libmad (0.15.1b-9) unstable; urgency=high * Properly check the size of the main data. The previous patch only checked that it could fit in the buffer, but didn't ensure there was actually enough room free in the buffer. This was assigned both CVE-2017-8372 and CVE-2017-8373, but they are really the same, just a different way to detect it. (Closes: #287519) * Rewrite patch to check the size of buffer. It now checks it before reading it instead of afterwards checking that we did read too much. This now also covers parsing the frame and layer3, not just layer 1 and 2. This was original reported in #508133. CVE-2017-8374 mentions a case in layer 3. -- Kurt Roeckx Sun, 28 Jan 2018 16:28:46 +0100 libmad (0.15.1b-8.1) unstable; urgency=medium * Non-maintainer upload. * Remove Clément Stenac from Uploaders (Closes: #868708) [ Helmut Grohne ] * Move mad.pc to a multiarch location. (Closes: #850461) -- Manuel A. Fernandez Montecelo Tue, 31 Oct 2017 22:16:36 +0100 libmad (0.15.1b-8) unstable; urgency=low * Add multiarch support. (Closes: #653676) Patch by Steve Langasek * Use dh-autoreconf to update libtool so that it works on x32 (Closes: #700437) -- Kurt Roeckx Mon, 20 May 2013 18:02:18 +0200 libmad (0.15.1b-7) unstable; urgency=low * Fix arm's MAD_F_MLN thumb case causing problems on arhmf. Patch by Dave Martin (Closes: #656814) * Add ${misc:Depends} to the Depends. -- Kurt Roeckx Sun, 22 Jan 2012 23:02:29 +0100 libmad (0.15.1b-6) unstable; urgency=low [ Konstantinos Margaritis ] * Add support for armhf (Closes: #596936) - libmad.thumb.diff: use "adr" instead of "add" to make code ready for thumb2 - Provide-Thumb-2-alternative-code-for-MAD_F_MLN.diff: fix another ftbfs with thumb2 as "rsc" doesnt exist anymore - thanks to Dave Martin for this patch -- Kurt Roeckx Tue, 29 Mar 2011 22:26:22 +0200 libmad (0.15.1b-5) unstable; urgency=low * gcc-4.4 removed an assembler constraint on mips/mipsel. Use the new way of doing it. (Closes: #568418) -- Kurt Roeckx Fri, 19 Feb 2010 20:51:00 +0100 libmad (0.15.1b-4) unstable; urgency=low * On an invalid mpeg file we can go past the end of the buffer. (Closes: #508133) -- Kurt Roeckx Tue, 23 Dec 2008 21:38:34 +0100 libmad (0.15.1b-3) unstable; urgency=low * Acknowledge NMU * Use DEB_DH_MAKESHLIBS_ARGS_libmad0 instead to set shlibs. * Update Clément Stenac's email address to use zorglub@debian.org * Add build dependency on autotools-dev, quilt * Don't use -O plus some other -f options, just use -O2. (Closes: #415279) * Use the 64bit fixed point math on amd64 to have a higher quality output than the default. (Closes: #465438) * Bump shlibs since it changes the size of mad_build on amd64. * Add compat file, level 5. Change build dependency of debhelper to 5. * Don't set -lm in the mad.pc file. libmad doesn't use any math function. * Remove libmad0 Depends on pkg-config. * Change to Standards-Version 3.7.3: - Change ${Source-Version} into ${binary:Version} -- Kurt Roeckx Sat, 15 Mar 2008 13:51:31 +0000 libmad (0.15.1b-2.1) unstable; urgency=high * Non-maintainer upload, not targetted for Sarge. * Urgency high because this is generating uploads with broken depends that may be propagating to testing (see #311488). * debian/rules: set DEB_DH_MAKESHLIBS_ARGS_ALL = -V 'libmad0 (>= 0.15.1b)' to restore the updated shlibs lost in the switch to CDBS (closes: #310311). -- Jordi Mallach Wed, 1 Jun 2005 17:12:24 +0200 libmad (0.15.1b-2) unstable; urgency=low * Sam Clegg : * debian/control: update Maintainer: and Uploaders: (closes: #300097) * debian/rules: convert to CDBS * debian/control: build-depend on debhelper >= 4.1.0 * debian/libmad0.postinst: removed since debhelper runs ldconfig for us. * debian/libmad0*.files: removed; use dh_install instead. * Clément Stenac : * Better copyright file * Kurt Roeckx * Add watch file. -- Sam Clegg Sun, 8 May 2005 18:59:49 +0100 libmad (0.15.1b-1.1) unstable; urgency=low * Orphaning this package, setting maintainer to QA. -- Kyle McMartin Thu, 17 Mar 2005 10:59:11 -0500 libmad (0.15.1b-1) unstable; urgency=low * New upstream version. (closes: #252902) * Removed TODO from installed documentation. * Added minimad.c to the libmad0-dev documentation. Thanks to Mario Lang for the patch. (closes: #249067) -- Kyle McMartin Sat, 5 Jun 2004 18:52:00 -0400 libmad (0.15.0b-3) unstable; urgency=low * Updated section from devel to libdevel as per mail. -- Kyle McMartin Tue, 21 Oct 2003 22:40:08 -0400 libmad (0.15.0b-2) unstable; urgency=low * Updated pkgconfig Version entry for mad (closes: #203656) -- Kyle McMartin Tue, 21 Oct 2003 22:09:04 -0400 libmad (0.15.0b-1) unstable; urgency=low * New upstream version(s). * Split package into each library, as upstream has done. -- Kyle McMartin Sat, 21 Jun 2003 14:21:42 -0400 mad (0.14.2b-7) unstable; urgency=low * Clean up some lintian warnings. * Fixed id3tag.pc, accidently had -L instead of -I. -- Kyle McMartin Tue, 28 Jan 2003 09:45:02 -0500 mad (0.14.2b-6) unstable; urgency=medium * Updated config.