[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1032933: unblock: sox/14.4.2+git20190427-3.5



Dear Helmut,

Thank you for taking care of this. Minor typo I noticed by having a
quick look at your diff, in your changelog entry:
s/decodeing/decoding/ .

Best regards,

-Pascal
--
Homepage (http://pascal.giard.info)
École de technologie supérieure (http://etsmtl.ca)

Le mar. 14 mars 2023, à 07 h 06, Helmut Grohne <helmut@subdivi.de> a écrit :
>
> Package: release.debian.org
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: sox@packages.debian.org, security@debian.org
> Control: affects -1 + src:sox
>
> Please unblock package sox
>
> [ Reason ]
>
> I recently performed a security update of sox in unstable and that
> happened to migrate to testing. Now it was reported (#1032082) that sox
> would no longer be able to parse WAV GSM files. This turns out to be a
> regression in my fix for CVE-2021-33844. The .5 upload fixes this
> regression and adds a test case.
>
> [ Impact ]
>
> sox will be able to parse WAV GSM files again.
>
> [ Tests ]
>
> The patch adds a test case to the upstream test suite.
>
> [ Risks ]
>
> The diff is short, but the original change was believed not to be risky
> already and it turned out to be bad, so keep the fingers crossed. I
> appreciate if someone actually reviews the change to avoid me looking
> bad again.
>
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
>
> [ Other info ]
>
> The bug was backported to stable and oldstable. We plan to update them
> via a regression DSA and a regression DLA. SRM involvement not needed.
>
> unblock sox/14.4.2+git20190427-3.5
>
> Helmut


Reply to: