[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1004545: marked as done (libogg: New upstream release (1.3.5, 2020 June 3))

Your message dated Sat, 18 Jun 2022 12:48:55 +0000
with message-id <E1o2Xsl-000BTA-UR@fasolo.debian.org>
and subject line Bug#1004545: fixed in libogg 1.3.5-1
has caused the Debian Bug report #1004545,
regarding libogg: New upstream release (1.3.5, 2020 June 3)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1004545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004545
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Source: libogg
Version: 1.3.4-0.1
Severity: wishlist

Dear maintainer,

there is a new upstream release available, cf.
<https://xiph.org/downloads/>. Its CHANGES merely contain

| Version 1.3.5 (2020 June 3)
| 
|  * Fix unsigned typedef problem on macOS.
|  * Fix overflow check in ogg_sync_buffer.
|  * Clean up cmake and autotools build files.
|  * Remove Symbian and Apple XCode build files.
|  * Fix documentation cross-reference links.

but this "overflow check in ogg_sync_buffer" here seems worthwhile:

| diff -ruN libogg-1.3.4/src/framing.c libogg-1.3.5/src/framing.c
| --- libogg-1.3.4/src/framing.c  2019-08-12 20:56:41.000000000 +0200
| +++ libogg-1.3.5/src/framing.c  2020-11-23 19:41:04.000000000 +0100
| @@ -597,9 +597,14 @@
| 
|    if(size>oy->storage-oy->fill){
|      /* We need to extend the internal buffer */
| -    long newsize=size+oy->fill+4096; /* an extra page to be nice */
| +    long newsize;
|      void *ret;
| 
| +    if(size>INT_MAX-4096-oy->fill){
| +      ogg_sync_clear(oy);
| +      return NULL;
| +    }
| +    newsize=size+oy->fill+4096; /* an extra page to be nice */
|      if(oy->data)
|        ret=_ogg_realloc(oy->data,newsize);
|      else
| @@ -1564,7 +1569,7 @@
|              byteskipcount=byteskip;
|            }
| 
| -          ogg_sync_wrote(&oy,next-buf);
| +          ogg_sync_wrote(&oy,(long)(next-buf));
| 
|            while(1){
|              int ret=ogg_sync_pageout(&oy,&og_de);

In addition this new release refers to its collection of automated tests
that could be executed during build time, cf README.md.

Please update the package when you think it is due time.

Cheers,
Flo

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Source: libogg
Source-Version: 1.3.5-1
Done: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org>

We believe that the bug you reported is fixed in the latest version of
libogg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1004545@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org> (supplier of updated libogg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 18 Jun 2022 14:29:29 +0200
Source: libogg
Architecture: source
Version: 1.3.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: IOhannes m zmölnig (Debian/GNU) <umlaeute@debian.org>
Closes: 1004545
Changes:
 libogg (1.3.5-1) unstable; urgency=medium
 .
   * New upstream version 1.3.5 (Closes: #1004545)
   * Add autopkgtest
Checksums-Sha1:
 8e37725e5935534f7218fe99c0b87d2204d1fe9f 2205 libogg_1.3.5-1.dsc
 5a368421a636f7faa4c2f662857cb507dffd7c99 429076 libogg_1.3.5.orig.tar.xz
 0f3427b5b53decb5b290e7f0aa96333819a8da87 16944 libogg_1.3.5-1.debian.tar.xz
Checksums-Sha256:
 78e5a9994fee11e4a229e18653ac4c38568130a68b4d548c58f2357ffad59865 2205 libogg_1.3.5-1.dsc
 c4d91be36fc8e54deae7575241e03f4211eb102afb3fc0775fbbc1b740016705 429076 libogg_1.3.5.orig.tar.xz
 87957c05aa26ce13edb079d94896f6948160c79265556d27cc8cd726cea1eb8c 16944 libogg_1.3.5-1.debian.tar.xz
Files:
 3d2df5be08771c29ea71a591c4ebcfe3 2205 libs optional libogg_1.3.5-1.dsc
 3178c98341559657a15b185bf5d700a5 429076 libs optional libogg_1.3.5.orig.tar.xz
 2f5e15371b2e483573660c2e25308fe5 16944 libs optional libogg_1.3.5-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJKBAEBCAA0FiEEdAXnRVdICXNIABVttlAZxH96NvgFAmKtxYAWHGZvcnVtQHVt
bGFldXRlLm11ci5hdAAKCRC2UBnEf3o2+DPPD/wILF31gQUknaN1//n5DLGukD4Z
D8XNTI1ulK95jTnmfo1n7eUyFzzCovD+r0lZTN2pVVrH2VWfvtGoiCLKCT9/7cz+
p7311TC93cQYQVM3DCy7+MJe7mQGzafuddiTxtrTUUzmUX34bNiDOWZRN8HXAnkg
qYNW6cKcNRq8ww6TxZX5JxntVKD6Vl3xpOEOLtNWEQK6X54FniqIZ2exvbbCiC4b
Pi1Ge5bjjBflDJflAN34o8wLUmGi8QXr2NuSfyiLu/j6Vq1PDpEbcGhZyhSqJqaR
U+w/J0IKR3qLt/Lzwbo8PsgHQOr89FZVbVgW4CU13vuV/rQ25fEptw77PPnYxVxF
YYz8Kd/qBpGrdkVUVGYJfA2SUQl2yo/w/dN6L0UFCCi4j9b0Yyd12dRPY7RM+mNO
odkFLmpSARQt4OOAjBSGv1Y37wPBdKNawF/ARPQW6JWsTjRJ8R6ezjeyxDfDis1d
w5PrQGrRVD7qHgEKWBdRjBPJaq1nizUq8hmHRJ83vwrRAkWY3uTJx4ExopsGcCqD
IG85i5WIqE9+I1l32vrC9fDiMjqfNgBHNWyerX/aCpf4df6cQO+XCO+aOCgBMm/B
SlXeSTwCtuYzZYy4i93kpUV1F5aNyEBCnwK8SaOQViH0vIoTP8OMXOmucVqeLybf
CC3ivfmAnbH4mKJS7A==
=JcII
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: