Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 Sep 2017 15:12:18 +0200
From: Hanno Böck <>
Subject: Re: The Internet Bug Bounty: Data Processing

On Thu, 28 Sep 2017 23:13:22 -0700
Reed Loden <> wrote:

> Separately, we're happy to announce that libav (
>;a=summary) was added to the scope
> earlier today.

I'm surprised by this. When I saw the ibb-data bounty I immediately
wondered whether ffmpeg should be in there.

Is there a reason libav is in and ffmpeg is not? Were there concerns by
the ffmpeg devs? (I'm not taking a side in the libav/ffmpeg wars, but
my impression is that many distros who had used libav for some time
have switched back and ffmpeg is clearly the more widely used of the

Given that imagemagick+graphicsmagick are already in there I assume
there's no general problem for IBB to support competing forks.

At the very least I'd recommend that you make sure all ibb-reports for
libav get tested against ffmpeg.

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.