Debian Package Tracker
Register | Log in
Subscribe

audiofile

Choose email to subscribe with

general
  • source: audiofile (main)
  • version: 0.3.6-5
  • maintainer: Debian Multimedia Maintainers (archive) (DMD)
  • uploaders: Alessio Treglia [DMD]
  • arch: any
  • std-ver: 3.9.8
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.3.6-4+deb9u1
  • oldstable: 0.3.6-5
  • stable: 0.3.6-5
  • testing: 0.3.6-5
  • unstable: 0.3.6-5
versioned links
  • 0.3.6-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.3.6-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • audiofile-tools
  • libaudiofile-dev
  • libaudiofile1
action needed
Problems while searching for a new upstream version high
uscan had problems while searching for a new upstream version:
In debian/watch no matching files for watch line
  http://www.68k.org/~michael/audiofile/ http://audiofile.68k.org/audiofile-(.*)\.tar\.gz
Created: 2020-06-29 Last update: 2023-02-08 08:01
lintian reports 1 error and 21 warnings high
Lintian reports 1 error and 21 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2020-07-29 Last update: 2023-02-04 14:01
Standards version of the package is outdated. high
The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 3.9.8).
Created: 2018-04-16 Last update: 2022-12-17 19:17
2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
  • CVE-2022-24599: In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.
Created: 2022-07-04 Last update: 2022-08-01 13:40
2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
  • CVE-2022-24599: In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.
Created: 2022-07-04 Last update: 2022-08-01 13:40
version in VCS is newer than in repository, is it time to upload? normal
vcswatch reports that this package seems to have a new changelog entry (version 0.3.6-6, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:
commit 99a78244bde6066c63157754034cf41bd696de1b
Merge: 4a98ae6 6b96b19
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Sat Oct 15 14:56:34 2022 +0000

    Merge branch 'lintian-fixes' into 'master'
    
    Set upstream metadata fields: Bug-Submit
    
    See merge request multimedia-team/audiofile!4

commit 6b96b193eda83dbe587c095cdf085273119f113c
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Wed Oct 12 12:45:30 2022 +0000

    Set upstream metadata fields: Bug-Submit.
    
    Changes-By: lintian-brush
    Fixes: lintian: upstream-metadata-missing-bug-tracking
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html

commit 4a98ae6546bb622e940780904683f90a195844ef
Merge: d8747f6 4512cee
Author: Dennis Braun <d_braun@kabelmail.de>
Date:   Tue Oct 12 15:45:02 2021 +0000

    Merge branch 'scrub-obsolete' into 'master'
    
    Remove unnecessary constraints
    
    See merge request multimedia-team/audiofile!3

commit 4512ceef33f461856e0ac8eebaf6e2023e1647f8
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Mon Oct 11 23:57:20 2021 +0000

    Remove constraints unnecessary since buster
    
    * audiofile-tools: Drop versioned constraint on libaudiofile-dev in Replaces.
    * audiofile-tools: Drop versioned constraint on libaudiofile-dev in Breaks.
    
    Changes-By: deb-scrub-obsolete

commit d8747f6532cb8d03c2018066bb60e67bf7682fbe
Merge: 1b48c19 9e71db9
Author: Sebastian Ramacher <sramacher@debian.org>
Date:   Sat Mar 7 09:09:41 2020 +0000

    Merge branch 'lintian-fixes' into 'master'
    
    Fix some issues reported by lintian
    
    See merge request multimedia-team/audiofile!2

commit 9e71db9ccca8b8a50d99758936dfadec279df05d
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:40:16 2019 +0000

    Drop transition for old debug package migration.
    
    Fixes lintian: debug-symbol-migration-possibly-complete
    See https://lintian.debian.org/tags/debug-symbol-migration-possibly-complete.html for more details.

commit 6118ba458accccdbe067ee4b7a0cb3e3ff838e57
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:39:52 2019 +0000

    Fix day-of-week for changelog entry 0.1.5-3.
    
    Fixes lintian: debian-changelog-has-wrong-day-of-week
    See https://lintian.debian.org/tags/debian-changelog-has-wrong-day-of-week.html for more details.

commit 532349c974037694550b3682636bb3291c23803a
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:39:31 2019 +0000

    Drop unnecessary dh arguments: --parallel
    
    Fixes lintian: debian-rules-uses-unnecessary-dh-argument
    See https://lintian.debian.org/tags/debian-rules-uses-unnecessary-dh-argument.html for more details.

commit 219a52497bd9e9854416c0af9470777aaa484d69
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:39:09 2019 +0000

    Drop unnecessary dependency on dh-autoreconf.
    
    Fixes lintian: useless-autoreconf-build-depends
    See https://lintian.debian.org/tags/useless-autoreconf-build-depends.html for more details.

commit f6d1c349e1b9f4328874d2b9bd1edcafb4232655
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:38:47 2019 +0000

    Set upstream metadata fields: Bug-Database, Repository, Repository-Browse.
    
