You could argue that, but I think that a bug is the software failing to do what ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kykat 6 days ago \| parent \| context \| favorite \| on: FFmpeg to Google: Fund us or stop sending bugs You could argue that, but I think that a bug is the software failing to do what it was specified, or what it promised to do. If security wasn't promised, it's not a bug.

adastra22 6 days ago [–]

Which is exactly the case here. This CVE is for a hobby codec written to support digital preservation of a some obscure video files from the 90’s that are used nowhere else. No security was promised.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact