libde265 (1.0.9-1.1)
[PTS] [DDPO]
COMMITS: VCS has seen 8 commits since the debian/1.0.9-1 tag
- Git: https://salsa.debian.org/multimedia-team/libde265.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 4599808
- Browser: https://salsa.debian.org/multimedia-team/libde265
- Last scan: 2023-01-22 16:03:01+00
- Next scan: 2023-01-28 06:27:00+00
- Debian changelog in Git:
libde265 (1.0.9-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Apply patches to mitigate asan failures:
reject_reference_pics_from_different_sps.patch and
use_sps_from_the_image.patch.
* Combined, this two patches fixes:
- CVE-2022-43243, CVE-2022-43248, CVE-2022-43253 (Closes: #1025816)
- CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238,
CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242,
CVE-2022-43244, CVE-2022-43250, CVE-2022-43252 (Closes: #1027179)
- CVE-2022-47655
* Additional patch recycle_sps_if_possible.patch to avoid over-rejecting
valid video streams due to reject_reference_pics_from_different_sps.patch.
* Modifying past changelog entries to indicate when vulnerabilities were
fixed:
- In 1.0.9-1, in total 11 CVE's. see #1004963 and #1014999
- In 1.0.3-1, 1 CVE, see #1029396
* drop unused Build-Depends: libjpeg-dev, libpng-dev and libxv-dev
(Closes: #981260)
-- Tobias Frost <tobi@debian.org> Sun, 22 Jan 2023 13:19:20 +0100
- This branch is 8 commits ahead of tag debian/1.0.9-1
- Git log:
commit 6348bc9c4e0ba7a8de24873706fca067f6966f33
Merge: 1e8445e d608dfd
Author: Sebastian Ramacher <sramacher@debian.org>
Date: Sun Jan 22 13:46:45 2023 +0000
Merge branch 'tobi_NMU_15_CVE' into 'master'
Tobi nmu 15 cve
See merge request multimedia-team/libde265!3
commit d608dfd934948b226c127f0a49a12aeedf4242bd
Author: Tobias Frost <tobi@debian.org>
Date: Sun Jan 22 13:26:25 2023 +0100
Make my patch less noisy.
commit ae4dc960bf4781103dd9cf51eb90882e28b75e15
Author: Tobias Frost <tobi@debian.org>
Date: Sun Jan 22 13:19:33 2023 +0100
Touch changelog.
commit 7ca2c432e2dd3ed5b346e64ed3abeda0dfbb4c79
Author: Tobias Frost <tobi@debian.org>
Date: Sun Jan 22 13:09:15 2023 +0100
drop unused Build-Depends: libjpeg-dev, libpng-dev and libxv-dev, Closes: #981260
commit 6b216650c91f3dcc1529991d8504ba08073bb3a6
Author: Tobias Frost <tobi@debian.org>
Date: Sun Jan 22 12:37:02 2023 +0100
Add more CVE references to the changelog.
commit 47407ace0b37d53e59f2ef894917d4415e004207
Author: Tobias Frost <tobi@debian.org>
Date: Sun Jan 22 09:39:10 2023 +0100
Add notations which CVEs where fixed with 1.0.9-1, see #1004963 for details.
commit 7586408092d3d047e334550298e9a5e943255e9b
Author: Tobias Frost <tobi@debian.org>
Date: Sat Jan 21 18:02:23 2023 +0100
Enable salsa cI.
commit 01e1b8d4637dd4859e96020f2ce664c4b789dad5
Author: Tobias Frost <tobi@debian.org>
Date: Sat Jan 21 17:58:53 2023 +0100
Try to fix 15 CVE's