Summary: | <media-libs/faad2-2.9.0: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sound |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
media-libs/faad2-2.9.0
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
![]() Please bump to >=2.9.0 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=28ed452f4ad9a6a5ee8a1edd31bf8d68834a7b06 commit 28ed452f4ad9a6a5ee8a1edd31bf8d68834a7b06 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-10-26 20:13:36 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-10-26 20:14:06 +0000 media-libs/faad2: bump to v2.9.0 Bug: https://bugs.gentoo.org/695540 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> media-libs/faad2/Manifest | 1 + media-libs/faad2/faad2-2.9.0.ebuild | 55 +++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) x86 stable amd64 stable arm stable hppa and sparc stable arm64 stable ppc64 stable ppc stable ia64 stable https://github.com/knik0/faad2/commit/466b01d504d7e45f1e9169ac90b3e34ab94aed14 in 2.9.0 has broken XMMS2. Just thought you should know. (In reply to James Le Cuirot from comment #11) > https://github.com/knik0/faad2/commit/ > 466b01d504d7e45f1e9169ac90b3e34ab94aed14 in 2.9.0 has broken XMMS2. Just > thought you should know. Sound team need to deal with this given it's been stabilised. Maybe file a new bug? --- @maintainer(s), please cleanup. Resetting sanity check; keywords are not fully specified and arches are not CC-ed. (In reply to Sam James (sec padawan) from comment #12) > (In reply to James Le Cuirot from comment #11) > > https://github.com/knik0/faad2/commit/ > > 466b01d504d7e45f1e9169ac90b3e34ab94aed14 in 2.9.0 has broken XMMS2. Just > > thought you should know. > > Sound team need to deal with this given it's been stabilised. Maybe file a > new bug? I've pushed a patch. Maintainer(s), it has been 30 days + since request for cleanup. Please drop the vulnerable version(s). New GLSA Request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88469679c770b8742a3649e971fc5522442216c1 commit 88469679c770b8742a3649e971fc5522442216c1 Author: James Le Cuirot <chewi@gentoo.org> AuthorDate: 2020-05-23 10:16:40 +0000 Commit: James Le Cuirot <chewi@gentoo.org> CommitDate: 2020-05-23 10:16:40 +0000 media-libs/faad2: Drop old and vulnerable 2.8.8 Bug: https://bugs.gentoo.org/695540 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: James Le Cuirot <chewi@gentoo.org> media-libs/faad2/Manifest | 1 - media-libs/faad2/faad2-2.8.8.ebuild | 53 ---------------------- .../files/faad2-2.8.5-libmp4ff-shared-lib.patch | 15 ------ 3 files changed, 69 deletions(-) This issue was resolved and addressed in GLSA 202006-17 at https://security.gentoo.org/glsa/202006-17 by GLSA coordinator Aaron Bauman (b-man). |