Change log for libde265 package in Debian
| 1 → 20 of 20 results | First • Previous • Next • Last |
| Published in bullseye-release |
libde265 (1.0.11-0+deb11u3) bullseye; urgency=high
* Non-maintainer upload by the LTS Team.
(Closes: #1059275)
* CVE-2023-49465
heap-buffer-overflow in derive_spatial_luma_vector_prediction()
* CVE-2023-49467
heap-buffer-overflow in derive_combined_bipredictive_merging_candidates()
* CVE-2023-49468
global buffer overflow in read_coding_unit()
-- Thorsten Alteholz <email address hidden> Fri, 29 Dec 2023 23:03:02 +0100
| Published in bookworm-release |
libde265 (1.0.11-1+deb12u2) bookworm; urgency=medium
* Non-maintainer upload by the LTS Team.
(Closes: #1059275)
* CVE-2023-49465
heap-buffer-overflow in derive_spatial_luma_vector_prediction()
* CVE-2023-49467
heap-buffer-overflow in derive_combined_bipredictive_merging_candidates()
* CVE-2023-49468
global buffer overflow in read_coding_unit()
-- Thorsten Alteholz <email address hidden> Fri, 29 Dec 2023 23:03:02 +0100
libde265 (1.0.15-1) unstable; urgency=medium * New upstream version 1.0.15 * Fixes CVE-2023-49465, CVE-2023-49467, CVE-2023-49468. * Add patch to fix "Libs.private" in libde265.pc. -- Joachim Bauch <email address hidden> Thu, 21 Dec 2023 09:29:24 +0100
Available diffs
- diff from 1.0.13-1 to 1.0.15-1 (4.7 KiB)
| Superseded in bookworm-release |
libde265 (1.0.11-1+deb12u1) bookworm; urgency=medium
* Non-maintainer upload by the LTS Team.
* CVE-2023-27102 (Closes: #1033257)
fix segmentation violation in the
function decoder_context::process_slice_segment_header
* CVE-2023-27103
fix heap buffer overflow in the
function derive_collocated_motion_vectors
* CVE-2023-43887
fix buffer over-read in pic_parameter_set::dump
* CVE-2023-47471 (Closes: #1056187)
fix buffer overflow in the slice_segment_header function
-- Thorsten Alteholz <email address hidden> Sun, 26 Nov 2023 13:03:02 +0100
libde265 (1.0.13-1) unstable; urgency=medium * New upstream version 1.0.13 * Fixes CVE-2023-47471 (Closes: #1056187), CVE-2023-43887. * Update patches for new upstream version. * d/control: Upstream switched examples to SDL2 (Closes: #1038097). * Update symbols for new upstream version. -- Joachim Bauch <email address hidden> Tue, 21 Nov 2023 08:59:09 +0100
Available diffs
- diff from 1.0.12-2 to 1.0.13-1 (15.3 KiB)
libde265 (1.0.12-2) unstable; urgency=medium * Team upload * Clean Makefiles (Closes: #1047354) [ Vladimir Petko ] * add libde265 decoder smoke test (Closes: #1052214) -- Bastian Germann <email address hidden> Tue, 19 Sep 2023 08:20:11 +0000
Available diffs
- diff from 1.0.12-1build1 (in Ubuntu) to 1.0.12-2 (1006 bytes)
libde265 (1.0.12-1) unstable; urgency=medium * New upstream version 1.0.12 * Fixes CVE-2023-27102, CVE-2023-27103 -- Joachim Bauch <email address hidden> Tue, 20 Jun 2023 09:10:00 +0200
Available diffs
- diff from 1.0.11-1 to 1.0.12-1 (3.7 KiB)
| Superseded in bullseye-release |
libde265 (1.0.11-0+deb11u1) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
* Import package 1.0.11-1 from sid, new upstream version 1.0.11, to fix:
- CVE-2020-21594 (Closes: #1029396)
- CVE-2020-21595, CVE-2020-21597, CVE-2020-21599, CVE-2020-21601,
CVE-2020-21603, CVE-2020-21604, CVE-2020-21605, CVE-2020-21606
(Closes: #1014999)
- CVE-2020-21596 (Closes: #1029397)
- CVE-2020-21598, CVE-2020-21600, CVE-2020-21602 (Closes: #1004963)
- CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410,
CVE-2021-36411, CVE-2022-1253 (Closes: #1014977)
- CVE-2022-43243, CVE-2022-43248, CVE-2022-43253 (Closes: #1025816)
- CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238,
CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242,
CVE-2022-43244, CVE-2022-43250, CVE-2022-43252 (Closes: #1027179)
- CVE-2022-43245 CVE-2022-43249 (Closes: #1029357)
- CVE-2022-47655
-- Tobias Frost <email address hidden> Sat, 04 Feb 2023 17:18:48 +0100
libde265 (1.0.11-1) unstable; urgency=medium
[ Tobias Frost ]
* Make my patch less noisy.
