gpac (1.0.1+dfsg1-4+deb11u3) bullseye-security; urgency=medium * CVE-2023-3291 / CVE-2023-3012 / CVE-2023-0760 -- Moritz Mühlenhoff Mon, 19 Jun 2023 23:46:06 +0200 gpac (1.0.1+dfsg1-4+deb11u2) bullseye-security; urgency=medium * Fix multiple security issues -- Aron Xu Tue, 23 May 2023 19:53:25 +0800 gpac (1.0.1+dfsg1-4+deb11u1) bullseye-security; urgency=medium * Fix multiple security issues - CVE-2021-21861 - CVE-2021-21860 - CVE-2021-21859 - CVE-2021-21858 - CVE-2021-21857 - CVE-2021-21855 - CVE-2021-21854 - CVE-2021-21853 - CVE-2021-21852 - CVE-2021-21850 - CVE-2021-21849 - CVE-2021-21848 - CVE-2021-21847 - CVE-2021-21846 - CVE-2021-21845 - CVE-2021-21844 - CVE-2021-21843 - CVE-2021-21842 - CVE-2021-21841 - CVE-2021-21840 - CVE-2021-21839 - CVE-2021-21838 - CVE-2021-21837 - CVE-2021-21836 - CVE-2021-21834 -- Moritz Mühlenhoff Fri, 20 Aug 2021 00:03:29 +0200 gpac (1.0.1+dfsg1-4) unstable; urgency=medium [ Moritz Muehlenhoff ] * Cherrypicked fixes for multiple security issues: (Closes: #987280, #987323, #987374) - CVE-2021-30014/CVE-2021-30020/CVE-2021-30022 - CVE-2020-35979 - CVE-2020-35981 - CVE-2020-35982 - CVE-2021-28300 - CVE-2021-29279 - CVE-2021-31255 - CVE-2021-31256 - CVE-2021-31261 - CVE-2021-30015 - CVE-2021-30019 - CVE-2021-30199 - CVE-2021-31257 - CVE-2021-31258 - CVE-2021-31260 - CVE-2021-31262 [ Reinhard Tartler ] * upload to unstable -- Reinhard Tartler Mon, 24 May 2021 21:09:10 -0400 gpac (1.0.1+dfsg1-3) unstable; urgency=medium * Clean share/gpac.desktop (Closes: #975779) * Bugfix: FTBFS on armel: missing -latomic (Closes: #975433) -- Reinhard Tartler Wed, 25 Nov 2020 15:43:00 -0500 gpac (1.0.1+dfsg1-2) unstable; urgency=medium * Upload to unstable -- Reinhard Tartler Sat, 21 Nov 2020 17:13:44 -0500 gpac (1.0.1+dfsg1-1) experimental; urgency=medium * New upstream version - soname bump to libgpac10 - Fixes lots of security issues, closes: #972053 CVE-2019-20161 CVE-2019-20162 CVE-2019-20163 CVE-2019-20165 CVE-2019-20170 CVE-2019-20208 CVE-2019-20628 CVE-2019-20629 CVE-2019-20630 CVE-2019-20631 CVE-2019-20632 CVE-2020-11558 CVE-2020-6630 CVE-2020-6631 - Fixes CVE-2018-21015 CVE-2018-21016, closes: #940882 - Fixes CVE-2019-13618, closes: #932242 - Fixes CVE-2019-12481 CVE-2019-12482 CVE-2019-12483, closes: #931088 - Fix in manpage, closes: #782093 * Rewritten debian/copyright with help of 'cme update dpkg-copyright' -- Reinhard Tartler Tue, 17 Nov 2020 18:36:39 -0500 gpac (0.7.1+dfsg1-4) unstable; urgency=medium [ Debian Janitor ] * Use secure URI in Homepage field. * Bump debhelper from old 9 to 10. