Ubuntu
flac123 package

[Sync request] Sync flac123 (0.0.11-1) from Debian unstable (main)

Bug #127166 reported by Michael Bienia on 2007-07-20

Affects		Status	Importance	Assigned to	Milestone
	flac123 (Ubuntu)	Fix Released	Wishlist	Unassigned

Bug Description

Binary package hint: flac123

Please sync flac123 (0.0.11-1) from Debian unstable (main).

The current package has no Ubuntu changes.

Thanks.

Changelog:

flac123 (0.0.11-1) unstable; urgency=low

  * QA upload.
  * New upstream release
    + fixes buffer overflow in vorbis comment parsing (CVE-2007-3507),
      closes: #432008.
    + patch flac-1.1.13 dropped.
  * Updated debian/copyright.

-- Julien Cristau <email address hidden> Fri, 20 Jul 2007 14:53:07 +0200

CVE References

2007-3507

Michael Bienia (geser) on 2007-07-20

Changed in flac123:
importance:	Undecided → Low
status:	New → Confirmed

Revision history for this message

Sebastien Bacher (seb128) wrote on 2007-07-24:

[Updating] flac123 (0.0.9-5 [Ubuntu] < 0.0.11-2 [Debian])
* Trying to add flac123...
  - <flac123_0.0.11-2.diff.gz: downloading from http://ftp.us.debian.org/debian/>
  - <flac123_0.0.11.orig.tar.gz: downloading from http://ftp.us.debian.org/debian/>
  - <flac123_0.0.11-2.dsc: downloading from http://ftp.us.debian.org/debian/>
I: flac123 [universe] -> flac123_0.0.9-5 [universe].

Changed in flac123:
importance:	Low → Wishlist
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuflac123 package