Change log for faad2 package in Debian
1 → 32 of 32 results | First • Previous • Next • Last |
faad2 (2.11.1-1) unstable; urgency=medium * Add fixed CVE ids to previous debian/changelog entry. * New upstream version 2.11.1 + Check for lrintf() availability, link with -lm and define HAVE_LRINTF accordingly (Closes: #1055729). * Upstream installs the frontend manpage again, so do we. * Add "Build-Depends-Package: libfaad-dev" to libfaad_drm.so.2 symbols. * Bump Standards-Version to 4.6.2. * Bump Debian packaging copyright to 2023. -- Fabian Greffrath <email address hidden> Tue, 14 Nov 2023 08:32:47 +0100
Available diffs
- diff from 2.10.1-1 to 2.11.1-1 (156.2 KiB)
- diff from 2.11.0-1 to 2.11.1-1 (3.2 KiB)
faad2 (2.11.0-1) unstable; urgency=medium * New upstream version 2.11.0 * Add cmake to Build-Depends. * Build only shared libraries. * Build with -fvisibility=hidden. * Remove plugins/ directory from debian/copyright. -- Fabian Greffrath <email address hidden> Tue, 07 Nov 2023 10:10:20 +0100
faad2 (2.10.1-1) unstable; urgency=medium * Fix debian/watch file. * New upstream version 2.10.1 * Remove patches, applied upstream. * Update Debian packaging copyright. * Update faad.lintian-overrides file. -- Fabian Greffrath <email address hidden> Thu, 20 Oct 2022 22:15:02 +0200
Available diffs
- diff from 2.10.0-2 to 2.10.1-1 (3.9 KiB)
Published in buster-release |
faad2 (2.10.0-1~deb10u1) buster-security; urgency=medium * Rebuild for buster, addresses multiple security issues -- Moritz Mühlenhoff <email address hidden> Thu, 24 Mar 2022 19:44:40 +0100
faad2 (2.10.0-2) unstable; urgency=medium [ Debian Janitor ] * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Update standards version to 4.5.1, no changes needed. [ Fabian Greffrath ] * Fix debian/watch file. * Add post-release patch from upstream to reject buffers of zero size. * Bump Standards-Version to 4.6.0. -- Fabian Greffrath <email address hidden> Thu, 21 Oct 2021 12:46:57 +0200
Available diffs
- diff from 2.10.0-1 to 2.10.0-2 (1.3 KiB)
faad2 (2.10.0-1) unstable; urgency=medium * New upstream version 2.10.0 * Bump Standards-Version to 4.5.0. * Drop "-Wl,--as-needed" linker flag. * Bump debhelper-compat to 13. * Add "usr/lib/${DEB_HOST_MULTIARCH}/*.la" to debian/not-installed. -- Fabian Greffrath <email address hidden> Tue, 20 Oct 2020 21:45:18 +0200
Available diffs
- diff from 2.9.2-1 to 2.10.0-1 (31.2 KiB)
faad2 (2.9.2-1) unstable; urgency=medium * New upstream version 2.9.2 * Install pkg-config file. * Rules-Requires-Root: no. -- Fabian Greffrath <email address hidden> Mon, 04 May 2020 22:05:34 +0200
Available diffs
- diff from 2.9.1-1 to 2.9.2-1 (4.5 KiB)
Published in stretch-release |
faad2 (2.8.0~cvs20161113-1+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2018-20357, CVE-2018-20359, CVE-2018-20197, CVE-2018-20194, CVE-2018-19503, CVE-2018-20361: multiple memory corruption vulnerabilities caused by insufficiently sanitized frequency band borders. * CVE-2018-20358, CVE-2018-20362, CVE-2018-19504, CVE-2018-20195, CVE-2018-20198: multiple memory corruption vulnerabilities caused by syntax element inconsistencies (implicit channel mapping reconfiguration). * CVE-2019-15296: buffer overflow in faad_resetbits. * CVE-2018-19502: heap based buffer overfow in excluded_channels (libfaad/syntax.c) (Closes: #914641). -- Hugo Lefeuvre <email address hidden> Fri, 06 Sep 2019 18:52:19 +0200
