Change log for libcdio package in Ubuntu
1 → 49 of 49 results | First • Previous • Next • Last |
Published in plucky-release |
Published in oracular-release |
Deleted in oracular-proposed (Reason: Moved to oracular) |
libcdio (2.1.0-4.2ubuntu1) oracular; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 01 Jul 2024 14:22:03 +1000
Available diffs
libcdio (2.1.0-4.1ubuntu1.2) noble-security; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 24 Jun 2024 12:34:25 +1000
Available diffs
libcdio (2.1.0-3ubuntu0.2) jammy-security; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 24 Jun 2024 16:01:03 +1000
Available diffs
libcdio (2.0.0-2ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 24 Jun 2024 16:01:37 +1000
Available diffs
libcdio (2.1.0-4ubuntu0.2) mantic-security; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 24 Jun 2024 16:03:01 +1000
Available diffs
libcdio (2.1.0-4.2) unstable; urgency=medium * Non-maintainer upload [ Zixing Liu ] * debian/patches/arm-t64-redirect-fix.patch: Fix implicit declaration after armhf time_t transition. (Closes: #1065778) -- Sebastian Ramacher <email address hidden> Fri, 12 Apr 2024 09:09:50 +0200
Available diffs
Superseded in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
libcdio (2.1.0-4.1ubuntu1) noble; urgency=medium * debian/patches/arm-t64-redirect-fix.patch: Fix implicit declaration after armhf time_t transition. -- Zixing Liu <email address hidden> Wed, 03 Apr 2024 15:15:43 -0600
Available diffs
Superseded in noble-proposed |
libcdio (2.1.0-4.1build1) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 07:45:31 +0000
Available diffs
libcdio (2.1.0-4.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1062245 -- Lukas Märdian <email address hidden> Thu, 29 Feb 2024 10:35:17 +0000
Available diffs
- diff from 2.1.0-4 to 2.1.0-4.1 (3.2 KiB)
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Published in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
libcdio (2.1.0-4) unstable; urgency=medium * Cherry-pick patches from upstream (Closes: #1020431). -- Gabriel F. T. Gomes <email address hidden> Tue, 27 Sep 2022 06:39:42 -0300
Available diffs
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
libcdio (2.1.0-3ubuntu1) kinetic; urgency=medium * Cherry-pick patch to fix build with glibc 2.36 -- Jeremy Bicha <email address hidden> Wed, 21 Sep 2022 12:14:11 -0400
Available diffs
Superseded in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
libcdio (2.1.0-3build1) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 13:10:54 +0100
Available diffs
- diff from 2.1.0-3 (in Debian) to 2.1.0-3build1 (562 bytes)
libcdio (2.1.0-3) unstable; urgency=medium * Fix FTBFS with upstream patch (Closes: #997166). -- Gabriel F. T. Gomes <email address hidden> Tue, 02 Nov 2021 13:37:42 -0300
Available diffs
Superseded in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
Deleted in impish-proposed (Reason: Moved ot jammy) |
libcdio (2.1.0-2build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:14:28 +0200
Available diffs
- diff from 2.1.0-2 (in Debian) to 2.1.0-2build1 (315 bytes)
Superseded in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
libcdio (2.1.0-2) unstable; urgency=medium * Upload to unstable. -- Gabriel F. T. Gomes <email address hidden> Sat, 25 Jul 2020 20:14:10 -0300
Available diffs
- diff from 2.0.0-2 to 2.1.0-2 (89.2 KiB)
Superseded in groovy-release |
Published in focal-release |
Obsolete in eoan-release |
Obsolete in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
libcdio (2.0.0-2) unstable; urgency=medium * Upload to unstable. -- Matthias Klose <email address hidden> Thu, 14 Jun 2018 19:32:26 +0200
Available diffs
- diff from 1.0.0-2ubuntu3 (in Ubuntu) to 2.0.0-2 (67.2 KiB)
