Never try to install a package intended for Debian or Ubuntu on another distribution that just happens to use .deb files, unless you have experience dealing with package dependency issues and similar problems. Either use a package intended for the distribution, or use a binary, or build from source.
That looks like a version of libavcodec specific to one version of Ubuntu; that package will never work on Debian, another version of Ubuntu, or most non-Debian distributions.
It's a bad thing for Linux platforms, which should use the system version of ffmpeg; however, that's something much easier to solve when you're actually the Linux distribution, rather than a third party.
Note that many of the changes in this fork come from the Debian packaging of Chromium.
IMO Google is in a better position to deal with ffmpeg security updates than Debian is. Google is spending a lot of effort into fuzz testing ffmpeg[1] and other components of Chrome and also rolls out updates very quickly.
I'd expect the distro ffmpeg to not need as much updating if you're only using it for local media that you trust. But Chrome's ffmpeg has to decode media from untrusted sources so it's important that security bugs get fixed ASAP.
Yes, technological process often comes from not inventing something new. I don't have strong opinions on snappy aside from the name being silly, but taking anti-NIH to the extreme is not how we advance the industry.
It's not extreme at all. All you have to do is install a distro with a good packaging system. Arch is wonderful, and I've heard good things about Void and Gentoo.
Imagine a package system where you could ask to download node.js, and you'll get the latest version. And that's it.
Better yet, imagine having to build a package from source and installing it. You could do it by hand, leaving orphan files all over your system. Or you could write a PKGBUILD that handles installing dependencies, building, and packaging, all in one go.
That's what running Arch feels like. Being able to install fresh popular packages, and being able to easily package your own. Try it sometime.
> It's not extreme at all. All you have to do is install a distro with a good packaging system. Arch is wonderful, and I've heard good things about Void and Gentoo.
Depends what you classify as criteria for a "good packaging system". Arch didn't even sign their packages until a few years ago, and the build system for their packages is not very good IMO. What makes Arch great is the fact that they have a large library of very up to date packages. Personally (though I'm biased) I like openSUSE's package manager (zypper). It's an enterprise-grade package manager that supports things like patterns and can differentiate between security updates and regular updates. It also supports delta RPMs for patching.
> Better yet, imagine having to build a package from source and installing it. You could do it by hand, leaving orphan files all over your system. Or you could write a PKGBUILD that handles installing dependencies, building, and packaging, all in one go.
rpmbuild has this. And there's also OBS (the open build system) which was originally written by the openSUSE community but supports many other distributions (including Arch as well as Fedora, Debian and the other usual suspects).
FWIW, I do agree that snappy is the wrong solution to the problem. The correct solution is backing proper package managers. So I think we're in agreement. :P
You're right. It's just that the people who manage packages for those distros are actually sane. I can't believe people are still on kernel 4.4, or nodejs 0.10, or whatever.
That looks like a version of libavcodec specific to one version of Ubuntu; that package will never work on Debian, another version of Ubuntu, or most non-Debian distributions.