Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2

To: Hugo Lefeuvre <hle@debian.org>, 901276@bugs.debian.org
Subject: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 13 Jun 2018 20:19:02 +0100
Message-id: <[🔎] 1528917542.2806.57.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 901276@bugs.debian.org
In-reply-to: <[🔎] 20180610185949.GB1968@hle-laptop.local>
References: <[🔎] 20180610185949.GB1968@hle-laptop.local> <[🔎] 20180610185949.GB1968@hle-laptop.local>

Control: tags -1 + confirmed

On Sun, 2018-06-10 at 14:59 -0400, Hugo Lefeuvre wrote:
> lame 3.99.5+repack1-7+deb8u1 is affected by several vulnerabilities
> in
> the code used to read the input file. These issues are not present in
> any Debian release after Jessie because the package switched to
> libsndfile to read and write audio files. The upstream code itself
> was
> recently fixed in 3.100.
> 
> Following advices from lame's upstream and from lame's maintainer I
> proposed the attached patch. In this patch we modify the Jessie
> package to use libsndfile instead of the internal code. The security
> team considers these issues not worth a DSA but recommended me to
> submit this patch as jessie-pu.
> 

+lame (3.99.5+repack1-7+deb8u2) oldstable; urgency=high

Please use "jessie" as the distribution there, and feel free to upload.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
  - From: Hugo Lefeuvre <hle@debian.org>

References:
- Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
  - From: Hugo Lefeuvre <hle@debian.org>

Prev by Date: Processed: Re: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
Next by Date: Bug#831459: jessie-pu: package virtualbox-guest-additions-iso
Previous by thread: Processed: Re: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
Next by thread: Bug#901276: jessie-pu: package lame/3.99.5+repack1-7+deb8u2
Index(es):
- Date
- Thread