[MIR] lame
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lame (Ubuntu) |
Fix Released
|
Undecided
|
Adam Conrad |
Bug Description
Availability
============
Built for all supported architectures. In sync with Debian.
Rationale
=========
For the 1.14 series, GStreamer upstream moved MP3 encoding and decoding into gst-plugins-good. These are installed by default, and so now we can have MP3 support in the default install. The desktop team would like this feature.
For that, it uses some libraries and we'll need to put them in main.
Security
========
There are some CVEs in the history of the project.
https:/
https:/
The Ubuntu CVE page lists some 'needed' ones but from looking at those ones in Debian they are duplicates and should be fixed already.
Quality assurance
=================
Desktop team is subscribed.
Bugs
----
https:/
https:/
I think they are reasonably calm given that this is a well known project.
Dependencies
============
We need libmp3lame0 in main, and this depends on libc6 only.
Standards compliance
=======
4.1.1 and dh minimal style rules.
Maintenance
===========
Desktop team will maintain. In Debian this is maintained by the multimedia team, which is active. We don't envisage the package diverging from Debian.
CVE References
Changed in lame (Ubuntu): | |
assignee: | nobody → Ubuntu Security Team (ubuntu-security) |
This package has a long security history, and a currently left-open CVE because the upload of 3.100 did not include closing the active CVE.
If there's a go-ahead from the Security Team (I'm not looking for a code review, just an acknowledgement that they are aware of the requirement for this package, and are fine with its current general state); then I see no issues with this MIR.