- diff from 2.0.0-1 to 2.0.0-2 (428 bytes)
libcdio (1.0.0-2ubuntu3) cosmic; urgency=medium * No-change rebuild for ncurses soname changes. -- Matthias Klose <email address hidden> Thu, 03 May 2018 14:16:30 +0000
Available diffs
- diff from 1.0.0-2ubuntu2 to 1.0.0-2ubuntu3 (334 bytes)
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
libcdio (1.0.0-2ubuntu2) bionic; urgency=medium * debian/patches/fix-more-double-free.patch: fix another double-free in lib/driver/_cdio_generic.c. Closes LP: #1747112. -- Steve Langasek <email address hidden> Sun, 01 Apr 2018 18:36:55 -0700
Available diffs
- diff from 1.0.0-2ubuntu1 to 1.0.0-2ubuntu2 (806 bytes)
libcdio (1.0.0-2ubuntu1) bionic; urgency=medium * SECURITY UPDATE: Double free issue - debian/patches/CVE-2017-18201.patch: removes the double free code in lib/drivers/_cdio_generic.c. - CVE-2017-18201 -- <email address hidden> (Leonidas S. Barbosa) Wed, 07 Mar 2018 04:57:16 -0300
Available diffs
- diff from 1.0.0-2 to 1.0.0-2ubuntu1 (1.1 KiB)
libcdio (2.0.0-1) experimental; urgency=medium * QA upload. * New upstream version. * Library soname bumps and symbol files updates. -- Matthias Klose <email address hidden> Tue, 30 Jan 2018 17:04:53 +0100
Available diffs
- diff from 1.0.0-2ubuntu3 (in Ubuntu) to 2.0.0-1 (67.1 KiB)
- diff from 1.0.0-2 (in Ubuntu) to 2.0.0-1 (66.2 KiB)
libcdio (1.0.0-2) unstable; urgency=medium * Fix setting LIBCDIO_VERSION, taken from upstream. -- Matthias Klose <email address hidden> Wed, 06 Dec 2017 09:05:47 +0100
Available diffs
- diff from 0.94-1 (in Debian) to 1.0.0-2 (79.5 KiB)
- diff from 1.0.0-1 (in Debian) to 1.0.0-2 (998 bytes)
libcdio (1.0.0-1) unstable; urgency=medium * QA upload. * New upstream version. * Build using libncursesw5-dev. -- Matthias Klose <email address hidden> Mon, 04 Dec 2017 20:51:22 +0100
Available diffs
- diff from 0.94-1 to 1.0.0-1 (78.9 KiB)
libcdio (0.94-1) unstable; urgency=medium * QA upload. * Orphan the package. See #881719. * Upload to unstable. * Mark development packages as M-A: same. -- Matthias Klose <email address hidden> Wed, 15 Nov 2017 00:00:11 +0100
Available diffs
- diff from 0.94-0.2 (in Ubuntu) to 0.94-1 (3.0 KiB)
libcdio (0.94-0.2) experimental; urgency=medium * libcdio-dev: Install missing cdio/memory.h header. -- Matthias Klose <email address hidden> Thu, 26 Oct 2017 14:19:26 +0200
Available diffs
- diff from 0.83-4.2ubuntu1 to 0.94-0.2 (1.2 MiB)
- diff from 0.94-0ubuntu1 to 0.94-0.2 (504 bytes)
Superseded in bionic-proposed |
libcdio (0.94-0ubuntu1) bionic; urgency=medium * New upstream version. - Fixes build failure with GCC 7. Closes: #841556. * Bump standards and debhelper versions. * Configure with --disable-silent-rules. * Make the build reproducible (Chris Lamb). Closes: #869516. * Bump sonames, update symbols files. -- Matthias Klose <email address hidden> Thu, 26 Oct 2017 12:55:26 +0200
Available diffs
libcdio (0.83-4.3) unstable; urgency=medium * NMU * Run tests using TZ=UTC to avoid breakage in libcdio with weird time zones. Closes: #795690 * Move Japanese manpages to the right directory. Closes: #850628 * Switch to multi-arch; thanks to Francois Gouget and Matthias Klose for very similar patches. Closes: #777222,#812915 -- Steve McIntyre <email address hidden> Sat, 28 Jan 2017 13:52:41 +0000
Superseded in bionic-release |
Obsolete in artful-release |
Obsolete in zesty-release |
Obsolete in yakkety-release |
Published in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
libcdio (0.83-4.2ubuntu1) xenial; urgency=medium * Multiarchify the library packages. * Build using dpkg-buildflags. -- Matthias Klose <email address hidden> Wed, 27 Jan 2016 19:24:43 +0100
Available diffs
Superseded in xenial-release |
Obsolete in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
libcdio (0.83-4.2) unstable; urgency=low * Non-maintainer upload with maintainers permission. * Use the dh-autoreconf to build on ppc64el. Closes: #732286 -- Andreas Barth <email address hidden> Mon, 01 Sep 2014 21:07:08 +0000
Available diffs
Superseded in vivid-release |
Obsolete in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
libcdio (0.83-4.1ubuntu1) trusty; urgency=low * Use dh-autoreconf to update libtool.m4 for new ports. -- Colin Watson <email address hidden> Mon, 16 Dec 2013 11:34:33 +0000
Available diffs
libcdio (0.83-4.1) unstable; urgency=low * Non-maintainer upload. * Use the autotools-dev dh addon to update config.guess/config.sub for arm64 (closes: #725929) -- Colin Watson <email address hidden> Thu, 14 Nov 2013 11:19:40 +0000
Available diffs
- diff from 0.83-4ubuntu1 (in Ubuntu) to 0.83-4.1 (673 bytes)
Superseded in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
libcdio (0.83-4ubuntu1) saucy; urgency=low * Use the autotools-dev dh addon to update config.guess/config.sub for arm64. -- Colin Watson <email address hidden> Thu, 10 Oct 2013 02:30:54 +0100
Available diffs
- diff from 0.83-4 (in Debian) to 0.83-4ubuntu1 (949 bytes)
libcdio (0.83-4) unstable; urgency=low * Rebuild for unstable. -- Nicolas Boullis <email address hidden> Thu, 14 Jun 2012 09:59:38 +0200
Available diffs
- diff from 0.83-3 to 0.83-4 (340 bytes)
libcdio (0.83-3) experimental; urgency=low * debian/patches/05_revert_iso9660_set_pvd: New patch to prevent a FTBFS in vcdimager. -- Nicolas Boullis <email address hidden> Tue, 13 Mar 2012 00:01:55 +0100
Available diffs
- diff from 0.83-1 to 0.83-3 (3.8 KiB)
libcdio (0.83-1) experimental; urgency=low * New upstream release. (Closes: #647310) * debian/control, debian/*.install: Update the package names to track the sonames. * debian/libcdio-dev.install: Include the new header files. * debian/patches/00_manpage_fix_progname, debian/patches/02_fix_posixness, debian/patches/04_avoid_make_check_failure_when_stderr_is_not_a_tty: Refresh. * debian/patches/01_do_not_rebuild_manpages, debian/patches/03_avoid_make_check_failure_with_no_disc_drive, debian/patches/05_avoid_unaligned_reads: Remove. -- Nicolas Boullis <email address hidden> Fri, 30 Dec 2011 00:04:49 +0100
Available diffs
- diff from 0.81-4.1 (in Ubuntu) to 0.83-1 (1.0 MiB)
libcdio (0.81-4.1) unstable; urgency=low * Non-maintainer upload. * Stop shipping la files. Closes: #633327. * Use kfreebsd-any instead of a hardcoded list of kfreebsd-* architectures. Closes: #634360. -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 20 Oct 2011 06:27:48 +0000
Available diffs
- diff from 0.81-4build1 to 0.81-4.1 (816 bytes)
libcdio (0.81-4build1) natty; urgency=low * No-change upload to drop upstream changelog. -- Martin Pitt <email address hidden> Fri, 03 Dec 2010 08:51:25 +0100
Available diffs
- diff from 0.81-4 to 0.81-4build1 (283 bytes)
libcdio (0.81-4) unstable; urgency=low * Rebuild for unstable. * Fix the call to dh_shlibdeps.
Available diffs
- diff from 0.78.2+dfsg1-3 to 0.81-4 (458.7 KiB)
Superseded in lucid-release |
Obsolete in karmic-release |
Obsolete in jaunty-release |
Obsolete in intrepid-release |
libcdio (0.78.2+dfsg1-3) unstable; urgency=low * Fix the time-conversion functions of libiso9660, taking the changes from CVS. This caused the build to fail when running the regression tests if the build was run at the wrong time. Thanks to Lucas Nussbaum for reporting the problem. (Closes: #482511) * Add libcam-dev to libcdio-dev's dependencies for kfreebsd architectures, as suggested by Petr Salinger. (Closes: 468154) * Bump Standards-Version to 3.8.0: - Add a Homepage field in debian/control.
