Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libsndfile 1.2.2-2 (source) into unstable
Date: Sat, 14 Dec 2024 13:19:23 +0000
Signed by: Fabian Greffrath <fabian@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 14 Dec 2024 13:50:37 +0100
Source: libsndfile
Architecture: source
Version: 1.2.2-2
Distribution: unstable
Urgency: high
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Fabian Greffrath <fabian@debian.org>
Closes: 1051891 1076516 1088692
Changes:
 libsndfile (1.2.2-2) unstable; urgency=high
 .
   [ Fabian Toepfer ]
   * SECURITY UPDATE: integer overflow vulnerability (Closes: #1051891)
     - debian/patches/CVE-2022-33065/CVE-2022-33065-*.patch: fix various
       numeric overflow vulnerabilities.
     - CVE-2022-33065
 .
   [ Fabian Greffrath ]
   * Add myself to Uploaders and Debian packaging copyright holders
   * Update the Homepage field
   * Apply patch from upstream to improve error checking for Vorbis
     (Closes: #1088692) CVE-2024-50612
   * Fix Build dependency loop between libsndfile and lame
     (Closes: #1076516) Thanks Samuel Thibault for the patch
   * Upload with urgency=high for the security fixes
Checksums-Sha1:
 ff1ac472e29afab50608235da1d8ffcd106ad9c7 2481 libsndfile_1.2.2-2.dsc
 aad73652fc4e5fcafc5cf13f21334e6bd658cd29 29148 libsndfile_1.2.2-2.debian.tar.xz
 dc8aaa56b8ccbb3f232f1132f8eccd1b1bde5ff0 9048 libsndfile_1.2.2-2_amd64.buildinfo
Checksums-Sha256:
 00042f9d7e85c3dbf22828141bc181b55ba719ad3550671ed7da9786fdfdd810 2481 libsndfile_1.2.2-2.dsc
 03801793ef488c9bc8579e47600386b4be0e6ac4b85c726e90dcb0ce2338729c 29148 libsndfile_1.2.2-2.debian.tar.xz
 60cac2d844a98818a2e7e70331ce8c04840cffb7652b0096b2aed44cac9122a0 9048 libsndfile_1.2.2-2_amd64.buildinfo
Files:
 6bf2f884dec3b7ff9011b3c82504b5f2 2481 devel optional libsndfile_1.2.2-2.dsc
 916169f09feeb9259753fde1b7ed7900 29148 devel optional libsndfile_1.2.2-2.debian.tar.xz
 8a3ae25a9360b9c756c867397ec3fc09 9048 devel optional libsndfile_1.2.2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCAAwFiEEIsF2SKlSa4TfGRyWy+qOlwzNWd8FAmddf58SHGZhYmlhbkBk
ZWJpYW4ub3JnAAoJEMvqjpcMzVnfKBkQAN2GQSMKHv8yje0OcWcDKvbWwYyfy047
AJ+pYsc2L3LhUj6drZBaaGDfRz3k3HWE0ZdokpM+ywUCz9s0dWFowEsoePpBczQe
Rd/VwW21q+H9lhsX/v0JojCHuCfLkodt/34T2VJnRV24PA0rAz5uD+Hqnb9Q/O4p
yEjZJnbQRZwbOQaxfLthDFWvUOeICMdwrXx/CP5WoooWVyBZDsH5YmnIhgyQ4kkJ
cxqXVPv0gN9EqXxYnpte19bfAySaLpGBR0GQ630QIeUHCgP2S2SbdCP2AFR7+ota
LpuUkG/O2/gekQ/uC9QFcWO/uHrl3p60nti8fMoS0tHIWs7H5SLGMLj36o7Zwxok
a7azADdV2zH0HHaB9OPRh9Qhg21Iz5K5rGfNvzEcrcgJOb2sS+Bv66v+ttMr8inp
A1q0y1fwI3fuXayUDnf6sZkuCzlVzXEKnDvK1V61fJmAffXzN5HLob69iEj31M9q
dRteoGOfWNdFDaUVH4ftyCqCMMBURfByRx9ROTck9vs4VJDhvsFEUttrMzW4hfrt
+7nth5dsvYOsJoPTInE9Ku2WbCmfzU4YGjOb/Cy4HW6YGVCi7Rf/gOKqYqcFh01K
RdsDFl9yrvt2NZSxIf3cDxl9sI8z2yJQVO6HUISQrIJ1l0nxYoPvH3Wdohm76g8h
e2T3eH/GPr10
=oAOu
-----END PGP SIGNATURE-----

News for package libsndfile