Debian Package Tracker

general

source: faad2 (main)
version: 2.8.8-1
maintainer: Debian Multimedia Maintainers (archive) [DMD]
uploaders: Matthew W. S. Bell [DMD] – Fabian Greffrath [DMD] – Reinhard Tartler [DMD]
arch: any
std-ver: 4.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.7-8
o-o-sec: 2.7-8+deb7u1
oldstable: 2.7-8+deb8u1
stable: 2.8.0~cvs20161113-1+deb9u1
testing: 2.8.8-1
unstable: 2.8.8-1

versioned links

2.7-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7-8+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7-8+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.0~cvs20161113-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

faad
libfaad-dev
libfaad2

action needed

3 security issues in sid high

There are 3 open security issues in sid.

3 important issues:

CVE-2018-19503: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
CVE-2018-19504: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
CVE-2018-19502: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.

Please fix them.

Created: 2018-11-23 Last update: 2018-11-25 22:50

3 security issues in buster high

There are 3 open security issues in buster.

3 important issues:

CVE-2018-19503: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
CVE-2018-19504: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
CVE-2018-19502: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.

Please fix them.

Created: 2018-11-23 Last update: 2018-11-25 22:50

3 security issues in jessie high

There are 3 open security issues in jessie.

3 important issues:

CVE-2018-19503: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
CVE-2018-19504: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
CVE-2018-19502: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.

Please fix them.

Created: 2018-11-23 Last update: 2018-11-25 22:50

3 security issues in stretch high

There are 3 open security issues in stretch.

3 important issues:

CVE-2018-19503: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
CVE-2018-19504: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
CVE-2018-19502: An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.

Please fix them.

Created: 2018-11-23 Last update: 2018-11-25 22:50

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-12-13 14:48

5 new commits since last upload, time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit c58aeda71503a381bd6bfb9d61d4ef3691d00d5a
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Oct 1 08:39:06 2018 +0200

    d/watch: Use https protocol

commit 598f2522de281a3a072f17e9e0d7ae67d04ce283
Author: Felipe Sateler <fsateler@debian.org>
Date:   Mon Apr 16 13:54:47 2018 -0300

    Change maintainer address to debian-multimedia@lists.debian.org

commit 2b02944dcca9256db730d859787310f495646b87
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Mar 12 23:40:01 2018 +0100

    d/changelog: Remove trailing whitespaces

commit 4aa84d5f1798f4b009e14a61ca1d5fa9a67868c5
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Feb 19 10:19:05 2018 +0100

    d/control: Set Vcs-* to salsa.debian.org

commit fb0572d7c6b3f8e24e8a06f764b0f5098bdb7fb0
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Feb 19 10:19:04 2018 +0100

    d/copyright: Change Format URL to correct one

The Vcs URL is using anonscm.debian.org. Please update it for the move to salsa.debian.org.

Created: 2018-02-19 Last update: 2018-12-13 03:50

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-09-13 Last update: 2018-11-09 04:49

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.0).

Created: 2017-08-31 Last update: 2018-08-26 08:16

news

[rss feed]

[2018-05-07] Accepted faad2 2.7-8+deb8u1 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Markus Koschany)
[2018-05-07] Accepted faad2 2.8.0~cvs20161113-1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Markus Koschany)
[2017-12-24] faad2 2.8.8-1 MIGRATED to testing (Debian testing watch)
[2017-12-18] Accepted faad2 2.8.8-1 (source amd64) into unstable (Fabian Greffrath)
[2017-11-12] faad2 2.8.6-1 MIGRATED to testing (Debian testing watch)
[2017-11-06] Accepted faad2 2.8.6-1 (source amd64) into unstable (Fabian Greffrath)
[2017-10-05] faad2 2.8.5-1 MIGRATED to testing (Debian testing watch)
[2017-09-30] Accepted faad2 2.8.5-1 (source amd64) into unstable (Fabian Greffrath)
[2017-08-30] Accepted faad2 2.7-8+deb7u1 (source amd64) into oldoldstable (Markus Koschany)
[2017-08-08] faad2 2.8.1-2 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted faad2 2.8.1-2 (source amd64) into unstable (Fabian Greffrath)
[2017-07-17] Accepted faad2 2.8.1-1 (source amd64) into unstable (Fabian Greffrath)
[2016-11-19] faad2 2.8.0~cvs20161113-1 MIGRATED to testing (Debian testing watch)
[2016-11-13] Accepted faad2 2.8.0~cvs20161113-1 (source amd64) into unstable (Fabian Greffrath)
[2015-05-17] faad2 2.8.0~cvs20150510-1 MIGRATED to testing (Britney)
[2015-05-11] Accepted faad2 2.8.0~cvs20150510-1 (source amd64) into unstable (Fabian Greffrath)
[2015-05-06] faad2 2.7-9 MIGRATED to testing (Britney)
[2015-04-30] Accepted faad2 2.7-9 (source amd64) into unstable (Fabian Greffrath)
[2012-03-29] faad2 2.7-8 MIGRATED to testing (Debian testing watch)
[2012-03-18] Accepted faad2 2.7-8 (source amd64) (Andres Mejia)
[2011-08-24] faad2 2.7-7 MIGRATED to testing (Debian testing watch)
[2011-08-13] Accepted faad2 2.7-7 (source amd64) (Fabian Greffrath)
[2010-11-25] faad2 2.7-6 MIGRATED to testing (Debian testing watch)
[2010-11-23] Accepted faad2 2.7-6 (source amd64) (Andres Mejia)
[2010-11-20] Accepted faad2 2.7-5 (source amd64) (Fabian Greffrath)
[2009-11-08] faad2 2.7-4 MIGRATED to testing (Debian testing watch)
[2009-10-26] Accepted faad2 2.7-4 (source i386) (Fabian Greffrath)
[2009-10-18] faad2 2.7-2 MIGRATED to testing (Debian testing watch)
[2009-09-17] Accepted faad2 2.7-2 (source i386) (Reinhard Tartler)
[2009-06-09] Accepted faad2 2.7-1 (source i386) (Fabian Greffrath)

bugs [bug history graph]

all: 3
RC: 0
I&N: 2
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 3)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.8.8-1
7 bugs