Debian Package Tracker

general

source: libcdio (main)
version: 1.0.0-2
maintainer: Debian QA Group [DMD]
arch: any
std-ver: 4.1.1
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.83-4
oldstable: 0.83-4.2
stable: 0.83-4.3
testing: 1.0.0-2
unstable: 1.0.0-2
exp: 2.0.0-1

versioned links

0.83-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.83-4.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.83-4.3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcdio-dev
libcdio-utils
libcdio17
libiso9660-10
libiso9660-dev
libudf-dev
libudf0

action needed

Multiarch hinter reports 1 issue(s) high

There are issues with the multiarch metadata for this package.

libcdio-dev conflicts on 2 files starting with /usr/include/cdio/ on any two of amd64, arm64, armel, armhf, and 6 more

Created: 2017-03-05 Last update: 2018-05-26 02:01

A new upstream version is available: 2.0.0 high

A new upstream version 2.0.0 is available, you should consider packaging it.

Created: 2017-12-14 Last update: 2018-05-26 01:47

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-18201: An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

Please fix it.

Created: 2018-02-27 Last update: 2018-03-18 07:55

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2017-18201: An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

Please fix it.

Created: 2018-02-27 Last update: 2018-03-18 07:55

lintian reports 1 warning high

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2015-03-07 Last update: 2018-01-12 07:40

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2017-08-28 Last update: 2018-05-26 01:59

O: This package has been orphaned and needs a maintainer. normal

This package has been orphaned. This means that it does not have a real maintainer at the moment. Please consider adopting this package if you are interested in it. Please see bug number #881719 for more information.

Created: 2017-12-02 Last update: 2017-12-02 00:26

2 ignored security issues in wheezy low

There are 2 open security issues in wheezy.

2 issues skipped by the security teams:

CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Please fix them.

Created: 2018-02-24 Last update: 2018-03-18 07:55

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Please fix them.

Created: 2018-02-24 Last update: 2018-03-18 07:55

2 ignored security issues in jessie low

There are 2 open security issues in jessie.

2 issues skipped by the security teams:

CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Please fix them.

Created: 2018-02-24 Last update: 2018-03-18 07:55

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.1).

Created: 2017-12-05 Last update: 2018-04-16 20:45

testing migrations

This package will soon be part of the auto-libcdio transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2018-01-30] Accepted libcdio 2.0.0-1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-12-11] libcdio 1.0.0-2 MIGRATED to testing (Debian testing watch)
[2017-12-06] Accepted libcdio 1.0.0-2 (source) into unstable (Matthias Klose)
[2017-12-05] Accepted libcdio 1.0.0-1 (source amd64) into unstable, unstable (Matthias Klose)
[2017-11-20] libcdio 0.94-1 MIGRATED to testing (Debian testing watch)
[2017-11-14] Accepted libcdio 0.94-1 (source) into unstable (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.2 (source amd64) into experimental, experimental (Matthias Klose)
[2017-10-27] Accepted libcdio 0.94-0.1 (source amd64) into experimental, experimental (Matthias Klose)
[2017-02-08] libcdio 0.83-4.3 MIGRATED to testing (Debian testing watch)
[2017-01-28] Accepted libcdio 0.83-4.3 (source amd64) into unstable (Steve McIntyre)
[2014-09-12] libcdio 0.83-4.2 MIGRATED to testing (Britney)
[2014-09-01] Accepted libcdio 0.83-4.2 (source ppc64el) into unstable (Andreas Barth)
[2014-08-24] Accepted libcdio 0.92-2 (source i386) into experimental (Nicolas Boullis)
[2014-08-24] Accepted libcdio 0.92-1 (source i386) into experimental, experimental (Nicolas Boullis)
[2013-11-30] libcdio 0.83-4.1 MIGRATED to testing (Debian testing watch)
[2013-11-19] Accepted libcdio 0.83-4.1 (source i386) (Colin Watson)
[2012-06-25] libcdio 0.83-4 MIGRATED to testing (Debian testing watch)
[2012-06-14] Accepted libcdio 0.83-4 (source powerpc) (Nicolas Boullis)
[2012-03-13] Accepted libcdio 0.83-3 (source i386) (Nicolas Boullis)
[2012-02-19] Accepted libcdio 0.83-2 (source i386) (Nicolas Boullis)
[2012-01-08] libcdio 0.81-5 MIGRATED to testing (Debian testing watch)
[2011-12-30] Accepted libcdio 0.83-1 (source i386) (Nicolas Boullis)
[2011-12-29] Accepted libcdio 0.81-5 (source i386) (Nicolas Boullis)
[2011-10-20] libcdio 0.81-4.1 MIGRATED to testing (Debian testing watch)
[2011-10-09] Accepted libcdio 0.81-4.1 (source amd64) (Regis Boudin)
[2009-08-24] libcdio 0.81-4 MIGRATED to testing (Debian testing watch)
[2009-07-05] Accepted libcdio 0.81-4 (source i386 sparc powerpc) (Nicolas Boullis)
[2009-06-19] Accepted libcdio 0.81-3 (source powerpc) (Nicolas Boullis)
[2009-06-18] Accepted libcdio 0.81-2 (source i386 powerpc) (Nicolas Boullis)
[2009-06-14] Accepted libcdio 0.81-1 (source i386 powerpc) (Nicolas Boullis)

bugs [bug history graph]

all: 8
RC: 0
I&N: 6
M&W: 2
F&P: 0

links

homepage
lintian (0, 1)
buildd: logs, exp, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.0.0-2ubuntu3
4 bugs
patches for 1.0.0-2ubuntu3