Change logs for mp3splt source package in Bionic

  • mp3splt (2.6.2+20170630-3) unstable; urgency=medium
      * Drop support for things that are deprecated and/or unmaintained in GNOME:
        scrollkeeper was obsoleted by rarian, which in turn is also obsoleted now.
        The build dependency on libgnomeui-dev appears to have been spurious, as
        the only "gnome integration" used here is the documentation - so drop it
        too because its maintainers want to remove that for the Buster release.
        Closes: #885757, #885758
     -- Ron Lee <email address hidden>  Sat, 13 Jan 2018 14:58:07 +1030
  • mp3splt (2.6.2+20170630-2) unstable; urgency=medium
      * Properly zero the ogg and vorbis state structures after they are malloc'd.
        This fixes the second issue that was indicated in CVE-2017-11333, which
        isn't actually the fault of libvorbis.  It's caused by the libmp3splt ogg
        plugin unwinding when the error in the test file is detected, and calling
        vorbis_block_clear() on an uninitialised vorbis_block struct before the
        call to vorbis_block_init() occurs.  Similar things would go badly for the
        other uninitialised structs if this one didn't explode first.
     -- Ron Lee <email address hidden>  Wed, 27 Sep 2017 03:21:24 +0930
  • mp3splt (2.6.2-0.1) unstable; urgency=medium
      * Non-maintainer upload.
      * New upstream release. (Closes: #741164)
      * debian/control:
        - Add "libmp3splt0-flac" to Depends.
        - Update Build-Depends to match new "libmp3splt-dev" version 0.9.2.
        - Add "dh-autoreconf" to Build-Depends.
        - Bump Standards-Version to 3.9.8, no changes needed.
        - Update Build-Depends to use "debhelper (>= 9)".
      * debian/compat: Update to debhelper compatibility version 9.
      * debian/rules: 
        - Run dh_autoreconf to update config.{sub,guess}
          and {libtool,aclocal}.m4. (Closes: #727465)
        - Use option "DEB_BUILD_MAINT_OPTIONS = hardening=+all".
     -- Jan Luca Naumann <email address hidden>  Sun, 09 Oct 2016 18:41:08 +0200