* (closes: #168663) -- Kyle McMartin Thu, 14 Nov 2002 18:41:29 -0500 mad (0.14.2b-5) unstable; urgency=medium * Added build-dep on libesd0-dev, this should fix some problems people have been having when using esd as the output device... (closes: #150823) -- Kyle McMartin Wed, 06 Nov 2002 18:20:18 -0500 mad (0.14.2b-4) unstable; urgency=low * added pkgconfig entry, and dependancy on pkg-config. (closes: #144481) -- Kyle McMartin Mon, 05 Aug 2002 14:37:00 -0400 mad (0.14.2b-3) unstable; urgency=high * updated libid3tag0-dev depends to account for zlib1g-dev (closes: #142611) -- Kyle McMartin Thu, 18 Apr 2002 19:37:00 -0500 mad (0.14.2b-2) unstable; urgency=high * fix for the shlibs rc bug (closes: #136196) -- Kyle McMartin Thu, 28 Feb 2002 18:21:40 -0500 mad (0.14.2b-1) unstable; urgency=low * new upstream version * new maintainer * new version fixes enum (closes: #129178) * closing old fixed bug [missing symlink to libmad.so.0] (closes: #119350) -- Kyle McMartin Wed, 16 Jan 2002 22:09:58 -0500 mad (0.14.1b-4) unstable; urgency=low * yet another stupid maintainer mistakes release * fix the call to dh_makeshlibs, I neglected to add proper arguments for the new libid3tag0 library (closes: #119146) * now that the shlibs are sorted out, madplay will have the correct depends (closes: #119792) -- Sean 'Shaleh' Perry Thu, 15 Nov 2001 22:11:24 -0800 mad (0.14.1b-3) unstable; urgency=medium * duh, id3tag's headers ended up in libmad-dev. Closes: #118625. -- Sean 'Shaleh' Perry Wed, 7 Nov 2001 13:45:53 -0800 mad (0.14.1b-2) unstable; urgency=medium * Added versioned depends info for piecemeal updaters. (Closes: #117646) -- Sean 'Shaleh' Perry Wed, 7 Nov 2001 08:10:42 -0800 mad (0.14.1b-1) unstable; urgency=low * reverted package name to libmad0(-dev). The upstream fixed it's SONAME issues, yay. * added libid3tag(-dev), the upstream now supports the installation of this as a separate entity (closes: #116321) * -dev packages are now in Section: devel (closes: #116710) * supports DEB_BUILD_OPTIONS for debug (closes: #104013) -- Sean 'Shaleh' Perry Tue, 23 Oct 2001 11:08:53 -0700 mad (0.14.0b-3) unstable; urgency=low * added a conflicts on libmad0 to the lib and -dev packages, closes: #116581 * updated config.{sub,guess}, closes: #116577 -- Sean 'Shaleh' Perry Sun, 21 Oct 2001 16:26:39 -0700 mad (0.14.0b-2) unstable; urgency=low * D'oh, not binary compatible. The every changing SONAME problem. * chnaged library package name to match SONAME. This is horrible because now I have to change the package name for every release. However there is no alternative. closes: 116305. -- Sean 'Shaleh' Perry Fri, 19 Oct 2001 14:30:29 -0700 mad (0.14.0b-1) unstable; urgency=low * New upstream release * source now build-depends on zlib -- Sean 'Shaleh' Perry Thu, 18 Oct 2001 21:59:28 -0700 mad (0.13.0b-2.1) unstable; urgency=low * Run libtoolize to get support for new architectures. Closes: #96616 -- LaMont Jones Mon, 9 Jul 2001 21:39:34 -0600 mad (0.13.0b-2) unstable; urgency=low * Now build-depend on gettext (closes: #94964) -- Sean 'Shaleh' Perry Mon, 23 Apr 2001 11:29:21 -0700 mad (0.13.0b-1) unstable; urgency=low * new upstream release * manpage cleaned up, Closes: #87165 -- Sean 'Shaleh' Perry Wed, 11 Apr 2001 18:40:08 -0700 mad (0.12.5b-1) unstable; urgency=low * New upstream, closes: #92825 * updated upstream changelog -- Sean 'Shaleh' Perry Tue, 3 Apr 2001 15:11:05 -0700 mad (0.12.4b-1) unstable; urgency=low * New upstream version -- Sean 'Shaleh' Perry Mon, 12 Feb 2001 14:16:21 -0800 mad (0.12.3b-2) unstable; urgency=low * Oops, wrong section * left off the Closes: #84103 -- Sean 'Shaleh' Perry Thu, 8 Feb 2001 12:17:12 -0800 mad (0.12.3b-1) unstable; urgency=low * New upstream version * added a madplay package -- Sean 'Shaleh' Perry Wed, 7 Feb 2001 12:04:28 -0800 mad (0.11.4b-1) unstable; urgency=low * New upstream release * added libmad0 package containing the shared library -- Sean 'Shaleh' Perry Mon, 2 Oct 2000 17:38:01 -0700 mad (0.11.0b-0) unstable; urgency=low * New upstream release -- Sean 'Shaleh' Perry Mon, 5 Jun 2000 14:25:39 -0700 mad (0.10.3b-0) unstable; urgency=low * New upstream release -- Sean 'Shaleh' Perry Thu, 1 Jun 2000 15:05:02 -0700 mad (0.10.2b-0) unstable; urgency=low * Initial Release. -- Sean 'Shaleh' Perry Tue, 23 May 2000 12:25:00 -0700