[Mageia-dev] ffmpeg in mageia1 updates testing (revision 171164)

Anssi Hannula anssi at mageia.org
Sat Nov 26 16:05:20 CET 2011 

On 26.11.2011 16:47, Thomas Backlund wrote:
> 26.11.2011 16:15, Anssi Hannula skrev:
>> On 26.11.2011 09:54, zezinho wrote:
>>> Le samedi 26 novembre 2011 02:31:43, Anssi Hannula a écrit :
>>>> About 75% of the crash issues fixed by the above 0.7 commits affect
>>>> mga1
>>>> 0.6.x, with a sample size of 70 commits.
>>>
>>> So maybe we should consider ffmpeg as Firefox : a software we must
>>> upgrade
>>> because upstream fixes security only in latest version.
>>
>> Unfortunately FFmpeg is much less 'stable' than firefox in both its
>> dependencies and API across different series. Meaning that upgrade of
>> FFmpeg often requires upgrade of libx264 (like in 0.6->0.7), or requires
>> changes in software that uses FFmpeg (0.6->0.7 doesn't, however).
>>
>> The "easy" way out in this case could be upgrading FFmpeg 0.6->0.7 and
>> x264 and doing extensive Q&A to avoid breakage. The "hard" way is
>> backporting the ~200 relevant patches (most of which don't apply
>> automatically).
>>
> 
> And you dont think upgrading to a new ffmpeg will bring new bugs and
> need for new fixes...

Hence the quotes around "easy" and "hard".

> We dont even have BR about those bugs in our bugzilla, so apparently
> they are not that important or not easy to hit.
> 
>
> The real easy way is: just apply the 5 security fixes and be done with it.
> 
> 
> https://wiki.mageia.org/en/Updates_policy
> "For the most part, an update should consist of a patched build of the
> same version of the package released with the distribution"
> 
> 
> If we start the "look at upstream, there are X number of fixes not in
> our package", where does it end ??
> 
> We will soon have to do it for every package, and that is Cauldron or a
> rolling release, not really a stable release.

Obviously only security fixes are relevant.

> And we dont have the manpower in QA to start a updating frenzy like this.
> 
> The point is simple: software _always_ have bugs. Thats a fact.
> 
> upgrading from one version to another does not only "fix bugs",
> it's also "replacing old bugs" with "new ones"

(BTW, I wasn't advocating upgrading FFmpeg 0.6->0.7, though admittedly
my post was badly worded so it might've looked like I was)

-- 
Anssi Hannula

More information about the Mageia-dev mailing list