faad2 - Debian Package Tracker

general

source: faad2 (main)
version: 2.10.0-1
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Matthew W. S. Bell [DMD] – Fabian Greffrath [DMD] – Reinhard Tartler [DMD]
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.8.0~cvs20161113-1+deb9u2
old-sec: 2.8.0~cvs20161113-1+deb9u2
stable: 2.8.8-3
testing: 2.10.0-1
unstable: 2.10.0-1

versioned links

2.8.0~cvs20161113-1+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.8-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.10.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

faad (1 bugs: 0, 1, 0, 0)
libfaad-dev
libfaad2

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://github.com/knik0/faad2/releases /knik0/faad2/archive/(\d[_\d]*)(?i)(?:\.(?:tar\.xz|tar\.bz2|tar\.gz|zip|tgz|tbz|txz))

Created: 2021-03-22 Last update: 2021-04-14 22:35

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-04-14 22:31

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:02

4 low-priority security issues in buster low

There are 4 open security issues in buster.

4 issues left for the package maintainer to handle:

CVE-2018-20196: (needs triaging) There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.
CVE-2018-20199: (needs triaging) A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case.
CVE-2018-20360: (needs triaging) An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2019-6956: (needs triaging) An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-21 19:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

news

[rss feed]

[2020-10-26] faad2 2.10.0-1 MIGRATED to testing (Debian testing watch)
[2020-10-20] Accepted faad2 2.10.0-1 (source) into unstable (Fabian Greffrath)
[2020-05-10] faad2 2.9.2-1 MIGRATED to testing (Debian testing watch)
[2020-05-04] Accepted faad2 2.9.2-1 (source) into unstable (Fabian Greffrath)
[2019-11-10] faad2 2.9.1-1 MIGRATED to testing (Debian testing watch)
[2019-11-04] Accepted faad2 2.9.1-1 (source) into unstable (Fabian Greffrath)
[2019-09-17] Accepted faad2 2.8.0~cvs20161113-1+deb9u2 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Hugo Lefeuvre)
[2019-09-17] faad2 2.9.0-1 MIGRATED to testing (Debian testing watch)
[2019-09-15] Accepted faad2 2.8.0~cvs20161113-1+deb9u2 (source amd64) into oldstable->embargoed, oldstable (Hugo Lefeuvre)
[2019-09-11] Accepted faad2 2.9.0-1 (source) into unstable (Fabian Greffrath)
[2019-09-03] faad2 2.8.8-3.2 MIGRATED to testing (Debian testing watch)
[2019-08-31] Accepted faad2 2.8.8-3.2 (source) into unstable (Hugo Lefeuvre)
[2019-08-28] Accepted faad2 2.7-8+deb8u3 (source amd64) into oldoldstable (Hugo Lefeuvre)
[2019-08-28] Accepted faad2 2.8.8-3.1 (source) into unstable (Hugo Lefeuvre)
[2019-06-10] faad2 2.8.8-3 MIGRATED to testing (Debian testing watch)
[2019-06-07] Accepted faad2 2.8.8-3 (source) into unstable (Sebastian Ramacher)
[2019-05-19] Accepted faad2 2.7-8+deb8u2 (source amd64) into oldstable (Hugo Lefeuvre)
[2019-04-22] faad2 2.8.8-2 MIGRATED to testing (Debian testing watch)
[2019-04-17] Accepted faad2 2.8.8-2 (source amd64) into unstable (Fabian Greffrath)
[2018-05-07] Accepted faad2 2.7-8+deb8u1 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Markus Koschany)
[2018-05-07] Accepted faad2 2.8.0~cvs20161113-1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Markus Koschany)
[2017-12-24] faad2 2.8.8-1 MIGRATED to testing (Debian testing watch)
[2017-12-18] Accepted faad2 2.8.8-1 (source amd64) into unstable (Fabian Greffrath)
[2017-11-12] faad2 2.8.6-1 MIGRATED to testing (Debian testing watch)
[2017-11-06] Accepted faad2 2.8.6-1 (source amd64) into unstable (Fabian Greffrath)
[2017-10-05] faad2 2.8.5-1 MIGRATED to testing (Debian testing watch)
[2017-09-30] Accepted faad2 2.8.5-1 (source amd64) into unstable (Fabian Greffrath)
[2017-08-30] Accepted faad2 2.7-8+deb7u1 (source amd64) into oldoldstable (Markus Koschany)
[2017-08-08] faad2 2.8.1-2 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted faad2 2.8.1-2 (source amd64) into unstable (Fabian Greffrath)

bugs [bug history graph]

all: 2
RC: 0
I&N: 1
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.10.0-1
8 bugs