[ Joachim Bauch ]
* New upstream version 1.0.11
* Unpackaged upstream version 1.0.10 fixes the following CVEs, most caused
by the same underlying issue:
CVE-2020-21594, CVE-2020-21595, CVE-2020-21596, CVE-2020-21597,
CVE-2020-21598, CVE-2020-21599, CVE-2020-21600, CVE-2020-21601,
CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21605,
CVE-2020-21606, CVE-2022-1253, CVE-2022-43236, CVE-2022-43237,
CVE-2022-43238, CVE-2022-43239, CVE-2022-43240, CVE-2022-43241,
CVE-2022-43242, CVE-2022-43243, CVE-2022-43244, CVE-2022-43245,
CVE-2022-43248, CVE-2022-43249, CVE-2022-43250, CVE-2022-43252,
CVE-2022-43253, CVE-2022-47655
* Remove patch applied upstream.
* Update patches for new upstream version.
* Remove copyright entry for file no longer present in upstream.
* Update symbols for new upstream version.
* Bump "Standards-Version" to 4.6.2
-- Joachim Bauch <email address hidden> Thu, 02 Feb 2023 16:06:20 +0100
Available diffs
- diff from 1.0.9-1.1 to 1.0.11-1 (16.5 KiB)
libde265 (1.0.9-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Apply patches to mitigate asan failures:
reject_reference_pics_from_different_sps.patch and
use_sps_from_the_image.patch.
* Combined, this two patches fixes:
- CVE-2022-43243, CVE-2022-43248, CVE-2022-43253 (Closes: #1025816)
- CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238,
CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242,
CVE-2022-43244, CVE-2022-43250, CVE-2022-43252 (Closes: #1027179)
- CVE-2022-47655
* Additional patch recycle_sps_if_possible.patch to avoid over-rejecting
valid video streams due to reject_reference_pics_from_different_sps.patch.
* Modifying past changelog entries to indicate when vulnerabilities were
fixed:
- In 1.0.9-1, in total 11 CVE's. see #1004963 and #1014999
- In 1.0.3-1, 1 CVE, see #1029396
* drop unused Build-Depends: libjpeg-dev, libpng-dev and libxv-dev
(Closes: #981260)
-- Tobias Frost <email address hidden> Sun, 22 Jan 2023 13:19:20 +0100
Available diffs
- diff from 1.0.9-1 to 1.0.9-1.1 (6.9 KiB)
libde265 (1.0.9-1) unstable; urgency=medium * Add "Rules-Requires-Root: no". * New upstream version 1.0.9 * Remove patches now part of upstream release. * Bump "Standards-Version" to 4.6.1 * Add patch to provide "gl_VISIBILITY" macro. * Update symbols for new upstream version. -- Joachim Bauch <email address hidden> Tue, 25 Oct 2022 10:15:37 +0200
Available diffs
- diff from 1.0.8-1build1 (in Ubuntu) to 1.0.9-1 (106.6 KiB)
libde265 (1.0.8-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Import upstream fixes for CVE-tracked vulnerabilities
(Closes: #1014977)
- CVE-2022-1253
- CVE-2021-36411
- CVE-2021-36410
- CVE-2021-36409
- CVE-2021-36408
- CVE-2021-35452
-- Philipp Kern <email address hidden> Sun, 16 Oct 2022 15:26:20 +0200
libde265 (1.0.8-1) unstable; urgency=medium * Update to debhelper compat level 13 and add debian/not-installed * Imported Upstream version 1.0.8 * Remove patch applied upstream. * Bump "Standards-Version" to 4.5.1 -- Joachim Bauch <email address hidden> Wed, 16 Dec 2020 16:32:29 +0100