faad2 (2.9.1-1) unstable; urgency=medium [ Ondřej Nový ] * Bump Standards-Version to 4.4.1 [ Fabian Greffrath ] * New upstream version 2.9.1 -- Fabian Greffrath <email address hidden> Mon, 04 Nov 2019 16:52:15 +0100
Available diffs
- diff from 2.9.0-1 to 2.9.1-1 (1.1 KiB)
faad2 (2.9.0-1) unstable; urgency=medium [ Ondřej Nový ] * Use debhelper-compat instead of debian/compat [ Fabian Greffrath ] * Ack NMUs, thanks Hugo! * Upstream moved to GitHub, adapt packaging accordingly. * New upstream version 2.9.0. * Remove all patches, applied upstream. * Build reproducibly. * Finish debug symbols package migration. * Bump debhelper-compat to 12. * Bump Standards-Version to 4.4.0. * Add Build-Depends-Package line to the symbols file. -- Fabian Greffrath <email address hidden> Wed, 11 Sep 2019 20:28:04 +0200
Available diffs
- diff from 2.8.8-3.2 to 2.9.0-1 (506.9 KiB)
faad2 (2.8.8-3.2) unstable; urgency=high * Non-maintainer upload with maintainer's permission. * debian/patches/gcc-9.patch: Fix build with GCC-9 (thanks Gianfranco Costamagna for the patch) (Closes: #930363). -- Hugo Lefeuvre <email address hidden> Sat, 31 Aug 2019 09:11:54 -0400
Available diffs
faad2 (2.8.8-3.1) unstable; urgency=medium * Non-maintainer upload with maintainer's permission. * CVE-2019-6956: Buffer over read in the function ps_mix_phase() (libfaad/ps_dec.c) (Closes: #914641). * CVE-2018-20196: Stack buffer overflow in the function calculate_gain (libfaad/sbr_hfadj.c). * CVE-2018-20199, CVE-2018-20360: NULL pointer dereference in the function ifilter_bank (libfaad/filtbank.c). -- Hugo Lefeuvre <email address hidden> Tue, 27 Aug 2019 13:29:39 -0400
Available diffs
faad2 (2.8.8-3) unstable; urgency=high * Team upload. * debian/patches: Cherry-pick patch to fix buffer overflows from VLC. -- Sebastian Ramacher <email address hidden> Fri, 07 Jun 2019 20:07:34 +0200
Available diffs
- diff from 2.8.8-2 to 2.8.8-3 (1.1 KiB)
faad2 (2.8.8-2) unstable; urgency=medium [ Ondřej Nový ] * d/copyright: Change Format URL to correct one * d/control: Set Vcs-* to salsa.debian.org * d/changelog: Remove trailing whitespaces [ Felipe Sateler ] * Change maintainer address to <email address hidden> [ Ondřej Nový ] * d/watch: Use https protocol [ Fabian Greffrath ] * Backport two patches from upstream to fix CVE-2018-20194 and CVE-2018-20362, thanks Hugo Lefeuvre. -- Fabian Greffrath <email address hidden> Wed, 17 Apr 2019 11:50:29 +0200
Superseded in stretch-release |
faad2 (2.8.0~cvs20161113-1+deb9u1) stretch; urgency=high * Non-maintainer upload. * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257. Various issues were discovered in faad2, a fast audio decoder, that could cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (Closes: #889915) -- Markus Koschany <email address hidden> Tue, 01 May 2018 17:49:02 +0200
Published in jessie-release |
faad2 (2.7-8+deb8u1) jessie; urgency=high * Non-maintainer upload. * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257. Various issues were discovered in faad2, a fast audio decoder, that could cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (Closes: #889915) -- Markus Koschany <email address hidden> Tue, 01 May 2018 17:36:53 +0200
faad2 (2.8.8-1) unstable; urgency=medium * New upstream version 2.8.8 -- Fabian Greffrath <email address hidden> Mon, 18 Dec 2017 21:28:02 +0100
Available diffs
- diff from 2.8.6-1 to 2.8.8-1 (11.6 KiB)
