gtkpod - Debian Package Tracker

general

source: gtkpod (main)
version: 2.1.5-9
maintainer: Adrian Bunk (DMD)
arch: all any
std-ver: 4.0.0
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.1.5-4
oldstable: 2.1.5-6
stable: 2.1.5-8
testing: 2.1.5-9
unstable: 2.1.5-9

versioned links

2.1.5-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.5-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.5-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.5-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gtkpod (9 bugs: 0, 7, 2, 0)
gtkpod-data
gtkpod-dbg
libatomicparsley-dev
libatomicparsley0
libgtkpod-dev
libgtkpod1

action needed

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2021-37231: A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.
CVE-2021-37232: A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

Created: 2021-08-31 Last update: 2021-09-23 20:35

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2021-37231: A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.
CVE-2021-37232: A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

Created: 2021-08-31 Last update: 2021-09-23 20:35

Depends on packages which need a new maintainer normal

The packages that gtkpod depends on which need a new maintainer are:

id3v2 (#770257)
- Recommends: id3v2
libgpod (#867215)
- Build-Depends: libgpod-dev
- Depends: libgpod4 libgpod4 libgpod4

Created: 2019-11-22 Last update: 2021-09-28 19:05

Multiarch hinter reports 3 issue(s) normal

There are issues with the multiarch metadata for this package.

gtkpod-dbg could be marked Multi-Arch: same
libatomicparsley-dev could be marked Multi-Arch: same
libgtkpod-dev could be marked Multi-Arch: same

Created: 2020-02-11 Last update: 2021-09-28 15:05

lintian reports 10 warnings normal

Lintian reports 10 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2021-09-06 18:32

AppStream hints: 1 warning normal

AppStream found metadata issues for packages:

gtkpod: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2020-06-01 Last update: 2020-06-01 01:13

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2014-07-02 Last update: 2016-04-29 00:58

No known security issue in buster wishlist

There are 2 open security issues in buster.

2 ignored issues:

CVE-2021-37231: A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.
CVE-2021-37232: A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

Created: 2021-08-31 Last update: 2021-09-23 20:35

No known security issue in bullseye wishlist

There are 2 open security issues in bullseye.

2 ignored issues:

CVE-2021-37231: A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.
CVE-2021-37232: A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

Created: 2021-08-31 Last update: 2021-09-23 20:35

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.0.0).

Created: 2018-04-16 Last update: 2021-09-01 16:23

news

[rss feed]

[2021-09-06] gtkpod 2.1.5-9 MIGRATED to testing (Debian testing watch)
[2021-09-01] Accepted gtkpod 2.1.5-9 (source) into unstable (Adrian Bunk)
[2021-01-06] gtkpod 2.1.5-8 MIGRATED to testing (Debian testing watch)
[2021-01-01] Accepted gtkpod 2.1.5-8 (source) into unstable (Andreas Henriksson)
[2020-08-07] gtkpod REMOVED from testing (Debian testing watch)
[2019-11-02] gtkpod 2.1.5-7 MIGRATED to testing (Debian testing watch)
[2019-10-28] Accepted gtkpod 2.1.5-7 (source) into unstable (Andreas Henriksson)
[2019-02-04] gtkpod 2.1.5-6 MIGRATED to testing (Debian testing watch)
[2018-10-04] gtkpod REMOVED from testing (Debian testing watch)
[2017-07-18] gtkpod 2.1.5-6 MIGRATED to testing (Debian testing watch)
[2017-07-07] Accepted gtkpod 2.1.5-6 (source) into unstable (Adrian Bunk)
[2017-07-06] gtkpod 2.1.5-5 MIGRATED to testing (Debian testing watch)
[2017-07-01] Accepted gtkpod 2.1.5-5 (source) into unstable (Matteo F. Vescovi)
[2016-12-01] gtkpod 2.1.5-4 MIGRATED to testing (Debian testing watch)
[2016-11-13] Accepted gtkpod 2.1.5-4 (source) into unstable (Matteo F. Vescovi)
[2016-11-06] gtkpod REMOVED from testing (Debian testing watch)
[2016-05-04] gtkpod 2.1.5-3 MIGRATED to testing (Debian testing watch)
[2016-04-28] Accepted gtkpod 2.1.5-3 (source) into unstable (Matteo F. Vescovi)
[2016-04-22] Accepted gtkpod 2.1.5-2 (source) into unstable (Matteo F. Vescovi)
[2015-06-15] gtkpod 2.1.5-1 MIGRATED to testing (Britney)
[2015-06-09] Accepted gtkpod 2.1.5-1 (all source) into unstable (Matteo F. Vescovi)
[2015-01-21] gtkpod 2.1.4-5 MIGRATED to testing (Britney)
[2015-01-15] Accepted gtkpod 2.1.4-5 (source all) into unstable (Matteo F. Vescovi)
[2014-08-06] gtkpod 2.1.4-4 MIGRATED to testing (Britney)
[2014-07-31] Accepted gtkpod 2.1.4-4 (source amd64 all) into unstable (Matteo F. Vescovi)
[2014-07-20] gtkpod 2.1.4-3 MIGRATED to testing (Britney)
[2014-07-14] Accepted gtkpod 2.1.4-3 (source amd64 all) (Matteo F. Vescovi)
[2014-04-06] gtkpod 2.1.4-2 MIGRATED to testing (Debian testing watch)
[2014-04-02] gtkpod REMOVED from testing (Debian testing watch)
[2014-03-31] Accepted gtkpod 2.1.4-2 (source amd64 all) (Matteo F. Vescovi)

bugs [bug history graph]

all: 9
RC: 0
I&N: 7
M&W: 2
F&P: 0
patch: 0

links

homepage
lintian (0, 10)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 51)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.5-8
49 bugs (2 patches)