Debian Package Tracker

general

source: faad2 (main)
version: 2.8.8-1
maintainer: Debian Multimedia Maintainers (archive) [DMD]
uploaders: Matthew W. S. Bell [DMD] – Fabian Greffrath [DMD] – Reinhard Tartler [DMD]
arch: any
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.7-8
o-o-sec: 2.7-8+deb7u1
oldstable: 2.7-8
stable: 2.8.0~cvs20161113-1
testing: 2.8.8-1
unstable: 2.8.8-1

versioned links

2.7-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7-8+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.0~cvs20161113-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

faad
libfaad-dev
libfaad2

action needed

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2017-11-21 Last update: 2018-04-23 07:42

4 new commits since last upload, time to release an update? normal

vcswatch reports that this package seems to have new commits in its VCS. You should consider updating the debian/changelog and uploading this new version into the archive.

Created: 2018-02-19 Last update: 2018-04-17 06:45

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-14 Last update: 2018-04-14 07:47

11 ignored security issues in stretch low

There are 11 open security issues in stretch.

11 issues skipped by the security teams:

CVE-2017-9256: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9257: The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9218: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9253: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9220: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.
CVE-2017-9254: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9221: The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9222: The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9255: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9219: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.
CVE-2017-9223: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.

Please fix them.

Created: 2017-06-28 Last update: 2017-12-30 19:43

11 ignored security issues in jessie low

There are 11 open security issues in jessie.

11 issues skipped by the security teams:

CVE-2017-9256: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9257: The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9218: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9253: The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9220: The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file.
CVE-2017-9254: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9221: The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.
CVE-2017-9222: The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9255: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.
CVE-2017-9219: The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file.
CVE-2017-9223: The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.

Please fix them.

Created: 2017-06-28 Last update: 2017-12-30 19:43

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.0).

Created: 2017-08-31 Last update: 2018-04-16 20:44

news

[rss feed]

[2017-12-24] faad2 2.8.8-1 MIGRATED to testing (Debian testing watch)
[2017-12-18] Accepted faad2 2.8.8-1 (source amd64) into unstable (Fabian Greffrath)
[2017-11-12] faad2 2.8.6-1 MIGRATED to testing (Debian testing watch)
[2017-11-06] Accepted faad2 2.8.6-1 (source amd64) into unstable (Fabian Greffrath)
[2017-10-05] faad2 2.8.5-1 MIGRATED to testing (Debian testing watch)
[2017-09-30] Accepted faad2 2.8.5-1 (source amd64) into unstable (Fabian Greffrath)
[2017-08-30] Accepted faad2 2.7-8+deb7u1 (source amd64) into oldoldstable (Markus Koschany)
[2017-08-08] faad2 2.8.1-2 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted faad2 2.8.1-2 (source amd64) into unstable (Fabian Greffrath)
[2017-07-17] Accepted faad2 2.8.1-1 (source amd64) into unstable (Fabian Greffrath)
[2016-11-19] faad2 2.8.0~cvs20161113-1 MIGRATED to testing (Debian testing watch)
[2016-11-13] Accepted faad2 2.8.0~cvs20161113-1 (source amd64) into unstable (Fabian Greffrath)
[2015-05-17] faad2 2.8.0~cvs20150510-1 MIGRATED to testing (Britney)
[2015-05-11] Accepted faad2 2.8.0~cvs20150510-1 (source amd64) into unstable (Fabian Greffrath)
[2015-05-06] faad2 2.7-9 MIGRATED to testing (Britney)
[2015-04-30] Accepted faad2 2.7-9 (source amd64) into unstable (Fabian Greffrath)
[2012-03-29] faad2 2.7-8 MIGRATED to testing (Debian testing watch)
[2012-03-18] Accepted faad2 2.7-8 (source amd64) (Andres Mejia)
[2011-08-24] faad2 2.7-7 MIGRATED to testing (Debian testing watch)
[2011-08-13] Accepted faad2 2.7-7 (source amd64) (Fabian Greffrath)
[2010-11-25] faad2 2.7-6 MIGRATED to testing (Debian testing watch)
[2010-11-23] Accepted faad2 2.7-6 (source amd64) (Andres Mejia)
[2010-11-20] Accepted faad2 2.7-5 (source amd64) (Fabian Greffrath)
[2009-11-08] faad2 2.7-4 MIGRATED to testing (Debian testing watch)
[2009-10-26] Accepted faad2 2.7-4 (source i386) (Fabian Greffrath)
[2009-10-18] faad2 2.7-2 MIGRATED to testing (Debian testing watch)
[2009-09-17] Accepted faad2 2.7-2 (source i386) (Reinhard Tartler)
[2009-06-09] Accepted faad2 2.7-1 (source i386) (Fabian Greffrath)
[2008-10-03] faad2 2.6.1-3.1 MIGRATED to testing (Debian testing watch)
[2008-09-26] Accepted faad2 2.6.1-3.1 (source all i386) (Steffen Joeris)

bugs [bug history graph]

all: 3
RC: 0
I&N: 2
M&W: 1
F&P: 0

links

homepage
lintian (0, 2)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.8.8-1
5 bugs