Available diffs
- diff from 1.0.7-1 to 1.0.8-1 (6.1 KiB)
libde265 (1.0.7-1) unstable; urgency=medium [ Debian Janitor ] * Set upstream metadata fields: Bug-Submit. [ Joachim Bauch ] * Imported Upstream version 1.0.7 * Update patches for new upstream version. * Update symbols for new upstream version. * Bump "Standards-Version" to 4.5.0 -- Joachim Bauch <email address hidden> Fri, 25 Sep 2020 13:00:59 +0200
Available diffs
libde265 (1.0.4-1) unstable; urgency=medium
[ Ondřej Nový ]
* Use debhelper-compat instead of debian/compat
[ Joachim Bauch ]
* Imported Upstream version 1.0.4
* Enable hardening.
* Specify Build-Depends-Package in symbols.
* Ignore more internal STL symbols.
* Bump "Standards-Version" to 4.4.1
* Update to debhelper compat level 12.
[ Debian Janitor ]
* Set upstream metadata fields: Bug-Database, Repository, Repository-
Browse.
[ Sebastian Ramacher ]
* debian/rules: Remove obsolete dh_strip override
-- Joachim Bauch <email address hidden> Fri, 20 Dec 2019 12:17:15 +0100
Available diffs
libde265 (1.0.3-1) unstable; urgency=medium [ Ondřej Nový ] * d/copyright: Use https protocol in Format field * d/control: Set Vcs-* to salsa.debian.org [ Felipe Sateler ] * Change maintainer address to <email address hidden> [ Joachim Bauch ] * Imported Upstream version 1.0.3 * Update patches for new upstream version. * Update symbols for new upstream version. * Update standards version and switch to debhelper 10. -- Joachim Bauch <email address hidden> Thu, 19 Apr 2018 11:44:40 +0200
Available diffs
- diff from 1.0.2-2build1 (in Ubuntu) to 1.0.3-1 (364.5 KiB)
libde265 (1.0.2-2) unstable; urgency=low
[ Joachim Bauch ]
* Added patch by Andreas Cadhalpun to fix compilation with FFmpeg 2.9
(Closes: #803834)
* Updated symbols file for new C++11 symbols.
[ Sebastian Ramacher ]
* Migrate to automatic dbg packages.
* debian/control: Remove some unnecessary Build-Depends.
-- Joachim Bauch <email address hidden> Mon, 11 Jan 2016 19:12:19 +0100
Available diffs
libde265 (1.0.2-1) unstable; urgency=low * Imported Upstream version 1.0.2 * Added new files to copyright information. * Only export decoder API and update symbols for new version. -- Joachim Bauch <email address hidden> Thu, 16 Jul 2015 11:07:46 +0200
Available diffs
- diff from 0.9-1 to 1.0.2-1 (275.4 KiB)
libde265 (0.9-1) unstable; urgency=low
* Updated symbols to make all "std::vector" symbols optional.
* Imported Upstream version 0.9
* Removed deprecated patch to update symbols visibility. Changes were
applied upstream.
* Upstream supports compiling against Qt5, prefer that over Qt4.
* Added new symbols from new upstream release.
-- Joachim Bauch <email address hidden> Tue, 16 Sep 2014 18:47:14 +0200
Available diffs
libde265 (0.8-1) unstable; urgency=low * Initial release. (Closes: #744190) -- Joachim Bauch <email address hidden> Fri, 08 Aug 2014 17:23:37 +0200
| 1 → 20 of 20 results | First • Previous • Next • Last |
