Debian Package Tracker
Register | Log in
Subscribe

audiofile

Choose email to subscribe with

general
  • source: audiofile (main)
  • version: 0.3.6-5
  • maintainer: Debian Multimedia Maintainers (archive) (DMD)
  • uploaders: Alessio Treglia [DMD]
  • arch: any
  • std-ver: 3.9.8
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.3.6-2+deb8u2
  • o-o-sec: 0.3.6-2+deb8u2
  • oldstable: 0.3.6-4+deb9u1
  • stable: 0.3.6-5
  • testing: 0.3.6-5
  • unstable: 0.3.6-5
versioned links
  • 0.3.6-2+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.3.6-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.3.6-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • audiofile-tools
  • libaudiofile-dev
  • libaudiofile1
action needed
Problems while searching for a new upstream version high
uscan had problems while searching for a new upstream version:
In debian/watch no matching files for watch line
  http://www.68k.org/~michael/audiofile/ http://audiofile.68k.org/audiofile-(.*)\.tar\.gz
Created: 2017-11-21 Last update: 2019-12-10 21:04
1 security issue in bullseye high
There is 1 open security issue in bullseye.
1 important issue:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Please fix it.
Created: 2019-07-07 Last update: 2019-10-21 00:30
1 security issue in sid high
There is 1 open security issue in sid.
1 important issue:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Please fix it.
Created: 2019-07-02 Last update: 2019-10-21 00:30
Standards version of the package is outdated. high
The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.1 instead of 3.9.8).
Created: 2018-04-16 Last update: 2019-09-29 23:39
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 1b48c190c5e23242ba2c9e98dc9a7cb47d78def1
Author: Ondřej Nový <onovy@debian.org>
Date:   Sat Jul 20 01:19:17 2019 +0200

    Use debhelper-compat instead of debian/compat
Created: 2019-07-20 Last update: 2019-12-06 09:54
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2019-07-18 Last update: 2019-07-18 04:44
1 ignored security issue in buster low
There is 1 open security issue in buster.
1 issue skipped by the security teams:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Please fix it.
Created: 2019-07-02 Last update: 2019-10-21 00:30
3 ignored security issues in jessie low
There are 3 open security issues in jessie.
3 issues skipped by the security teams:
  • CVE-2018-17095: An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
  • CVE-2018-13440: The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
Please fix them.
Created: 2018-07-09 Last update: 2019-10-21 00:30
1 ignored security issue in stretch low
There is 1 open security issue in stretch.
1 issue skipped by the security teams:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Please fix it.
Created: 2019-07-02 Last update: 2019-10-21 00:30
news
[rss feed]
  • [2019-04-14] Accepted audiofile 0.3.6-4+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
  • [2019-04-13] audiofile 0.3.6-5 MIGRATED to testing (Debian testing watch)
  • [2019-04-05] Accepted audiofile 0.3.6-5 (source) into unstable (Sebastian Ramacher)
  • [2017-03-29] Accepted audiofile 0.3.6-2+deb8u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
  • [2017-03-23] Accepted audiofile 0.3.4-2+deb7u1 (source amd64) into oldstable (Ola Lundqvist)
  • [2017-03-19] audiofile 0.3.6-4 MIGRATED to testing (Debian testing watch)
  • [2017-03-16] Accepted audiofile 0.3.6-4 (source) into unstable (Sebastian Ramacher)
  • [2016-06-28] Accepted audiofile 0.3.6-2+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates (James Cowgill)
  • [2016-06-17] audiofile 0.3.6-3 MIGRATED to testing (Debian testing watch)
  • [2016-06-14] Accepted audiofile 0.3.6-3 (source) into unstable (James Cowgill)
  • [2013-05-17] audiofile 0.3.6-2 MIGRATED to testing (Debian testing watch)
  • [2013-05-07] Accepted audiofile 0.3.6-2 (source amd64) (Alessio Treglia)
  • [2013-03-08] Accepted audiofile 0.3.6-1 (source amd64) (Alessio Treglia)
  • [2013-02-10] Accepted audiofile 0.3.5-1 (source amd64) (Alessio Treglia)
  • [2012-10-25] audiofile 0.3.4-2 MIGRATED to testing (Debian testing watch)
  • [2012-10-14] Accepted audiofile 0.3.4-2 (source amd64) (Alessio Treglia)
  • [2012-05-12] audiofile 0.3.4-1 MIGRATED to testing (Debian testing watch)
  • [2012-05-01] Accepted audiofile 0.3.4-1 (source amd64) (Alessio Treglia)
  • [2012-03-02] audiofile 0.3.3-3 MIGRATED to testing (Debian testing watch)
  • [2012-02-20] Accepted audiofile 0.3.3-3 (source amd64) (Alessio Treglia)
  • [2012-02-03] audiofile 0.3.3-2 MIGRATED to testing (Debian testing watch)
  • [2012-01-22] Accepted audiofile 0.3.3-2 (source amd64) (Alessio Treglia)
  • [2012-01-21] Accepted audiofile 0.3.3-1 (source amd64) (Alessio Treglia)
  • [2012-01-14] Accepted audiofile 0.2.7-1 (source amd64) (Alessio Treglia)
  • [2012-01-12] Accepted audiofile 0.3.3-1~exp1 (source amd64) (Alessio Treglia)
  • [2012-01-05] Accepted audiofile 0.3.2-1 (source amd64) (Alessio Treglia)
  • [2011-09-15] audiofile 0.2.7-0.1 MIGRATED to testing (Debian testing watch)
  • [2011-09-04] Accepted audiofile 0.2.7-0.1 (source amd64) (Alessio Treglia)
  • [2010-01-22] Accepted audiofile 0.2.6-6+etch1 (source i386) (Stefan Fritsch)
  • [2010-01-17] Accepted audiofile 0.2.6-7+lenny1 (source i386) (Stefan Fritsch)
  • 1
  • 2
bugs [bug history graph]
  • all: 4
  • RC: 0
  • I&N: 2
  • M&W: 2
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.3.6-5
  • 2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing