[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    Re: [OE-core] [PATCH 1/1] ffmpeg: backport patches to fix 12 CVEs
From:       ChenQi <Qi.Chen () windriver ! com>
Date:       2017-09-30 3:26:01
Message-ID: 786711e4-a496-7e99-e11a-c8b3c5e6e571 () windriver ! com
[Download RAW message or body]

On 09/26/2017 03:56 PM, Alexander Kanavin wrote:
> On 09/26/2017 10:57 AM, ChenQi wrote:
>
>> I agree with you. I have tried to do the upgrade, and it's easy.
>> However, at the current stage, it's unlikely for an upgrade patch to 
>> be accepted. That's why I did the backport.
>
> If the upgrade patch brings a new feature release, then yes. But in 
> this case it's clearly:
>
> a) bugfix only (nearly all commits since 3.3.3 start with 'fix' or 
> 'check') and
> b) contains security fixes
>
> I think it's only a matter of explaining these two things clearly in 
> the commit message: if you do it, the patch will be accepted.
>
> Alex
>

Alex,
Thanks for your suggestion.
I've sent out an upgrade patch with explanation of why 3.3.4 is a bug 
fix version.

Boss,
For the upgrade patch and this cve fixing patch, you can pick either of 
them.
If we cannot merge the patch at this point, it's also OK for me to wait 
for the next development cycle.

Best Regards,
Chen Qi

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
[prev in list] [next in list] [prev in thread] [next in thread]