Debian Package Tracker
Register | Log in
Subscribe

libde265

Choose email to subscribe with

general
  • source: libde265 (main)
  • version: 1.0.16-1
  • maintainer: Debian Multimedia Maintainers (archive) (DMD)
  • uploaders: Joachim Bauch [DMD] – Alessio Treglia [DMD]
  • arch: any
  • std-ver: 4.7.2
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.0.3-1
  • o-o-sec: 1.0.11-0+deb10u6
  • oldstable: 1.0.11-0+deb11u3
  • old-sec: 1.0.11-0+deb11u1
  • stable: 1.0.11-1+deb12u2
  • testing: 1.0.15-1
  • unstable: 1.0.16-1
versioned links
  • 1.0.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.11-0+deb10u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.11-0+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.11-0+deb11u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.11-1+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.15-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.16-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libde265-0
  • libde265-dev (1 bugs: 0, 0, 1, 0)
  • libde265-examples
action needed
lintian reports 3 errors and 2 warnings high
Lintian reports 3 errors and 2 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2025-05-13 Last update: 2025-05-13 20:32
2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:
  • CVE-2024-38949: Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
  • CVE-2024-38950: Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
Created: 2024-06-27 Last update: 2025-05-13 10:29
3 security issues in buster high

There are 3 open security issues in buster.

2 important issues:
  • CVE-2024-38949: Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
  • CVE-2024-38950: Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
1 issue postponed or untriaged:
  • CVE-2023-51792: (postponed; to be fixed through a stable update) Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.
Created: 2024-06-27 Last update: 2024-06-28 15:00
debian/patches: 5 patches to forward upstream low

Among the 6 debian patches available in version 1.0.16-1 of the package, we noticed the following issues:

  • 5 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-02-26 Last update: 2025-05-13 17:33
3 low-priority security issues in bookworm low

There are 3 open security issues in bookworm.

3 issues left for the package maintainer to handle:
  • CVE-2023-51792: (needs triaging) Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.
  • CVE-2024-38949: (postponed; to be fixed through a stable update) Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
  • CVE-2024-38950: (postponed; to be fixed through a stable update) Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-04-23 Last update: 2025-05-13 10:29
testing migrations
  • excuses:
    • Migration status for libde265 (1.0.15-1 to 1.0.16-1): BLOCKED: Needs an approval (either due to a freeze, the source suite or a manual hint)
    • Issues preventing migration:
    • ∙ ∙ blocked by freeze: is a key package (Follow the freeze policy when applying for an unblock)
    • ∙ ∙ Too young, only 12 of 20 days old
    • Additional info:
    • ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/libd/libde265.html
    • ∙ ∙ autopkgtest for libde265/1.0.16-1: amd64: Pass, arm64: Pass, armel: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, riscv64: Pass, s390x: Pass
    • ∙ ∙ Reproducible on amd64 - info ♻
    • ∙ ∙ Reproducible on arm64 - info ♻
    • ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
    • ∙ ∙ Reproducible on i386 - info ♻
    • Not considered
news
[rss feed]
  • [2025-05-13] Accepted libde265 1.0.16-1 (source) into unstable (Joachim Bauch)
  • [2024-02-02] Accepted libde265 1.0.11-0+deb11u3 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
  • [2024-02-02] Accepted libde265 1.0.11-1+deb12u2 (source) into proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
  • [2023-12-30] Accepted libde265 1.0.11-0+deb11u2 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
  • [2023-12-30] Accepted libde265 1.0.11-0+deb10u6 (source) into oldoldstable (Thorsten Alteholz)
  • [2023-12-29] libde265 1.0.15-1 MIGRATED to testing (Debian testing watch)
  • [2023-12-27] Accepted libde265 1.0.15-1 (source) into unstable (Joachim Bauch) (signed by: Aron Xu)
  • [2023-12-03] Accepted libde265 1.0.11-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Thorsten Alteholz)
  • [2023-11-30] Accepted libde265 1.0.11-0+deb10u5 (source) into oldoldstable (Anton Gladky)
  • [2023-11-24] libde265 1.0.13-1 MIGRATED to testing (Debian testing watch)
  • [2023-11-21] Accepted libde265 1.0.13-1 (source) into unstable (Joachim Bauch) (signed by: Thorsten Alteholz)
  • [2023-09-21] libde265 1.0.12-2 MIGRATED to testing (Debian testing watch)
  • [2023-09-19] Accepted libde265 1.0.12-2 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
  • [2023-06-25] libde265 1.0.12-1 MIGRATED to testing (Debian testing watch)
  • [2023-06-25] libde265 1.0.12-1 MIGRATED to testing (Debian testing watch)
  • [2023-06-25] libde265 1.0.12-1 MIGRATED to testing (Debian testing watch)
  • [2023-06-20] Accepted libde265 1.0.12-1 (source) into unstable (Joachim Bauch) (signed by: Tobias Frost)
  • [2023-03-04] Accepted libde265 1.0.11-0+deb10u4 (source) into oldstable (Tobias Frost)
  • [2023-02-12] Accepted libde265 1.0.11-0+deb11u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Tobias Frost)
  • [2023-02-10] Accepted libde265 1.0.11-0+deb11u1 (source) into stable-security (Debian FTP Masters) (signed by: Tobias Frost)
  • [2023-02-08] libde265 1.0.11-1 MIGRATED to testing (Debian testing watch)
  • [2023-02-02] Accepted libde265 1.0.11-1 (source) into unstable (Joachim Bauch) (signed by: Tobias Frost)
  • [2023-01-27] libde265 1.0.9-1.1 MIGRATED to testing (Debian testing watch)
  • [2023-01-27] libde265 1.0.9-1.1 MIGRATED to testing (Debian testing watch)
  • [2023-01-24] Accepted libde265 1.0.3-1+deb10u3 (source) into oldstable (Tobias Frost)
  • [2023-01-24] Accepted libde265 1.0.3-1+deb10u2 (source amd64) into oldstable (Tobias Frost)
  • [2023-01-22] Accepted libde265 1.0.9-1.1 (source) into unstable (Tobias Frost)
  • [2022-12-15] Accepted libde265 1.0.3-1+deb10u1 (source) into oldstable (Tobias Frost)
  • [2022-10-31] libde265 1.0.9-1 MIGRATED to testing (Debian testing watch)
  • [2022-10-31] libde265 1.0.9-1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 2
  • RC: 0
  • I&N: 1
  • M&W: 1
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (3, 2)
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.0.16-1
  • 1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing