Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2

To: Hugo Lefeuvre <hle@debian.org>
Cc: 901276@bugs.debian.org
Subject: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 11 Jun 2018 22:55:41 +0200
Message-id: <[🔎] 20180611205541.GA4355@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 901276@bugs.debian.org
In-reply-to: <[🔎] 20180610185949.GB1968@hle-laptop.local>
References: <[🔎] 20180610185949.GB1968@hle-laptop.local> <[🔎] 20180610185949.GB1968@hle-laptop.local>

On Sun, Jun 10, 2018 at 02:59:49PM -0400, Hugo Lefeuvre wrote:
> 
> lame 3.99.5+repack1-7+deb8u1 is affected by several vulnerabilities in
> the code used to read the input file. These issues are not present in
> any Debian release after Jessie because the package switched to
> libsndfile to read and write audio files. The upstream code itself was
> recently fixed in 3.100.
 
FWIW, patch looks fine.

Cheers,
        Moritz

Reply to:

References:
- Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
  - From: Hugo Lefeuvre <hle@debian.org>

Prev by Date: Re: jessie-security packages missing from ftp-master
Next by Date: Re: jessie-security packages missing from ftp-master
Previous by thread: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
Next by thread: Processed: Re: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
Index(es):
- Date
- Thread