svgpp - Debian Package Tracker

general

source: svgpp (main)
version: 1.3.0+dfsg1-4
maintainer: Anton Gladky (DMD)
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-bpo: 1.2.3+dfsg1-3~bpo9+1
oldstable: 1.2.3+dfsg1-6
stable: 1.3.0+dfsg1-4
testing: 1.3.0+dfsg1-4
unstable: 1.3.0+dfsg1-4

versioned links

1.2.3+dfsg1-3~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.3+dfsg1-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.0+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libsvgpp-dev
libsvgpp-doc

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2021-44960: In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.

Created: 2022-07-04 Last update: 2022-08-01 13:40

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2021-44960: In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.

Created: 2022-07-04 Last update: 2022-08-01 13:40

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2022-07-30 12:17

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2023-03-02 Last update: 2023-03-22 07:35

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.3.0+dfsg1-5, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 25f7dcebbf95e69723110f0443cdd369817372c9
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 07:09:42 2023 +0100

    Update changelog.

commit 74723a4087f8f5b36e54bf33707ca6692d1a7c71
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 07:09:14 2023 +0100

    Simplify d/.gitlab-ci.yml

commit cee23bbf0b0f954644a0e7f984acab724b921eb4
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 07:08:36 2023 +0100

    Update changelog.

commit e499e98cb2c84634ea46b4490aa15d3f098221ce
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 07:07:39 2023 +0100

    Set versioned depends on libagg. CVE-2019-6245, CVE-2019-6247

commit a3f3ab267495aef77fc1f80b6ec24fd2473d736f
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 06:55:44 2023 +0100

    d/control: set Standards-Version to 4.6.2

commit 0349bf0b1315813e62ad1cefcd68ba6a21880748
Author: Anton Gladky <gladk@debian.org>
Date:   Wed Mar 22 06:54:56 2023 +0100

    CVE-2021-44960: fix XMLDocument::getRoot function. (Closes: #1014599)

commit a6a4b3c7a9e0a76f6b677155bad007e5ef7ad243
Merge: ce80c3f f2e4186
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Sun Nov 27 14:24:36 2022 +0000

    Merge branch 'multiarch-fixes' into 'master'
    
    Apply hints suggested by the multi-arch hinter
    
    See merge request debian/svgpp!1

commit f2e41860642e0822cc3c311eac5bb75eb6a868c0
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Nov 25 19:36:03 2022 +0000

    Apply multi-arch hints.
    + libsvgpp-doc: Add Multi-Arch: foreign.
    
    Changes-By: apply-multiarch-hints

Created: 2022-11-27 Last update: 2023-03-22 07:22

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

libsvgpp-doc could be marked Multi-Arch: foreign

Created: 2022-11-11 Last update: 2023-03-22 07:35

debian/patches: 3 patches to forward upstream low

Among the 3 debian patches available in version 1.3.0+dfsg1-4 of the package, we noticed the following issues:

3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-02-27 20:59

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-44960: (needs triaging) In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.5.0).

Created: 2020-11-17 Last update: 2022-12-17 19:18

news

[rss feed]

[2020-12-22] svgpp 1.3.0+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2020-12-16] Accepted svgpp 1.3.0+dfsg1-4 (source) into unstable (Anton Gladky)
[2020-11-16] svgpp 1.3.0+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2020-11-11] svgpp 1.3.0+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2020-11-10] Accepted svgpp 1.3.0+dfsg1-3 (source) into unstable (Anton Gladky)
[2020-11-05] Accepted svgpp 1.3.0+dfsg1-2 (source) into unstable (Anton Gladky)
[2020-06-15] svgpp 1.3.0+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2020-06-13] Accepted svgpp 1.3.0+dfsg1-1 (source) into unstable (Anton Gladky)
[2019-02-08] svgpp 1.2.3+dfsg1-6 MIGRATED to testing (Debian testing watch)
[2019-02-01] Accepted svgpp 1.2.3+dfsg1-6 (source) into unstable (Anton Gladky)
[2019-01-26] svgpp 1.2.3+dfsg1-5 MIGRATED to testing (Debian testing watch)
[2019-01-23] Accepted svgpp 1.2.3+dfsg1-5 (source) into unstable (Anton Gladky)
[2019-01-21] Accepted svgpp 1.2.3+dfsg1-4 (source) into unstable (Anton Gladky)
[2017-11-11] Accepted svgpp 1.2.3+dfsg1-3~bpo9+1 (source all) into stretch-backports, stretch-backports (Anton Gladky)
[2017-10-26] svgpp 1.2.3+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2017-09-21] Accepted svgpp 1.2.3+dfsg1-3 (source) into unstable (Anton Gladky)
[2017-09-06] svgpp 1.2.3+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2017-08-31] Accepted svgpp 1.2.3+dfsg1-2 (source) into unstable (Anton Gladky)
[2017-08-30] Accepted svgpp 1.2.3+dfsg1-1 (source amd64 all) into unstable, unstable (Anton Gladky)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (1, 0)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.3.0+dfsg1-3ubuntu2
patches for 1.3.0+dfsg1-3ubuntu2