faad2 (2.8.6-1) unstable; urgency=medium * New upstream version 2.8.6 -- Fabian Greffrath <email address hidden> Mon, 06 Nov 2017 17:05:46 +0100
Available diffs
- diff from 2.8.5-1 to 2.8.6-1 (3.2 KiB)
faad2 (2.8.5-1) unstable; urgency=medium * New upstream version 2.8.5 * Remove faad2_version.patch, upstream has changed the FAAD2_VERSION macro to read 'unknown'. * Refresh reproducible-build.patch. * Add the NeAACDecGetVersion@Base symbol to the libfaad2.symbols file, this function is supposed to be used to get the FAAD2 library version at runtime. * Update debian/copyright for recently added or removed source files. * Bump Standards-Version to 4.1.0. -- Fabian Greffrath <email address hidden> Sat, 30 Sep 2017 14:29:31 +0200
Available diffs
- diff from 2.8.1-2 to 2.8.5-1 (509.9 KiB)
faad2 (2.8.1-2) unstable; urgency=medium * Set the FAAD2_VERSION macro back to the version string, thanks Adrian Bunk (Closes: #868854). + In the next upstream release this macro will read "unknown version" and an API will be provided to retrieve the actual library version at run-time. -- Fabian Greffrath <email address hidden> Wed, 02 Aug 2017 20:46:57 +0200
Available diffs
- diff from 2.8.1-1 to 2.8.1-2 (700 bytes)
faad2 (2.8.1-1) unstable; urgency=medium * New upstream version 2.8.1. + Fixes multiple vulnerabilities: CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257 (Closes: #867724). * Update debian/watch file. * Refresh reproducible-build.patch. * Remove debian/README.source and debian/gbp.conf files, they do not apply anymore. * Bump Standards-Version to 4.0.0. * Bump debhelper compat to 10. * Fix vcs-field-uses-insecure-uri lintian warnings. * Enable all hardening flags. * Update debian/copyright, refer to MPL-1.1 in common-licenses. * Drop obsolete faad2-dbg package. -- Fabian Greffrath <email address hidden> Mon, 17 Jul 2017 22:25:26 +0200
Available diffs
- diff from 2.8.0~cvs20161113-1 to 2.8.1-1 (32.8 KiB)
faad2 (2.8.0~cvs20161113-1) unstable; urgency=medium * New upstream CVS snapshot. + Fixes implicit SBR detection via AudioSpecificConfig on systems with unsigned char (Closes: #843173). * Change Uploaders field to use my Debian account. -- Fabian Greffrath <email address hidden> Sun, 13 Nov 2016 17:45:15 +0100
Available diffs
faad2 (2.8.0~cvs20150510-1) unstable; urgency=medium * New upstream CVS snapshot. + Does not crash when given ADTS AAC file with large ID3v2 tag anymore, thanks Mike Crowe for the bug report and patch (Closes: #689712). + Does not crash with the Mayhem testcase anymore, thanks Alexandre Rebert for the bug report (Closes: #715882). * Add debian/README.source to document how the Debian source tarball was created and force xz compression in debian/gbp.conf. * Remove all patches that were either applied, solved differently or disapproved upstream: + autotools-compat.patch: Disapproved upstream. + noinst-mp4ff.patch: Applied upstream. + manpage.patch: Applied upstream. + incorrect_pointer_size.patch: Does not apply anymore. + bpa-stdin.patch: Applied upstream. + path_max.patch: Applied upstream. + fix_ftbfs_with_gcc4.5.patch: Disapproved upstream. + symbol-visibility.patch: Does not apply anymore. + libfaad-drm.patch: Applied upstream. * Ship upstream's own frontend and API documentation manpages. * Update Debian packaging copyright years. * Remove '__DATE__' CPP macro for reproducible builds. -- Fabian Greffrath <email address hidden> Mon, 11 May 2015 13:59:49 +0200
Available diffs
