[Bug 1406634] Re: Sync flac 1.3.1-1 (main) from Debian experimental (main)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jan 6 15:42:17 UTC 2015 

This bug was fixed in the package flac - 1.3.1-1
Sponsored for Jackson Doak (noskcaj)

---------------
flac (1.3.1-1) experimental; urgency=medium

  [ Jackson Doak ]
  * Disable silent rules
  * Enable hardening
  * Add symbols files

  [ Fabian Greffrath ]
  * Adapt debian/watch file to reflect actual upstream versioning scheme.
  * Imported Upstream version 1.3.1
    + Fixes CVE-2014-8962 and CVE-2014-9028 (Closes: #770918).
    + Support for 3DNOW! optimizations has been removed.
    + Localized RU documentation has been removed.
  * Drop patches applied upstream.
  * Backport patch from upstream GIT to fix another input validation bug.
  * Fix "privacy-breach-logo" and "privacy-breach-w3c-valid-html"
    lintian errors.
  * In debian/rules, remove the "override_dh_makeshlibs" rule
    for the symbols files to have effect.
  * Update, improve and convert debian/copyright to machine-readable format.
  * Bump Standards-Version to 3.9.6.

 -- Fabian Greffrath <fabian+debian at greffrath.com>  Mon, 01 Dec 2014
18:32:57 +0100

** Changed in: flac (Ubuntu)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8962

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9028

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1406634

Title:
  Sync flac 1.3.1-1 (main) from Debian experimental (main)

Status in flac package in Ubuntu:
  Fix Released

Bug description:
  Please sync flac 1.3.1-1 (main) from Debian experimental (main)

  Changelog entries since current vivid version 1.3.0-3:

  flac (1.3.1-1) experimental; urgency=medium

    [ Jackson Doak ]
    * Disable silent rules
    * Enable hardening
    * Add symbols files

    [ Fabian Greffrath ]
    * Adapt debian/watch file to reflect actual upstream versioning scheme.
    * Imported Upstream version 1.3.1
      + Fixes CVE-2014-8962 and CVE-2014-9028 (Closes: #770918).
      + Support for 3DNOW! optimizations has been removed.
      + Localized RU documentation has been removed.
    * Drop patches applied upstream.
    * Backport patch from upstream GIT to fix another input validation bug.
    * Fix "privacy-breach-logo" and "privacy-breach-w3c-valid-html"
      lintian errors.
    * In debian/rules, remove the "override_dh_makeshlibs" rule
      for the symbols files to have effect.
    * Update, improve and convert debian/copyright to machine-readable format.
    * Bump Standards-Version to 3.9.6.

   -- Fabian Greffrath <fabian+debian at greffrath.com>  Mon, 01 Dec 2014
  18:32:57 +0100

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flac/+bug/1406634/+subscriptions

More information about the Ubuntu-sponsors mailing list