Codeina security concerns

[Lubomir Kundrak]

Hi,

I'm a bit worried about codecs installed from Fluendo. What if a
security problem is found in them, how are they going to be updated? 

I assume the only way would be to ship an updated codeina package and
update the installed codecs via scriptlets. But this would be easy if
the codecs were installed system-wide, currently they are installed into
user's home directory (btw wouldn't this cause trouble if user shares
home directories on machines of different architectures?), which might
make this way terribly painful.

Another way would be to make codeina check for updated packages each
time a media player is started. Or does this already happen?

Regards,
-- 
Lubomir Kundrak (Red Hat Security Response Team)