From v1.0.3 release notes (see $URL): - fixes for compiler build problems - security fixes, mainly checking for corrupted input streams
I bumped the package via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed670c23c665f341bdd8bfd39f7c13a71ee59a81 but let's wait a few days due to EAPI=7 rewrite.
Adding arches. Besides the added security, this is considerably less broken than 1.0.2 ebuild.
x86 stable
amd64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c54a3c5bd7945246640be1e6e34a2b72d857b097 commit c54a3c5bd7945246640be1e6e34a2b72d857b097 Author: Mikle Kolyada <zlogene@gentoo.org> AuthorDate: 2018-09-21 08:50:15 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2018-09-21 08:50:15 +0000 media-libs/libde265: Security cleanup Bug: https://bugs.gentoo.org/665520 Package-Manager: Portage-2.3.49, Repoman-2.3.10 media-libs/libde265/Manifest | 1 - .../libde265/files/libde265-1.0.2-qtbindir.patch | 47 -------------------- media-libs/libde265/libde265-1.0.2.ebuild | 50 ---------------------- 3 files changed, 98 deletions(-)
(In reply to Agostino Sarubbo from comment #4) > amd64 stable. /var/tmp/portage/media-libs/libde265-1.0.3/temp/build.log : * Applying libde265-1.0.2-qtbindir.patch ... /var/tmp/portage/media-libs/libde265-1.0.3/temp/environment: line 653: /var/tmp/portage/media-libs/libde265-1.0.3/files/libde265-1.0.2-qtbindir.patch: No such file or directory [ !! ]
Security cleanup removed that file. I'll revert, thanks.
Fixed via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=988c55a52db80f00f6f58bb4cbb4594296be6f22. New cleanup via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e6cb9db74c48475b328501d1cdf4560b2c3e696 New GLSA request filed.
This issue was resolved and addressed in GLSA 201811-06 at https://security.gentoo.org/glsa/201811-06 by GLSA coordinator Thomas Deutschmann (whissi).
