@FFmpeg Care to explain why is it cve slop? In the end wasn't a real vulnerability that was eventually fixed?

@jaysonsantos It's AI generated bug reports on an obscure 1990s hobby codec

@FFmpeg To be fair, is this be a vulnerability if you are accepting random untrusted input files? Is there a matrix of which codecs are considered stable (and hardened) and which are not to be trusted with arbitrary inputs? Not defending Google though, if they aren’t also offering fixes.

@v54kgbfd5f Is it really the job of a volunteer working on hobby 1990s codec to care about Google's security issues? Or anyone's?

@FFmpeg I can just imagine what it must look like on your end; all these big banked corporations building revenue streams built in full, in part or assisted by OSS hobby code & their thank you for free stuff is a cve. “I solved the problem, I opened a ticket”

@FroidEtCold And got a nice bonus at the end of the year for finding so many red CVEs

@FFmpeg Just shut the fuck already. Stop posting and chill out.

@FFmpeg You need a better slur. Call them CBE: Common Begging Exposure. Say that the researchers are submitting AI slop CVEs to pad their own resumes and gain fame. Call it begging because they're begging for an AI slop CVE to be fixed which doesn't even identity a realistic vuln.

The author's attention to detail in his hobby project to reproduce ten frames from a single game from 1995 is astonishing. Look at the slight difference in the shade of black. FFmpeg is committed to making sure every video in the world is playable, perfectly.

unfortunately, learning rust ruined rust for me

I'm convinced those who say LibreOffice is a good replacement of Microsoft Office have never used both