libcdio - Debian Package Tracker

general

source: libcdio (main)
version: 2.1.0-5
maintainer: Gabriel F. T. Gomes (DMD)
arch: any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0.0-2
oldstable: 2.1.0-2
stable: 2.1.0-4
testing: 2.1.0-4.2
unstable: 2.1.0-5

versioned links

2.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-4.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcdio++-dev
libcdio++1t64
libcdio-dev (2 bugs: 0, 1, 1, 0)
libcdio-utils
libcdio19t64
libiso9660++-dev
libiso9660++0t64
libiso9660-11t64
libiso9660-dev
libudf-dev
libudf0t64

action needed

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.2.0-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 1defea34527e795537d1cd16e4bb0be1bca1738d
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sun Jan 19 19:52:51 2025 -0800

    Depend on pkgconf instead of pkg-config (lintian)

commit 606465e8aea6384788720026b2aa25bcd4001334
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sun Jan 19 18:47:38 2025 -0800

    Package name changes due to soname bump
    
    Upstream version 2.2.0 bumped the SONAME on libiso9660 and libiso9660++
    due to an ABI break. This patch updates the names of the binary
    packages. Since the previous packages had undergone the 64-bits time_t
    transition, they had the 't64' suffix, as well as several control fields
    to Break, Replace, and Provide the new packages. After the SONAME bump,
    the suffix, as well as the fields must be dropped, as explained by
    Steve Langasek (RIP).
    
    [1] https://lists.debian.org/debian-devel/2023/05/msg00168.html

commit d7daabdb122cced878356388f9832fb7001521c3
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sun Jan 19 12:33:59 2025 -0800

    Upstream changelog review
    
        IMPORTANT - Changes required in Debian:
            * API change: Rename some fields in ecma_167.h from integer (prefix i_) to unsigned (prefix u_) to actually match their type
            * ABI change: Add u_su_fields to the end of iso_rock_statbuf_t
            * ABI change: Add total_size in the middle of iso9660_stat_t
    
        IMPORTANT - No changes required in Debian:
            * Allow for DO_NOT_WANT_COMPATIBILITY macro in config.h to disable APIs that are being retired.
            + Verified that Debian does not set this variable.
    
        INFO - Bug fixes and new features.
            * More checks of potentially NULL buffers. More malloc()/calloc() result checks.
            * Enforce non-widestring ("A" suffixed) calls when we pass char* parameters. (Pete Batard)
            * Use widestring API calls unless otherwise specified.
            * Remove a deprecation warning of the declaration of is_cdrom_aspi() and GetVersion(). (Pete Batard)
            * Count empty fields as tracks. (John Ernberg)
            * Add some validity checks to enhance security. (Mansour Gashasbi)
            * Add support for ISO9660 multi extent files. (Pete Batard)
            * Fix Recognition of multi-extent in ISO9660 when Joliet is present. (Thomas Schmitt)
            * Use getmntent/setmntent for reading mounts. (Miguel Borges de Freitas)
            * Use GNU/Linux new ioctl on kernel v5.16 or newer. (Lukas Prediger)
            * Use "%s"-style format in cdda-player.c: to make it catch cases when user input is used in place of format. (Sergei Trofimovich)
            * Remove some memory leaks in C++ code. (Thomas Schmitt)
            * Add Rock Ridge deep directory support. (Pete Batard)
            * Fix and clean up various Rock Ridge issues and adjust tests. (Pete Batard)
            * Fix double reporting of sizes in cd-info.c. (Pete Batard)
            * CD-Text character set interpretation more tolerant of bad input. Savannah bug 53929.
            * Remove homegrown boolean type in favor of <stdbool.h>. (Thomas Schmitt)
            * Improve pkg-config configuration detection (Lars Wendler)
    
        INFO - Code hosting information:
            * Move to github (rocky)
            * Add github CI checks. (Pete Batard)
    
        NOT APPLICABLE TO DEBIAN - Other OS information:
            * Updates for compiling on MSVC. (Pete Batard)
            * Fix win32 implementation of .get_track_msf() for CD with first track number > 1 (Thomas Schmitt)
            * Fix testing on Windows and remove compilation warnings. (Pete Batard)
            * Fix crash reading CD TOC on macOS Ventura. (Robert Kausch)
            * Update freedb references to GnuDB. (Robert Kausch)
            * Fix charset check in Windows cdio_charset_from_utf8 implementation. (Robert Kausch)
            * Add support for reading CD-Text on macOS and Windows (Robert Kausch)

commit 393b1780f76ea09b4317dbbb5bbd34913f556470
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sun Jan 19 12:28:50 2025 -0800

    Update list of upstream README files

commit 309e6b2de6b2199a38a3cd7ef32bbb1cccac148f
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sun Jan 19 12:28:22 2025 -0800

    Fix build issues after update to new upstream version

commit b706cf108551dc1a428763505b9e27097c44c4f1
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 19:35:39 2025 -0800

    Remove the remaining CVE fix
    
    The last CVE fix does not fix the overflow issue. It is an optimization
    to bypass some checks on some cases and cosmetic fixes to whitespace and
    indentation.
    
    This patch drops the fix, since upstream did not integrate it.

commit e9d6c955ab7d07fb583db1ae6fdf0a4af99dd4be
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 19:16:52 2025 -0800

    Drop CVE patches already integrated upstream
    
    Upstream commit IDs:
    
        * 02c5ce94a0a6fc6faaedcb69bf6469c616727050
        * bd2f10dc0b9504318c097bf16466d421acd3489d
        * 1919a84fb28414a551e049194499da33e38aa506
        * bf22730722fcacd53288a29dc77a8430337de0e9
        * 455b6982a007f04e1d81d8a1a97e7ca9b0a2e170
        * a2e936a1dae15a45cd7cfe0c8e8eade2775633a0

commit f3231747c43ee9b83f57c862ca948f265d08ce69
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 19:04:34 2025 -0800

    Drop downstream patches already integrated upstream
    
    Upstream commit IDs:
    
        * c33133ce8bf2884f59eab8663514c1986613af22
        * 2adb43c60afc6e98e94d86dad9f93d3df52862b1
        * 56335fff0f21d294cd0e478d49542a43e9495ed0
        * 0d550dc9307901edd817333a5b530241d08ad889

commit 4c154df9d2d37ae80c08b7c218f503b166af9ffa
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 18:41:27 2025 -0800

    Bump upstream version in the changelog

commit 96d8d375ea85540e29f2192506921fa4580fe6a0
Merge: b4d1afa 1063811
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 18:39:36 2025 -0800

    Update upstream source from tag 'upstream/2.2.0'
    
    Update to upstream version '2.2.0'
    with Debian dir 30ff27271f9c69762cbcaff247fabdd145e08499

commit 1063811e995d50d09d0ddee75e521cd9853d5510
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 18:39:33 2025 -0800

    New upstream version 2.2.0

commit b4d1afa235db2035efe3b181261e8ab68dc29506
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 18:26:22 2025 -0800

    Update watch file to github (from savannah)
    
    Upstream moved their releases from savannah (ftp.gnu.org) to github
    (github.com), as reported on the mailing list[1], and in the 2.2.0
    release email[2].
    
    This patch updates the watch file to fetch new versions from the main
    release archive (github).
    
    [1] https://lists.gnu.org/archive/html/libcdio-devel/2024-09/msg00011.html
    [2] https://lists.gnu.org/archive/html/libcdio-devel/2025-01/msg00003.html

commit 6ad2f14a6e348323e184340ac1e3fd3644101b66
Author: Gabriel F. T. Gomes <gabriel@debian.org>
Date:   Sat Jan 18 18:06:19 2025 -0800

    Open master branch for development
    
    Patch generated with:
    
        debchange --increment --urgency low

Created: 2020-12-15 Last update: 2025-01-20 04:53

debian/patches: 13 patches to forward upstream low

Among the 13 debian patches available in version 2.1.0-5 of the package, we noticed the following issues:

13 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-01-19 14:30

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.0 instead of 4.6.1).

Created: 2020-11-17 Last update: 2025-01-19 11:00

testing migrations

excuses:
- Migration status for libcdio (2.1.0-4.2 to 2.1.0-5): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Too young, only 1 of 5 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/libc/libcdio.html
- ∙ ∙ Reproducible on amd64 - info ♻
- ∙ ∙ Reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ Waiting for reproducibility test results on i386 - info ♻
- Not considered

news

[rss feed]

[2025-01-19] Accepted libcdio 2.1.0-5 (source) into unstable (Gabriel F. T. Gomes)
[2024-04-25] libcdio 2.1.0-4.2 MIGRATED to testing (Debian testing watch)
[2024-04-12] Accepted libcdio 2.1.0-4.2 (source) into unstable (Sebastian Ramacher)
[2024-02-29] Accepted libcdio 2.1.0-4.1 (source) into unstable (Lukas Märdian)
[2024-01-31] Accepted libcdio 2.1.0-4.1~exp1 (source) into experimental (Steve Langasek)
[2022-10-02] libcdio 2.1.0-4 MIGRATED to testing (Debian testing watch)
[2022-09-27] Accepted libcdio 2.1.0-4 (source) into unstable (Gabriel F. T. Gomes)
[2021-11-08] libcdio 2.1.0-3 MIGRATED to testing (Debian testing watch)
[2021-11-02] Accepted libcdio 2.1.0-3 (source) into unstable (Gabriel F. T. Gomes)
[2021-05-26] Accepted libcdio 2.1.0-2~bpo10+1 (source amd64) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Mattia Rizzolo)
[2020-08-18] libcdio 2.1.0-2 MIGRATED to testing (Debian testing watch)
[2020-08-12] Accepted libcdio 2.1.0-2 (source) into unstable (Gabriel F. T. Gomes)
[2020-07-13] Accepted libcdio 2.1.0-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Gabriel F. T. Gomes)
[2018-06-20] libcdio 2.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-06-14] Accepted libcdio 2.0.0-2 (source) into unstable (Matthias Klose)
[2018-01-30] Accepted libcdio 2.0.0-1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-12-11] libcdio 1.0.0-2 MIGRATED to testing (Debian testing watch)
[2017-12-06] Accepted libcdio 1.0.0-2 (source) into unstable (Matthias Klose)
[2017-12-05] Accepted libcdio 1.0.0-1 (source amd64) into unstable, unstable (Matthias Klose)
[2017-11-20] libcdio 0.94-1 MIGRATED to testing (Debian testing watch)
[2017-11-14] Accepted libcdio 0.94-1 (source) into unstable (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.2 (source amd64) into experimental, experimental (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-02-08] libcdio 0.83-4.3 MIGRATED to testing (Debian testing watch)
[2017-01-28] Accepted libcdio 0.83-4.3 (source amd64) into unstable (Steve McIntyre)
[2014-09-12] libcdio 0.83-4.2 MIGRATED to testing (Britney)
[2014-09-01] Accepted libcdio 0.83-4.2 (source ppc64el) into unstable (Andreas Barth)
[2014-08-24] Accepted libcdio 0.92-2 (source i386) into experimental (Nicolas Boullis)
[2014-08-24] Accepted libcdio 0.92-1 (source i386) into experimental, experimental (Nicolas Boullis)
[2013-11-30] libcdio 0.83-4.1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 7
RC: 0
I&N: 5
M&W: 2
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.0-4.2ubuntu1
5 bugs
patches for 2.1.0-4.2ubuntu1