- diff from 2.7-9 to 2.8.0~cvs20150510-1 (348.4 KiB)
faad2 (2.7-9) unstable; urgency=medium * Build the DRM version of the library as well as the normal version, thanks Julian Cable for the idea and the patch! * Remove Andres Mejia from Uploaders (Closes: #743545). * Remove "DM-Upload-Allowed" field from debian/control. * Mark the faad2-dbg package as "Multi-Arch: same" and remove faad ("Multi-Arch: no") from its Dependencies. * Remove debian/source/local-options, they are default now. * Add faad.lintian-overrides for a spelling error that is used in the id3 specification. * Fix "vcs-field-not-canonical" lintian warning. * Fix "'visibility' attribute ignored on non-class types" compiler warnings introduced by our symbol versioning patch. * Fix most autotools warnings. * Bump "Standards-Version" to 3.9.6. * Run "wrap-and-sort -asb". * Add extensive API documentation in libfaad.3, courtesy of Julian Cable. -- Fabian Greffrath <email address hidden> Thu, 30 Apr 2015 18:04:42 +0200
Available diffs
- diff from 2.7-8 to 2.7-9 (7.0 KiB)
Superseded in stretch-release |
Superseded in jessie-release |
Published in wheezy-release |
Superseded in sid-release |
faad2 (2.7-8) unstable; urgency=low [ Fabian Greffrath ] * debian/patches/path_max.patch: + Dynamically allocate file name buffers, instead of relying on PATH_MAX. * Set appropriate symbol visibility attributes. * Rebuild autofoo with dh-autoreconf. * Add debian/libfaad2.symbols file. * Multi-Archify. * Remove redundant license blurb from debian/copyright. * libmp4ff ist not packaged, so do not install it either. * Simplify debian/*.install accordingly. [ Andres Mejia ] * Make dev package multiarch installable. * Bump to Standards-Version 3.9.3. -- Andres Mejia <email address hidden> Sun, 18 Mar 2012 09:07:55 -0400
Available diffs
- diff from 2.7-7 to 2.7-8 (3.5 KiB)
faad2 (2.7-7) unstable; urgency=low [ Andres Mejia ] * Update to my @debian.org email. * Update gbp.conf. [ Reinhard Tartler ] * Update Vcs-Browser field * bump standards version (no changes needed) [ Fabian Greffrath ] * Convert to 3.0 (quilt) source format. * Re-enable two patches that got lost in the 2.7-6 upload: - debian/patches/bpa-stdin.patch + Apply SqueezeCenter patches from FreeBSD that enable streaming with BBCiPlayer and ezstream (LP: #470562). - debian/patches/path_max.patch + Extend file name buffers for longer path names (LP: #475050). * Merge patch from 2.7-6ubuntu1: - debian/patches/fix_ftbfs_with_gcc4.5.patch + Correctly declare lrintf in libfaad/common.h to avoid a conflict of declaration in mathcalls.h to fix FTBFS on i386 * Improve debian/copyright. -- Fabian Greffrath <email address hidden> Wed, 03 Aug 2011 14:19:49 +0200
faad2 (2.7-6) unstable; urgency=high [ Alessio Treglia ] * Fix segmentation fault in faad due to an incorrect pointer size (Closes: #603807, LP: #665802). * Add gbp config file. [ Andres Mejia ] * Revert changes in 2.7-5. Upload of 2.7-5 was unintentionally done. * Refresh patches. -- Andres Mejia <email address hidden> Mon, 22 Nov 2010 19:17:36 -0500
faad2 (2.7-5) unstable; urgency=low * Update my e-mail address. * Apply SqueezeCenter patches from FreeBSD that enable streaming with BBCiPlayer and ezstream (LP: #470562). * Extend file name buffers for longer path names (LP: #475050). -- Fabian Greffrath <email address hidden> Mon, 16 Aug 2010 16:43:14 +0200
