Debian Package Tracker
Register | Log in
Subscribe

audacity

fast, cross-platform audio editor

Choose email to subscribe with

general
  • source: audacity (main)
  • version: 2.4.2~dfsg0-3
  • maintainer: Debian Multimedia Maintainers (archive) (DMD)
  • uploaders: Benjamin Drung [DMD] – David Henningsson [DMD] – Free Ekanayaka [DMD] – Dennis Braun [DMD] – Jaromír Mikeš [DMD] [DM]
  • arch: all any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.0.6-2
  • oldstable: 2.1.2-2
  • stable: 2.2.2-1
  • testing: 2.4.2~dfsg0-3
  • unstable: 2.4.2~dfsg0-3
versioned links
  • 2.0.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.1.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.2~dfsg0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • audacity (75 bugs: 0, 63, 12, 0)
  • audacity-data (2 bugs: 0, 2, 0, 0)
action needed
1 security issue in sid high
There is 1 open security issue in sid.
1 important issue:
  • CVE-2020-11867: Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Please fix it.
Created: 2020-12-08 Last update: 2020-12-09 13:35
1 security issue in bullseye high
There is 1 open security issue in bullseye.
1 important issue:
  • CVE-2020-11867: Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Please fix it.
Created: 2020-12-08 Last update: 2020-12-09 13:35
Does not build reproducibly during testing normal
A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!
Created: 2020-12-29 Last update: 2021-01-24 06:56
version in VCS is newer than in repository, is it time to upload? normal
vcswatch reports that this package seems to have a new changelog entry (version 2.4.2~dfsg0-4, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:
commit 8c7957ffb46feab006cd99bd051077d713b81e8c
Author: Sebastian Ramacher <sramacher@debian.org>
Date:   Fri Jan 1 01:48:24 2021 +0100

    Fix bug number

commit 1c543ee119fa79c347a86546997cb232dce82829
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Tue Dec 8 23:49:47 2020 +0100

    Add 0006-Fix_CVE-2020-11867.patch ^^

commit a2025455dfd74e4127b374a76328b020250a192d
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Tue Dec 8 23:46:44 2020 +0100

    Update d/changelog for 2.4.2~dfsg0-4

commit 7f0cb437a1f0231bb21e8c3e8cba68135ea6216b
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Tue Dec 8 23:45:35 2020 +0100

    Bump S-V to 4.5.1, no changes needed

commit e770a95316ec6cede0ffeecdaa272efa9fd8c6b3
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Tue Dec 8 23:44:45 2020 +0100

    Fix temporary audio .au files exposure (CVE-2020-11867). (Closes: #976874)

commit ec4ff31207413cd59935cf1f06e7bd3f53e09ea0
Author: Sebastian Ramacher <sramacher@debian.org>
Date:   Sat Sep 5 09:58:06 2020 +0200

    Bump cmake requirement
    
    Closes: #959571
Created: 2020-09-05 Last update: 2021-01-17 10:07
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2020-08-22 Last update: 2020-08-22 06:03
1 ignored security issue in stretch low
There is 1 open security issue in stretch.
1 issue skipped by the security teams:
  • CVE-2020-11867: Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Please fix it.
Created: 2020-12-08 Last update: 2020-12-09 13:35
1 ignored security issue in buster low
There is 1 open security issue in buster.
1 issue skipped by the security teams:
  • CVE-2020-11867: Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Please fix it.
Created: 2020-12-08 Last update: 2020-12-09 13:35
Build log checks report 2 warnings low
Build log checks report 2 warnings
Created: 2015-08-24 Last update: 2016-01-30 01:05
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-17 05:41
news
[rss feed]
  • [2020-07-29] audacity 2.4.2~dfsg0-3 MIGRATED to testing (Debian testing watch)
  • [2020-07-23] Accepted audacity 2.4.2~dfsg0-3 (source) into unstable (Sebastian Ramacher)
  • [2020-07-23] Accepted audacity 2.4.2~dfsg0-2 (source) into unstable (Sebastian Ramacher)
  • [2020-07-23] Accepted audacity 2.4.2~dfsg0-1 (source) into unstable (Sebastian Ramacher)
  • [2020-05-12] audacity 2.3.3-2 MIGRATED to testing (Debian testing watch)
  • [2020-05-06] Accepted audacity 2.3.3-2 (source) into unstable (Dennis Braun) (signed by: Sebastian Ramacher)
  • [2019-12-16] audacity 2.3.3-1 MIGRATED to testing (Debian testing watch)
  • [2019-12-11] Accepted audacity 2.3.3-1 (source) into unstable (Dennis Braun) (signed by: Adam Borowski)
  • [2019-08-11] audacity 2.3.2-2 MIGRATED to testing (Debian testing watch)
  • [2019-08-06] Accepted audacity 2.3.2-2 (source) into unstable (Unit193) (signed by: Unit 193)
  • [2019-07-23] Accepted audacity 2.3.2-1 (source) into unstable (Unit 193)
  • [2018-06-11] audacity 2.2.2-1 MIGRATED to testing (Debian testing watch)
  • [2018-06-06] Accepted audacity 2.2.2-1 (source) into unstable (James Cowgill)
  • [2018-02-12] Accepted audacity 2.0.1-1+deb7u1 (source amd64 all) into oldoldstable (Roberto C. Sanchez)
  • [2017-12-17] audacity 2.2.1-1 MIGRATED to testing (Debian testing watch)
  • [2017-12-11] Accepted audacity 2.2.1-1 (source) into unstable (Jaromír Mikeš)
  • [2017-11-30] audacity 2.2.0-2 MIGRATED to testing (Debian testing watch)
  • [2017-11-25] Accepted audacity 2.2.0-2 (source) into unstable (Jaromír Mikeš)
  • [2017-11-19] Accepted audacity 2.2.0-1 (source) into unstable (Jaromír Mikeš) (signed by: Sebastian Ramacher)
  • [2016-11-30] audacity 2.1.2-2 MIGRATED to testing (Debian testing watch)
  • [2016-11-24] Accepted audacity 2.1.2-2 (source) into unstable (Free Ekanayaka)
  • [2016-02-04] audacity 2.1.2-1 MIGRATED to testing (Debian testing watch)
  • [2016-01-29] Accepted audacity 2.1.2-1 (source all) into unstable (Sebastian Ramacher)
  • [2016-01-12] Accepted audacity 2.1.2~rc2-1 (source all) into experimental (Sebastian Ramacher)
  • [2015-12-07] Accepted audacity 2.1.2~rc1-1 (source all) into experimental (Sebastian Ramacher)
  • [2014-11-05] audacity 2.0.6-2 MIGRATED to testing (Britney)
  • [2014-10-25] Accepted audacity 2.0.6-2 (source amd64 all) into unstable (Benjamin Drung)
  • [2014-10-21] audacity 2.0.6-1 MIGRATED to testing (Britney)
  • [2014-10-13] Accepted audacity 2.0.6-1 (source amd64 all) into unstable (Benjamin Drung)
  • [2014-06-06] audacity 2.0.5-2 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 78 79
  • RC: 0
  • I&N: 65 66
  • M&W: 12
  • F&P: 1
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (-, 60)
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.4.2~dfsg0-3
  • 108 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing