Debian Package Tracker

From: Simon McVittie <smcv@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted mp3gain 1.5.2-r2-6 (source amd64)
Date: Wed, 19 Mar 2014 10:20:15 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 19 Mar 2014 09:24:09 +0000
Source: mp3gain
Binary: mp3gain
Architecture: source amd64
Version: 1.5.2-r2-6
Distribution: unstable
Urgency: high
Maintainer: Fabrizio Regalli <fabreg@fabreg.it>
Changed-By: Simon McVittie <smcv@debian.org>
Description: 
 mp3gain    - Lossless mp3 normalizer with statistical analysis
Closes: 740268
Changes: 
 mp3gain (1.5.2-r2-6) unstable; urgency=high
 .
   * Add various patches from Daniel Kobras' mpg123 packaging to fix
     buffer overflows in the embedded copy/fork of mpglib
     - CVE-2003-0577 (originally #201698 in mpg123)
     - CVE-2004-0805 (originally #270542 in mpg123)
     - CVE-2004-0991
     - CVE-2006-1655 (originally #361863 in mpg123)
     (Closes: #740268, hopefully)
   * debian/patches/*.diff: adjust so gbp-pq can import all of them
   * debian/patches/*.diff: update Sourceforge bug URLs to new layout
     (but keep the old versions for posterity)
Checksums-Sha1: 
 d716fa773cf5dc110d774f58abe2598830dec1cc 1869 mp3gain_1.5.2-r2-6.dsc
 25a8fc372ae43f1dc64ccf7f883afad0157ab96f 16696 mp3gain_1.5.2-r2-6.debian.tar.xz
 ef54e54c762c5b03735688a4eefba8eb6a56f89d 100602 mp3gain_1.5.2-r2-6_amd64.deb
Checksums-Sha256: 
 bdd3862534113fb57b7c3b14928b5f3272759404b97ea3c726ff15a4bacab6e8 1869 mp3gain_1.5.2-r2-6.dsc
 f14572f7c37c663ea18d7e62aeb26f7a43ec3bb7a759cc138cc2018a1f4e6b7e 16696 mp3gain_1.5.2-r2-6.debian.tar.xz
 9a8a8a8872da70f5000ea24ce431573f1b44d6fdd8936ef278e9c275cbc5b94f 100602 mp3gain_1.5.2-r2-6_amd64.deb
Files: 
 8cebcd68f5077506f722b188ff3ef01e 1869 sound optional mp3gain_1.5.2-r2-6.dsc
 fae320a3b8a7adc95065350170c297ff 16696 sound optional mp3gain_1.5.2-r2-6.debian.tar.xz
 ebb4d4dfb47a8f1116af9f2c68a52576 100602 sound optional mp3gain_1.5.2-r2-6_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIVAwUBUylr5k3o/ypjx8yQAQjIfRAAixCM8TjQer3KqXR8G1rSfyHnj5+u0d8K
uMPf/T9QTrWm2R2sxaE/Hg4398XylSC1K7vSlUQedsvIPtOCkzV7swUkzHJE8QlZ
nydiWQ0S7CU+aVMBfXxtrS9pxu2kdXns60+ewxE4O6vx0Z0nrWM5zK7diKriZJzQ
Dy+++Op1QyNSRzwLgLoJgut4FTfW6+K0MQ+DcnuCFs932EighA5ZGB4YPis3ra4Y
fkZdQlcrFtiyqB8H9iINoN2qGKuC1GZBdBZ+P1tka7XXWdyu0BZrn8ddM4b8wFCc
+zvgCqP3eVRO+ImpOz6EUEbCE48bAJKVK1GGWHo3xDzadeUwq0vyEA4Q5nWld5Tf
Tg+iiVIwz+Qnr7Mub5zNmqxrIn9lfMBLDIdPuLfMA1c9iBvlgghx2LSzQ6RN9cmu
2BYW64bPKXmqro1PUrqZcv4p7NQ3Nhzj4unsS068eBzpmTN+NSStQni17vcJq1HT
cInaM0NnZ2j9QfCHYU9mrr9jSFxUuy6gKjSRPqi9ephhiPVdYlOIham3W7Z3rW7M
nGgnQZ9mSXtCWW0a9FSWw0eP8ONvAzXzz7XeZo7Phez2WFzFvGxnH//E4CsBpeQw
gneLLaMIg2Xj49V3WBNujzl1X6hwp3PDTTphVwZDxG2ekXrN1L7Q1bs4hSkuwLjD
UKrX+Qx9Wt0=
=e3Jg
-----END PGP SIGNATURE-----
News for package mp3gain