faad2 (2.7-4) unstable; urgency=low * debian/control: Do not build the shared libmp4ff library packages anymore (Closes: #550679). * Removed debian/patches/force-include-stdint_h.patch. * Removed debian/patches/libmp4ff-shared-lib.patch. * Removed debian/patches/70_automake-1.9.patch. * Added debian/README.source. * Bumped Standards-Version to 3.8.3. * Raised Build-Depends to debhelper (>= 7.0.50~), thanks lintian. * Removed debian/libmp4ff-dev.install and debian/libmp4ff0.install. * Removed libmp4ff0 from Depends for faad2-dbg. -- Fabian Greffrath <email address hidden> Mon, 26 Oct 2009 12:04:41 +0100
faad2 (2.7-2) unstable; urgency=low * upload to unstable. -- Reinhard Tartler <email address hidden> Wed, 16 Sep 2009 21:07:45 +0200
Deleted in experimental-release (Reason: None provided.) |
faad2 (2.7-1) experimental; urgency=low [ Andres Mejia ] * New upstream release. (Closes: #515072) * Verified all patches are either applied upstream, or a different implementation is used. + (Closes: #505901) + (Closes: #503657) * Switch to quilt. * Add -DPIC for CFLAGS. * Don't include dpatch.make in debian/rules. * Update watch file to default DEHS would use. * Bump to using debhelper 7. * Use quilt (>= 0.46-7). * Update control file. * Add DM-Upload-Allowed: yes field. * Don't include dummy package anymore. * Add in description for libfaad2 that it contains shared library. * Move libfaad-dev to the front to be 'default' package debhelper acts on. * Add ${misc:Depends} for all packages. Remove libc dev packages from Depends. * Add debug packages. (Closes: #516680) * Rewrite debian/rules to use new debhelper and quilt. * Rename <package>.files to <package>.install. Be more specific what to include in libfaad-dev. Also include .install files for other packages. * Add libmp4ff-dev package. * Don't include version for rename of libfaad package. Place all debug symbols for binary packages in faad2-dbg. * Modify description for libmp4ff-dev. * Update address to FSF in debian/copyright. * Fix hyphen in manpage. Fixes lintian warning as well. * Patch faad2 to create a shared lib for libmp4ff. (Closes: #485373) * Allow to pass in more CFLAGS via DEB_CFLAGS. * Add in DRM (Digital Radio Mondiale) support. * Add Build-Depends of automake, autoconf, and autotools-dev. [ Fabian Greffrath ] * Add myself to Uploaders. * Clean up Build-Depends: libid3-dev was only needed for the obsolete XMMS plugin, autotools stuff shouldn't be needed at all. * Untagle library file names in the install rules. * Revert overriding of CFLAGS, dpkg-buildpackage will choose appripriate settings. Revert running the entire autoreconf sequence before calling ./configure. Build without DRM support, it has proven to break base functionality. * Clean up watch file. * Make faad2-dbg and libmp4ff-dev depend on libmp4ff0. * Improve short description for the libmp4ff\* packages. * debian/patches/70_automake-1.9.patch: New patch, run automake-1.9 to regenerate Makefile.in with the changes introduced by debian/patches/libmp4ff-shared-lib.patch. * Do not ship .la files in the development packages. * Add reasonable defaults to CFLAGS/CXXFLAGS. -- Fabian Greffrath <email address hidden> Wed, 03 Jun 2009 11:02:00 +0200
faad2 (2.6.1-3.1) unstable; urgency=high * Non-maintainer upload by the security team * Include upstream patch to fix heap overflow in the frontend code (Closes: #499899) -- Steffen Joeris <email address hidden> Fri, 26 Sep 2008 12:02:35 +0000
1 → 32 of 32 results | First • Previous • Next • Last |