back to basic bug bounties

In this particular example case, FLIC was used, and FLIC seems to be supported with the help of ffmpeg (or libav, depending on what distro & version), so it looks like it didn't show up in earlier fuzzing of ffmpeg.

So, GStreamer should get a similar treatment and be fuzzed to hell, but clearly that isn't enough, and applications like that should always run in a way that the rest of the system is protected from whatever leftover bugs are still around (because otherwise one bug in one obscure format is enough to abuse it).