[ubuntu/eoan-proposed] faad2 2.8.8-3.1ubuntu1 (Accepted)

[Gianfranco Costamagna]

faad2 (2.8.8-3.1ubuntu1) eoan; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - fix build with gcc-9 (Closes: #930363)
      - patch is now upstream

faad2 (2.8.8-3.1) unstable; urgency=medium

  * Non-maintainer upload with maintainer's permission.
  * CVE-2019-6956: Buffer over read in the function ps_mix_phase()
    (libfaad/ps_dec.c) (Closes: #914641).
  * CVE-2018-20196: Stack buffer overflow in the function calculate_gain
    (libfaad/sbr_hfadj.c).
  * CVE-2018-20199, CVE-2018-20360: NULL pointer dereference in the function
    ifilter_bank (libfaad/filtbank.c).

Date: Thu, 29 Aug 2019 07:30:44 +0200
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Debian Multimedia Maintainers <debian-multimedia at lists.debian.org>
https://launchpad.net/ubuntu/+source/faad2/2.8.8-3.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 29 Aug 2019 07:30:44 +0200
Source: faad2
Binary: faad libfaad-dev libfaad2
Architecture: source
Version: 2.8.8-3.1ubuntu1
Distribution: eoan
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia at lists.debian.org>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Description:
 faad       - freeware Advanced Audio Decoder player
 libfaad-dev - freeware Advanced Audio Decoder - development files
 libfaad2   - freeware Advanced Audio Decoder - runtime files
Closes: 914641 930363
Changes:
 faad2 (2.8.8-3.1ubuntu1) eoan; urgency=low
 .
   * Merge from Debian unstable.  Remaining changes:
     - fix build with gcc-9 (Closes: #930363)
       - patch is now upstream
 .
 faad2 (2.8.8-3.1) unstable; urgency=medium
 .
   * Non-maintainer upload with maintainer's permission.
   * CVE-2019-6956: Buffer over read in the function ps_mix_phase()
     (libfaad/ps_dec.c) (Closes: #914641).
   * CVE-2018-20196: Stack buffer overflow in the function calculate_gain
     (libfaad/sbr_hfadj.c).
   * CVE-2018-20199, CVE-2018-20360: NULL pointer dereference in the function
     ifilter_bank (libfaad/filtbank.c).
Checksums-Sha1:
 e6fdec3132f5a77550378f5b47ff60b088099f68 2106 faad2_2.8.8-3.1ubuntu1.dsc
 ceeeff58e6497bf0894a75b335fc7b563552cc13 12088 faad2_2.8.8-3.1ubuntu1.debian.tar.xz
 648faea15ff37b8453084c142de690c98fca4f9b 6998 faad2_2.8.8-3.1ubuntu1_source.buildinfo
Checksums-Sha256:
 35dd483763711e327e67a7c34bf32c2ae3674d7394bfd85d835892ab29ae304a 2106 faad2_2.8.8-3.1ubuntu1.dsc
 2fd7168eab18c0ffcca820bb24abc04fbf8c72e8d358f29346ba71c9dd0d34bf 12088 faad2_2.8.8-3.1ubuntu1.debian.tar.xz
 ec08f84fe0e7daf3f53e7f25fa189578bc97b367073ecb73944a1629ca1a15e0 6998 faad2_2.8.8-3.1ubuntu1_source.buildinfo
Files:
 a179da8e8d828e80696d930846f2dc74 2106 libs optional faad2_2.8.8-3.1ubuntu1.dsc
 dad515a390ffee741333ae4c0c277479 12088 libs optional faad2_2.8.8-3.1ubuntu1.debian.tar.xz
 c2ad3cdea67b36cb33e4f92f3569e6e8 6998 libs optional faad2_2.8.8-3.1ubuntu1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAl1nYyUACgkQ808JdE6f
XdkvMg//bd2AI1q3f15wTo3OcHS+wJ3P79Z4cFlIhceN4Ca73RV7ppomAb0+fvYe
F6j+PK9gv65fB4v31ziIto4gwwljct4Bjs4FDjLmTxmmr9ZtcanjJvaZzJmsQktO
HmOS2Jrj8hKQ5DJ3yGVuxeFUYxdRCe1jddjHtpYYQiH7kXYYoydvpDziMKLk1YJu
n5RcEzmHi+x1jLdHudqaQCgAlKnGUuuzeOThxMX4D+96wXSm/U7wpEuN9eIBZc4M
WD//nBdWeeOe7PMnlDVC/h89QM5RTHyPtgQSJBnn2Jen992fulEuUYidhsdhJrej
wvMopHSirx7qS9DhLsX+AcTxgkyr918Ina/1z1uVm6R5pe9gmEDVTQLNywIXAeNO
cHkYdyagwgeVKfIWYVo0lN6iYQ832Xrfe+n/hv9Ex0TgrD5b1WAIUAdv65s6gagn
O5Z5Ogs7fEilAPDNtMtNv7cY/xbIdQbn1tDo2hgz6BbnYNq1IOB7S2P8mhmP7rII
FYi1OLMnYSbuHbMpTwTf8KeVaoWFiyvacjW/THrYpq3I4gwlVGswutcTNXTW1q/u
gWAqSJJ+pH1lyXpwtWUcP7Jyg9fuFJaDFNn98A0rtMv0PdSREVwRmCSmaPFW6ljS
FRCEaM7xf4+oc9EiafxWTvWzJ82JHk8txilqCmdU7pcZFswcWzQ=
=F/v3
-----END PGP SIGNATURE-----