Available diffs
libcdio (0.76-1ubuntu1.6.10.1) edgy-security; urgency=low * SECURITY UPDATE: - CVE-2007-6613: a stack-based buffer overflow in the print_iso9660_recurse function could lead to cause a denial of service or arbitrary code execution if the iso-info tool is used with a crafted iso image (LP: #191216) * References - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129 -- Emanuele Gentili <email address hidden> Tue, 19 Feb 2008 22:05:52 +0100
libcdio (0.76-1ubuntu2.7.10.1) gutsy-security; urgency=low * SECURITY UPDATE: - CVE-2007-6613: a stack-based buffer overflow in the print_iso9660_recurse function could lead to cause a denial of service or arbitrary code execution if the iso-info tool is used with a crafted iso image (LP: #191216) * References - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129 -- Emanuele Gentili <email address hidden> Tue, 19 Feb 2008 21:02:43 +0100
libcdio (0.76-1ubuntu2.7.04.1) feisty-security; urgency=low * SECURITY UPDATE: - CVE-2007-6613: a stack-based buffer overflow in the print_iso9660_recurse function could lead to cause a denial of service or arbitrary code execution if the iso-info tool is used with a crafted iso image (LP: #191216) * References - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129 -- Emanuele Gentili <email address hidden> Tue, 19 Feb 2008 21:46:05 +0100
libcdio (0.76-1ubuntu1.6.06.1) dapper-security; urgency=low * SECURITY UPDATE: - CVE-2007-6613: a stack-based buffer overflow in the print_iso9660_recurse function could lead to cause a denial of service or arbitrary code execution if the iso-info tool is used with a crafted iso image (LP: #191216) * References - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459129 -- Emanuele Gentili <email address hidden> Tue, 19 Feb 2008 21:24:22 +0100
libcdio (0.78.2+dfsg1-2ubuntu1) hardy; urgency=low * Fix build failure with g++-4.3. -- Matthias Klose <email address hidden> Thu, 24 Jan 2008 17:09:03 +0000
Superseded in hardy-release |
libcdio (0.78.2+dfsg1-2) unstable; urgency=high * This update addresses the following security issue, thanks to Nico Golde: - CVE-2007-6613: a stack-based buffer overflow in the print_iso9660_recurse function could lead to cause a denial of service or arbitrary code execution if the iso-info or cd-info tool is used with a crafted iso image. (Closes: #459129) * Support GNU/kFreeBSD systems, thanks to Petr Salinger for his patch. (Closes: #449457) * Bump Standards-Version to 3.7.3 (no change needed). -- Michael Bienia <email address hidden> Wed, 09 Jan 2008 09:00:50 +0000
Superseded in hardy-release |
libcdio (0.78.2+dfsg1-1) unstable; urgency=low * Repack the source tarball to remove non-DFSG-free documentation. Thanks to Joerg Jaspert for pointing this. * Also update debian/copyright to reflect the status of the removed documentation. * Add libncurses5-dev | libncurses-dev to the build-dependencies, for cdda-player.
libcdio (0.76-1ubuntu2) feisty; urgency=low * debian/control: Update maintainer fields according to debian- maintainer-field spec. -- Martin Pitt <email address hidden> Mon, 26 Feb 2007 08:50:08 +0000
Superseded in feisty-release |
Obsolete in edgy-release |
Obsolete in dapper-release |
Superseded in dapper-release |
libcdio (0.76-1ubuntu1) dapper; urgency=low * Sync to new Debian version, manually apply Ubuntu patches: - debian/control: Remove dpkg-awk build dependency. - debian/rules: hardcode $LIBCDEV. This keeps the diff small (compared to the original patch of changing every ${libcdev} occurence). -- Martin Pitt <email address hidden> Tue, 15 Nov 2005 16:53:23 +0100
Obsolete in breezy-release |
libcdio (0.71-2ubuntu2) breezy; urgency=low * Also fix the second use of ${libcdev} -- Matt Zimmerman <email address hidden> Wed, 28 Sep 2005 09:57:31 -0700
libcdio (0.68-2) unstable; urgency=low * dh_install's --sourcedir option was added in debhelper 4.0.4; fix debian/control accordingly. Thanks to Koos van den Hout for pointing the problem. (Closes: #252679) * Moreover, dh_shlibdeps's -L option was only added in debhelper 4.1.1. Bump the versioned build-dependency again. -- Nicolas Boullis <email address hidden> Fri, 4 Jun 2004 22:17:21 +0200
1 → 49 of 49 results | First • Previous • Next • Last |