Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted faad2 2.8.0~cvs20161113-1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Date: Mon, 07 May 2018 11:32:09 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 May 2018 17:49:02 +0200
Source: faad2
Binary: faad faad2-dbg libfaad-dev libfaad2
Architecture: source amd64
Version: 2.8.0~cvs20161113-1+deb9u1
Distribution: stretch
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 faad       - freeware Advanced Audio Decoder player
 faad2-dbg  - freeware Advanced Audio Decoder - debugging symbols
 libfaad-dev - freeware Advanced Audio Decoder - development files
 libfaad2   - freeware Advanced Audio Decoder - runtime files
Closes: 889915
Changes:
 faad2 (2.8.0~cvs20161113-1+deb9u1) stretch; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221,
     CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255,
     CVE-2017-9256, CVE-2017-9257.
     Various issues were discovered in faad2, a fast audio decoder, that could
     cause a denial of service (large loop and CPU consumption) via a crafted
     mp4 file. (Closes: #889915)
Checksums-Sha1:
 60045cd562096a31ad47cd417cce0b585ffa4b61 2414 faad2_2.8.0~cvs20161113-1+deb9u1.dsc
 db6423f4e85349e0111aeb24724d160ab1e5b54d 17832 faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz
 6f3ad0b2c137ae50bce01d46c1cb5d1ab96b7bcb 504446 faad2-dbg_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 11eaccc37a70c36969808b1d7d0e32ea12901324 6917 faad2_2.8.0~cvs20161113-1+deb9u1_amd64.buildinfo
 1643fb9be522c6e4e2b0dcadd20f0b60a6874621 38584 faad_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 5736d1137455a414f595d8bb7f51bdcfd142b573 182670 libfaad-dev_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 d7fb4765e64987f90d02a044c38a297466677933 167128 libfaad2_2.8.0~cvs20161113-1+deb9u1_amd64.deb
Checksums-Sha256:
 55f30bfc708b26107ce4c66759366cb3cc325e8b3dc12911729d7cafaf19f26d 2414 faad2_2.8.0~cvs20161113-1+deb9u1.dsc
 56580e3420a1ae2f103fc542e4a4ea46e229828a852f874823755fbfc033626b 17832 faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz
 74f74ad2e694c593aaead02848e92360d07e670aa0df762df68ecc4d46fd4cf4 504446 faad2-dbg_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 41d00c67e0e9c7f0905b73e603fd28831f57e68874e974a41a7950155fca581d 6917 faad2_2.8.0~cvs20161113-1+deb9u1_amd64.buildinfo
 ad8286cad1bab2d4db7862a5c9133d78ebef45c40460e22cee40ac87a5e8ee9b 38584 faad_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 b8f19dc1698ad78b1f0b847e548729810d1fd684bf545b402b69acdffb76e9f1 182670 libfaad-dev_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 cf16b2e939d0dded2d13c8c57ebc12997b283dfaabb073914471234f6eb4c254 167128 libfaad2_2.8.0~cvs20161113-1+deb9u1_amd64.deb
Files:
 d30ffe94a5af246fc9b8816c088f79ca 2414 libs optional faad2_2.8.0~cvs20161113-1+deb9u1.dsc
 9b28daf5c71fdd42cdf7c9e13ace82a7 17832 libs optional faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz
 e4fce44a27c1f4bd1c56086fdf9363fc 504446 debug extra faad2-dbg_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 265408b39692b1e902cfe549f564b980 6917 libs optional faad2_2.8.0~cvs20161113-1+deb9u1_amd64.buildinfo
 2d8431119e8bc2e9b378d50ed18f2368 38584 sound optional faad_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 3042c55f1d26477512a15734858196dc 182670 libdevel optional libfaad-dev_2.8.0~cvs20161113-1+deb9u1_amd64.deb
 eea637e5a699f8fb48d9f4c4da1c4178 167128 libs optional libfaad2_2.8.0~cvs20161113-1+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrokapfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkhIUP/0g/m/yJSUuDsV5iprUlyPkTFVBe1mqvAh0z
RP6wkDXLJ0VcRe+wFWTatE1glwfMOyjCgyK7/VzF32q4muL6lPvkXFrpnQOY9fQk
3xXfaY6lBMZKDXZAN8uooEcNxk2XX7EJrfmBnxl1rnZ/9dSamQdk/iu1LZ3iV3LB
JSv44EyG7kbDye/GojkbdEuI07zEhkkKwuYjEc8ww7UssyCUWm4u+bEQk4nO+day
sXsqv9uJT1PweRQMXbGLl+mIOfultaPDK5sWwb8YH1PE8gOznO75hYjIY75lu8lo
a0K1X/FxeTRoLDsFzsZ0B9K/qk62mEi/rshvnpHkc3CiyBRuKT+VAOaHKQI3lf74
Bh3pHNKVuQZn+sM93Fhtp46cnRO9f14val0YknQay6NzPvr5x+6Dncr0iz0o7qtn
mtReHryrEqxFeOLDvpxHFBn/Ymu6vky1OtAf40lb697DsfaQ0H00LLw524CzEIXT
QyyjPDraSRH95uOvCsr3/19vSausxymmJgMdVtViq8YgVZSXiKpPvkM5yq7kKw0c
e8vDauy4mZCLFx34KLSfTbJ7Kh53I2CZ6aVp3k1wpOTMLZKYdy5WLjMxBnXnW+il
PHoXkpGLHohy6nuk8wJZX+pyP6Gb/YTUevvQ+aJ+E7IpAlsqOGaetAk+jwOsBnNq
AP38tJKV
=aAXi
-----END PGP SIGNATURE-----
News for package faad2