    Fixes lintian: upstream-metadata-file-is-missing
    See https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html for more details.

commit a7e05412fda5fef67f672f1eb8b447ddb70869bc
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:38:20 2019 +0000

    Bump debhelper from old 9 to 10.
    
    Fixes lintian: package-uses-old-debhelper-compat-version
    See https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html for more details.

commit f931c4aac1bf4d31e346e0089a30de49912bdfbf
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:37:57 2019 +0000

    Use secure URI in Homepage field.
    
    Fixes lintian: homepage-field-uses-insecure-uri
    See https://lintian.debian.org/tags/homepage-field-uses-insecure-uri.html for more details.

commit 04fe01fb08b85ece3ea05e1a515431bba4d52f8a
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Dec 27 01:37:32 2019 +0000

    Trim trailing whitespace.
    
    Fixes lintian: file-contains-trailing-whitespace
    See https://lintian.debian.org/tags/file-contains-trailing-whitespace.html for more details.

commit 1b48c190c5e23242ba2c9e98dc9a7cb47d78def1
Author: Ondřej Nový <onovy@debian.org>
Date:   Sat Jul 20 01:19:17 2019 +0200

    Use debhelper-compat instead of debian/compat
Created: 2019-07-20 Last update: 2023-02-05 12:04
2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2022-24599: (needs triaging) In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

You can find information about how to handle this issue in the security team's documentation.

1 ignored issue:
  • CVE-2019-13147: In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Created: 2022-07-04 Last update: 2022-08-01 13:40
news
[rss feed]
  • [2019-04-14] Accepted audiofile 0.3.6-4+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
  • [2019-04-13] audiofile 0.3.6-5 MIGRATED to testing (Debian testing watch)
  • [2019-04-05] Accepted audiofile 0.3.6-5 (source) into unstable (Sebastian Ramacher)
  • [2017-03-29] Accepted audiofile 0.3.6-2+deb8u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
  • [2017-03-23] Accepted audiofile 0.3.4-2+deb7u1 (source amd64) into oldstable (Ola Lundqvist)
  • [2017-03-19] audiofile 0.3.6-4 MIGRATED to testing (Debian testing watch)
  • [2017-03-16] Accepted audiofile 0.3.6-4 (source) into unstable (Sebastian Ramacher)
  • [2016-06-28] Accepted audiofile 0.3.6-2+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates (James Cowgill)
  • [2016-06-17] audiofile 0.3.6-3 MIGRATED to testing (Debian testing watch)
  • [2016-06-14] Accepted audiofile 0.3.6-3 (source) into unstable (James Cowgill)
  • [2013-05-17] audiofile 0.3.6-2 MIGRATED to testing (Debian testing watch)
  • [2013-05-07] Accepted audiofile 0.3.6-2 (source amd64) (Alessio Treglia)
  • [2013-03-08] Accepted audiofile 0.3.6-1 (source amd64) (Alessio Treglia)
  • [2013-02-10] Accepted audiofile 0.3.5-1 (source amd64) (Alessio Treglia)
  • [2012-10-25] audiofile 0.3.4-2 MIGRATED to testing (Debian testing watch)
  • [2012-10-14] Accepted audiofile 0.3.4-2 (source amd64) (Alessio Treglia)
  • [2012-05-12] audiofile 0.3.4-1 MIGRATED to testing (Debian testing watch)
  • [2012-05-01] Accepted audiofile 0.3.4-1 (source amd64) (Alessio Treglia)
  • [2012-03-02] audiofile 0.3.3-3 MIGRATED to testing (Debian testing watch)
  • [2012-02-20] Accepted audiofile 0.3.3-3 (source amd64) (Alessio Treglia)
  • [2012-02-03] audiofile 0.3.3-2 MIGRATED to testing (Debian testing watch)
  • [2012-01-22] Accepted audiofile 0.3.3-2 (source amd64) (Alessio Treglia)
  • [2012-01-21] Accepted audiofile 0.3.3-1 (source amd64) (Alessio Treglia)
  • [2012-01-14] Accepted audiofile 0.2.7-1 (source amd64) (Alessio Treglia)
  • [2012-01-12] Accepted audiofile 0.3.3-1~exp1 (source amd64) (Alessio Treglia)
  • [2012-01-05] Accepted audiofile 0.3.2-1 (source amd64) (Alessio Treglia)
  • [2011-09-15] audiofile 0.2.7-0.1 MIGRATED to testing (Debian testing watch)
  • [2011-09-04] Accepted audiofile 0.2.7-0.1 (source amd64) (Alessio Treglia)
  • [2010-01-22] Accepted audiofile 0.2.6-6+etch1 (source i386) (Stefan Fritsch)
  • [2010-01-17] Accepted audiofile 0.2.6-7+lenny1 (source i386) (Stefan Fritsch)
  • 1
  • 2
bugs [bug history graph]
  • all: 5
  • RC: 0
  • I&N: 3
  • M&W: 2
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (1, 21)
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.3.6-5build2
  • 2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing