Debian Package Tracker

general

source: libcdio (main)
version: 2.0.0-2
maintainer: Debian QA Group [DMD]
arch: any
std-ver: 4.1.4
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.83-4
oldstable: 0.83-4.2
stable: 0.83-4.3
testing: 2.0.0-2
unstable: 2.0.0-2

versioned links

0.83-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.83-4.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.83-4.3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcdio-dev
libcdio-utils
libcdio18
libiso9660-11
libiso9660-dev
libudf-dev
libudf0

action needed

Multiarch hinter reports 1 issue(s) high

There are issues with the multiarch metadata for this package.

libcdio-dev conflicts on 2 files starting with /usr/include/cdio/ on any two of amd64, arm64, armel, armhf, and 6 more

Created: 2017-03-05 Last update: 2018-12-09 20:04

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2017-18201: An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

Please fix it.

Created: 2018-02-27 Last update: 2018-06-20 08:14

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-18201: An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

Please fix it.

Created: 2018-02-27 Last update: 2018-06-20 08:14

lintian reports 2 warnings high

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2015-03-07 Last update: 2018-06-16 07:45

Depends on packages which need a new maintainer normal

The packages that libcdio depends on which need a new maintainer are:

popt (#889307)
- Build-Depends: libpopt-dev

Created: 2018-10-05 Last update: 2018-12-09 18:53

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2017-08-28 Last update: 2018-12-09 15:45

O: This package has been orphaned and needs a maintainer. normal

This package has been orphaned. This means that it does not have a real maintainer at the moment. Please consider adopting this package if you are interested in it. Please see bug number #881719 for more information.

Created: 2017-12-02 Last update: 2017-12-02 00:26

2 ignored security issues in jessie low

There are 2 open security issues in jessie.

2 issues skipped by the security teams:

CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.

Please fix them.

Created: 2018-02-24 Last update: 2018-06-20 08:14

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.

Please fix them.

Created: 2018-02-24 Last update: 2018-06-20 08:14

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.4).

Created: 2018-08-20 Last update: 2018-08-26 08:17

news

[rss feed]

[2018-06-20] libcdio 2.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-06-20] libcdio 2.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-06-14] Accepted libcdio 2.0.0-2 (source) into unstable (Matthias Klose)
[2018-01-30] Accepted libcdio 2.0.0-1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-12-11] libcdio 1.0.0-2 MIGRATED to testing (Debian testing watch)
[2017-12-06] Accepted libcdio 1.0.0-2 (source) into unstable (Matthias Klose)
[2017-12-05] Accepted libcdio 1.0.0-1 (source amd64) into unstable, unstable (Matthias Klose)
[2017-11-20] libcdio 0.94-1 MIGRATED to testing (Debian testing watch)
[2017-11-14] Accepted libcdio 0.94-1 (source) into unstable (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.2 (source amd64) into experimental, experimental (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-02-08] libcdio 0.83-4.3 MIGRATED to testing (Debian testing watch)
[2017-01-28] Accepted libcdio 0.83-4.3 (source amd64) into unstable (Steve McIntyre)
[2014-09-12] libcdio 0.83-4.2 MIGRATED to testing (Britney)
[2014-09-01] Accepted libcdio 0.83-4.2 (source ppc64el) into unstable (Andreas Barth)
[2014-08-24] Accepted libcdio 0.92-2 (source i386) into experimental (Nicolas Boullis)
[2014-08-24] Accepted libcdio 0.92-1 (source i386) into experimental, experimental (Nicolas Boullis)
[2013-11-30] libcdio 0.83-4.1 MIGRATED to testing (Debian testing watch)
[2013-11-19] Accepted libcdio 0.83-4.1 (source i386) (Colin Watson)
[2012-06-25] libcdio 0.83-4 MIGRATED to testing (Debian testing watch)
[2012-06-14] Accepted libcdio 0.83-4 (source powerpc) (Nicolas Boullis)
[2012-03-13] Accepted libcdio 0.83-3 (source i386) (Nicolas Boullis)
[2012-02-19] Accepted libcdio 0.83-2 (source i386) (Nicolas Boullis)
[2012-01-08] libcdio 0.81-5 MIGRATED to testing (Debian testing watch)
[2011-12-30] Accepted libcdio 0.83-1 (source i386) (Nicolas Boullis)
[2011-12-29] Accepted libcdio 0.81-5 (source i386) (Nicolas Boullis)
[2011-10-20] libcdio 0.81-4.1 MIGRATED to testing (Debian testing watch)
[2011-10-09] Accepted libcdio 0.81-4.1 (source amd64) (Regis Boudin)
[2009-08-24] libcdio 0.81-4 MIGRATED to testing (Debian testing watch)
[2009-07-05] Accepted libcdio 0.81-4 (source i386 sparc powerpc) (Nicolas Boullis)

bugs [bug history graph]

all: 8
RC: 0
I&N: 6
M&W: 2
F&P: 0
patch: 0

links

homepage
lintian (0, 2)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.0.0-2
3 bugs