libmad (0.15.1b-9ubuntu16.04.1) xenial-security; urgency=medium * Merge from Debian testing, remaining changes: - Disable architecture specific optimisations on ARM, as there is a bug in this codepath which causes segfaults, and the assembler is very old (likely bitrotted). (LP: #989846) -- Mike Salvatore Thu, 25 Oct 2018 10:47:07 -0400 libmad (0.15.1b-9) unstable; urgency=high * Properly check the size of the main data. The previous patch only checked that it could fit in the buffer, but didn't ensure there was actually enough room free in the buffer. This was assigned both CVE-2017-8372 and CVE-2017-8373, but they are really the same, just a different way to detect it. (Closes: #287519) * Rewrite patch to check the size of buffer. It now checks it before reading it instead of afterwards checking that we did read too much. This now also covers parsing the frame and layer3, not just layer 1 and 2. This was original reported in #508133. CVE-2017-8374 mentions a case in layer 3. -- Kurt Roeckx Sun, 28 Jan 2018 16:28:46 +0100 libmad (0.15.1b-8.1) unstable; urgency=medium * Non-maintainer upload. * Remove Clément Stenac from Uploaders (Closes: #868708) [ Helmut Grohne ] * Move mad.pc to a multiarch location. (Closes: #850461) -- Manuel A. Fernandez Montecelo Tue, 31 Oct 2017 22:16:36 +0100 libmad (0.15.1b-8ubuntu1) trusty; urgency=low * Merge from Debian testing, remaining changes: - Disable architecture specific optimisations on ARM, as there is a bug in this codepath which causes segfaults, and the assembler is very old (likely bitrotted). (LP: #989846) -- Matthew Fischer Mon, 21 Oct 2013 21:25:24 -0600 libmad (0.15.1b-8) unstable; urgency=low * Add multiarch support. (Closes: #653676) Patch by Steve Langasek * Use dh-autoreconf to update libtool so that it works on x32 (Closes: #700437) -- Kurt Roeckx Mon, 20 May 2013 18:02:18 +0200 libmad (0.15.1b-7ubuntu2) raring; urgency=low * Disable architecture specific optimisations on ARM, as there is a bug in this codepath which causes segfaults, and the assembler is very old (likely bitrotted). (LP: #989846) -- Iain Lane Wed, 12 Dec 2012 12:10:33 +0000 libmad (0.15.1b-7ubuntu1) precise; urgency=low * Merge from Debian testing, remaining changes: - Build for multiarch. - Drop libmad.la, no longer needed. - Drop redundant build target in debian/rules that ignores all the cdbs autotools handling. -- Steve Langasek Mon, 06 Feb 2012 12:19:01 -0800 libmad (0.15.1b-7) unstable; urgency=low * Fix arm's MAD_F_MLN thumb case causing problems on arhmf. Patch by Dave Martin (Closes: #656814) * Add ${misc:Depends} to the Depends. -- Kurt Roeckx Sun, 22 Jan 2012 23:02:29 +0100 libmad (0.15.1b-6ubuntu1) precise; urgency=low * Build for multiarch. * Drop libmad.la, no longer needed. * Drop redundant build target in debian/rules that ignores all the cdbs autotools handling. -- Steve Langasek Thu, 29 Dec 2011 22:46:46 -0800 libmad (0.15.1b-6) unstable; urgency=low [ Konstantinos Margaritis ] * Add support for armhf (Closes: #596936) - libmad.thumb.diff: use "adr" instead of "add" to make code ready for thumb2 - Provide-Thumb-2-alternative-code-for-MAD_F_MLN.diff: fix another ftbfs with thumb2 as "rsc" doesnt exist anymore - thanks to Dave Martin for this patch -- Kurt Roeckx Tue, 29 Mar 2011 22:26:22 +0200 # For older changelog entries, run 'apt-get changelog libmad0'