Your message dated Sat, 18 Jun 2022 12:48:55 +0000 with message-id <E1o2Xsl-000BTA-UR@fasolo.debian.org> and subject line Bug#1004545: fixed in libogg 1.3.5-1 has caused the Debian Bug report #1004545, regarding libogg: New upstream release (1.3.5, 2020 June 3) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1004545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004545 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libogg: New upstream release (1.3.5, 2020 June 3)
- From: Florian Ernst <florian_ernst@gmx.net>
- Date: Sun, 30 Jan 2022 11:23:34 +0100
- Message-id: <YfZnJsfmc0cHcNIU@fernst.no-ip.org>
Source: libogg Version: 1.3.4-0.1 Severity: wishlist Dear maintainer, there is a new upstream release available, cf. <https://xiph.org/downloads/>. Its CHANGES merely contain | Version 1.3.5 (2020 June 3) | | * Fix unsigned typedef problem on macOS. | * Fix overflow check in ogg_sync_buffer. | * Clean up cmake and autotools build files. | * Remove Symbian and Apple XCode build files. | * Fix documentation cross-reference links. but this "overflow check in ogg_sync_buffer" here seems worthwhile: | diff -ruN libogg-1.3.4/src/framing.c libogg-1.3.5/src/framing.c | --- libogg-1.3.4/src/framing.c 2019-08-12 20:56:41.000000000 +0200 | +++ libogg-1.3.5/src/framing.c 2020-11-23 19:41:04.000000000 +0100 | @@ -597,9 +597,14 @@ | | if(size>oy->storage-oy->fill){ | /* We need to extend the internal buffer */ | - long newsize=size+oy->fill+4096; /* an extra page to be nice */ | + long newsize; | void *ret; | | + if(size>INT_MAX-4096-oy->fill){ | + ogg_sync_clear(oy); | + return NULL; | + } | + newsize=size+oy->fill+4096; /* an extra page to be nice */ | if(oy->data) | ret=_ogg_realloc(oy->data,newsize); | else | @@ -1564,7 +1569,7 @@ | byteskipcount=byteskip; | } | | - ogg_sync_wrote(&oy,next-buf); | + ogg_sync_wrote(&oy,(long)(next-buf)); | | while(1){ | int ret=ogg_sync_pageout(&oy,&og_de); In addition this new release refers to its collection of automated tests that could be executed during build time, cf README.md. Please update the package when you think it is due time. Cheers, FloAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 1004545-close@bugs.debian.org
- Subject: Bug#1004545: fixed in libogg 1.3.5-1
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 18 Jun 2022 12:48:55 +0000
- Message-id: <E1o2Xsl-000BTA-UR@fasolo.debian.org>
- Reply-to: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org>
Source: libogg Source-Version: 1.3.5-1 Done: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org> We believe that the bug you reported is fixed in the latest version of libogg, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1004545@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org> (supplier of updated libogg package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 18 Jun 2022 14:29:29 +0200 Source: libogg Architecture: source Version: 1.3.5-1 Distribution: unstable Urgency: medium Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org> Changed-By: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org> Closes: 1004545 Changes: libogg (1.3.5-1) unstable; urgency=medium . * New upstream version 1.3.5 (Closes: #1004545) * Add autopkgtest Checksums-Sha1: 8e37725e5935534f7218fe99c0b87d2204d1fe9f 2205 libogg_1.3.5-1.dsc 5a368421a636f7faa4c2f662857cb507dffd7c99 429076 libogg_1.3.5.orig.tar.xz 0f3427b5b53decb5b290e7f0aa96333819a8da87 16944 libogg_1.3.5-1.debian.tar.xz Checksums-Sha256: 78e5a9994fee11e4a229e18653ac4c38568130a68b4d548c58f2357ffad59865 2205 libogg_1.3.5-1.dsc c4d91be36fc8e54deae7575241e03f4211eb102afb3fc0775fbbc1b740016705 429076 libogg_1.3.5.orig.tar.xz 87957c05aa26ce13edb079d94896f6948160c79265556d27cc8cd726cea1eb8c 16944 libogg_1.3.5-1.debian.tar.xz Files: 3d2df5be08771c29ea71a591c4ebcfe3 2205 libs optional libogg_1.3.5-1.dsc 3178c98341559657a15b185bf5d700a5 429076 libs optional libogg_1.3.5.orig.tar.xz 2f5e15371b2e483573660c2e25308fe5 16944 libs optional libogg_1.3.5-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJKBAEBCAA0FiEEdAXnRVdICXNIABVttlAZxH96NvgFAmKtxYAWHGZvcnVtQHVt bGFldXRlLm11ci5hdAAKCRC2UBnEf3o2+DPPD/wILF31gQUknaN1//n5DLGukD4Z D8XNTI1ulK95jTnmfo1n7eUyFzzCovD+r0lZTN2pVVrH2VWfvtGoiCLKCT9/7cz+ p7311TC93cQYQVM3DCy7+MJe7mQGzafuddiTxtrTUUzmUX34bNiDOWZRN8HXAnkg qYNW6cKcNRq8ww6TxZX5JxntVKD6Vl3xpOEOLtNWEQK6X54FniqIZ2exvbbCiC4b Pi1Ge5bjjBflDJflAN34o8wLUmGi8QXr2NuSfyiLu/j6Vq1PDpEbcGhZyhSqJqaR U+w/J0IKR3qLt/Lzwbo8PsgHQOr89FZVbVgW4CU13vuV/rQ25fEptw77PPnYxVxF YYz8Kd/qBpGrdkVUVGYJfA2SUQl2yo/w/dN6L0UFCCi4j9b0Yyd12dRPY7RM+mNO odkFLmpSARQt4OOAjBSGv1Y37wPBdKNawF/ARPQW6JWsTjRJ8R6ezjeyxDfDis1d w5PrQGrRVD7qHgEKWBdRjBPJaq1nizUq8hmHRJ83vwrRAkWY3uTJx4ExopsGcCqD IG85i5WIqE9+I1l32vrC9fDiMjqfNgBHNWyerX/aCpf4df6cQO+XCO+aOCgBMm/B SlXeSTwCtuYzZYy4i93kpUV1F5aNyEBCnwK8SaOQViH0vIoTP8OMXOmucVqeLybf CC3ivfmAnbH4mKJS7A== =JcII -----END PGP SIGNATURE-----
--- End Message ---