667780 – firefox-60.2.1-r1 complains about vulnerable or not supported libav using libav 12.2 or 13_pre20171219

Bug 667780 - firefox-60.2.1-r1 complains about vulnerable or not supported libav using libav 12.2 or 13_pre20171219

Summary: firefox-60.2.1-r1 complains about vulnerable or not supported libav using lib...

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Mozilla Gentoo Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-10-05 03:49 UTC by Olivier Diotte
Modified:	2018-10-08 03:31 UTC (History)
CC List:	0 users

See Also:	614360
Package list:
Runtime testing required:	---

Attachments
output of emerge --info (emerge--info.txt,6.76 KB, text/plain) 2018-10-05 03:49 UTC, Olivier Diotte	Details
equery uses firefox (firefox-uses.txt,5.88 KB, text/plain) 2018-10-05 03:51 UTC, Olivier Diotte	Details
equery uses libav (libav-uses.txt,6.21 KB, text/plain) 2018-10-05 03:51 UTC, Olivier Diotte	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Olivier Diotte 2018-10-05 03:49:07 UTC

Created attachment 549434 [details]
output of emerge --info

Similar to bug #614360, I get a "libavcodec may be vulnerable or is not supported, and should be updated to play video." on multiple websites.

The same reproducer from that bug also exhibits the error: http://i.imgur.com/GRARvMG.gifv

Comment 1 Olivier Diotte 2018-10-05 03:51:29 UTC

Created attachment 549436 [details]
equery uses firefox

Comment 2 Olivier Diotte 2018-10-05 03:51:52 UTC

Created attachment 549438 [details]
equery uses libav

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2018-10-05 21:42:32 UTC

There's nothing wrong with that message -- it is correct: libav in Gentoo is outdated and has known vulnerabilities and Firefox knows about that.

Not a bug within www-client/firefox.

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2018-10-08 03:31:46 UTC

I bumped libav this weekend. Can you please tell us if the warning is gone with =media-video/libav-12.3?