so I downloaded
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87...
and turned it into ffmpeg-5.1.patch6 (attached)
from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
-- Cin mailing list [email protected] https://lists.cinelerra-gg.org/mailman/listinfo/cin
вс, 16 окт. 2022 г., 19:54 Phyllis Smith <[email protected]>:
Checked into GIT, the ffmpeg 5.1 patch 6 as Andrew had attached. We will have to remember to exclude this patch on the next ffmpeg upgrade (did not think necessary to upgrade this soon to 5.1.2 after all).
from git log there was also patch related to vo9 + alpha encoding ... but may be we also can add it separately. Also, there was some discussion on ffmpeg-devel list on raising max. thread number for vp9 encoder for 4k and 8k video from 16 to 64 threads. Only relevant to big machines .... I also locally compiled cin with ffmpeg 5.1.2 so it turned out to be relatively painless - just remove old tar.xz, put new one, rename patches, and raise number in configure.ac
On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin < [email protected]> wrote:
https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w...
so I downloaded
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87...
and turned it into ffmpeg-5.1.patch6 (attached)
from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
-- Cin mailing list [email protected] https://lists.cinelerra-gg.org/mailman/listinfo/cin
вс, 16 окт. 2022 г., 20:53 Andrew Randrianasulu <[email protected]>:
вс, 16 окт. 2022 г., 19:54 Phyllis Smith <[email protected]>:
Checked into GIT, the ffmpeg 5.1 patch 6 as Andrew had attached. We will have to remember to exclude this patch on the next ffmpeg upgrade (did not think necessary to upgrade this soon to 5.1.2 after all).
from git log there was also patch related to vo9 + alpha encoding ... but may be we also can add it separately. Also, there was some discussion on ffmpeg-devel list on raising max. thread number for vp9 encoder for 4k and 8k video from 16 to 64 threads. Only relevant to big machines ....
http://ffmpeg.org/pipermail/ffmpeg-devel/2022-October/302633.html vp9 alpha patch https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/db2d52e1ff74c89ee5b3da3c969e...
I also locally compiled cin with ffmpeg 5.1.2 so it turned out to be relatively painless - just remove old tar.xz, put new one, rename patches, and raise number in configure.ac
On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin < [email protected]> wrote:
https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w...
so I downloaded
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87...
and turned it into ffmpeg-5.1.patch6 (attached)
from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
-- Cin mailing list [email protected] https://lists.cinelerra-gg.org/mailman/listinfo/cin
вс, 16 окт. 2022 г., 20:53 Andrew Randrianasulu <[email protected]>:
вс, 16 окт. 2022 г., 19:54 Phyllis Smith <[email protected]>:
Checked into GIT, the ffmpeg 5.1 patch 6 as Andrew had attached. We will have to remember to exclude this patch on the next ffmpeg upgrade (did not think necessary to upgrade this soon to 5.1.2 after all).
from git log there was also patch related to vo9 + alpha encoding ... but may be we also can add it separately. Also, there was some discussion on ffmpeg-devel list on raising max. thread number for vp9 encoder for 4k and 8k video from 16 to 64 threads. Only relevant to big machines ....
I also locally compiled cin with ffmpeg 5.1.2 so it turned out to be relatively painless - just remove old tar.xz, put new one, rename patches, and raise number in configure.ac
On Sun, Oct 2, 2022 at 5:24 AM Andrew Randrianasulu via Cin < [email protected]> wrote:
https://github.com/google/security-research/security/advisories/GHSA-vhxg-9w...
so I downloaded
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6f53f0d09ea4c9c7f7354f018a87...
and turned it into ffmpeg-5.1.patch6 (attached)
from description it sounds quite bad, so if this patch does not regress normal files we better to apply it or may be update whole ffmpeg to 5.1.2 ?
-- Cin mailing list [email protected] https://lists.cinelerra-gg.org/mailman/listinfo/cin
participants (2)
-
Andrew Randrianasulu -
Phyllis Smith