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Drop unnecessary dh arguments: --parallel [ Reinhard Tartler ] * upload to unstable * libgpac7.symbols: Add Build-Depends-Package field * debian/changelog: cleanups * Fix FTCBFS: Pass --cross-prefix to ./configure, Closes: #945200 Thanks to Helmut Grohne for providing the patch -- Reinhard Tartler Fri, 13 Nov 2020 21:27:34 -0500 gpac (0.7.1+dfsg1-3) experimental; urgency=medium * Merge security patches from unstable Closes: #926961, Closes: #926963 -- Reinhard Tartler Sat, 13 Apr 2019 16:52:04 -0400 gpac (0.7.1+dfsg1-2) experimental; urgency=medium * Upload to experimental and mark the previous upload as UNRELEASED. It was deemed unappropriate for this stage of the Debian Release cycle. -- Reinhard Tartler Sun, 07 Apr 2019 12:19:28 -0400 gpac (0.7.1+dfsg1-1) UNRELEASED; urgency=medium [ Balint Reczey ] * Remove myself from Uploaders [ Reinhard Tartler ] * Update exclude lists * New upstream version 0.7.1+dfsg1 (Closes: #817194) * Add bugfix for CVE-2018-7752 (Closes: #892526) * Add patch for CVE-2018-20760, CVE-2018-20762, CVE-2018-20763 (CVE-2018-20761 does not need addressing) (Closes: #921969) * add patch for CVE-2018-13005, CVE-2018-13006 (Closes: #902782) -- Reinhard Tartler Fri, 15 Feb 2019 06:43:22 -0500 gpac (0.5.2-426-gc5ad4e4+dfsg5-5) unstable; urgency=medium [ Moritz Muehlenhoff ] * Bug fix: "CVE-2019-11222: Buffer-overflow in gf_bin128_parse", thanks to Salvatore Bonaccorso (Closes: #926961). * Bug fix: "CVE-2019-11221: buffer-overflow issue in gf_import_message() in media_import.c", thanks to Salvatore Bonaccorso (Closes: #926963). -- Reinhard Tartler Sat, 13 Apr 2019 16:41:15 -0400 gpac (0.5.2-426-gc5ad4e4+dfsg5-4.1) unstable; urgency=medium * CVE-2018-7752 (Closes: #892526) * CVE-2018-13005, CVE-2018-13006 (Closes: #902782) * CVE-2018-20760, CVE-2018-20761, CVE-2018-20762, CVE-2018-20763 (Closes: #921969) -- Moritz Muehlenhoff Mon, 01 Apr 2019 23:07:02 +0200 gpac (0.5.2-426-gc5ad4e4+dfsg5-4) unstable; urgency=medium * Team upload. [ Ondřej Nový ] * d/copyright: Use https protocol in Format field. * d/control: Set Vcs-* to salsa.debian.org. * d/changelog: Remove trailing whitespaces. [ Felipe Sateler ] * Change maintainer address to debian-multimedia@lists.debian.org. [ James Cowgill ] * d/patches: Add patch to fix FTBFS with FFmpeg 4.0. (Closes: #888343) -- James Cowgill Fri, 25 May 2018 14:56:56 +0100 gpac (0.5.2-426-gc5ad4e4+dfsg5-3) unstable; urgency=medium * Team upload. * Drop OpenJPEG support. (Closes: #826814) * Enable verbose building. * Bump standards to 3.9.8. * Update debian/watch now that upstream moved to github. -- James Cowgill Thu, 04 Aug 2016 22:29:39 +0100 gpac (0.5.2-426-gc5ad4e4+dfsg5-2) unstable; urgency=medium * Team upload. [ Andreas Cadhalpun ] * Fix build with ffmpeg 3.0. (Closes: #803821) [ Sebastian Ramacher ] * Migrate to automatic dbg packages * debian/control: - Bump Standards-Version. - Update Vcs-*. - Drop obsolete Breaks+Replaces. [ Steven Chamberlain ] * Update symbols for hurd and kfreebsd. (Closes: #815431) -- Sebastian Ramacher Wed, 09 Mar 2016 23:21:23 +0100 gpac (0.5.2-426-gc5ad4e4+dfsg5-1) unstable; urgency=medium [ Balint Reczey ] * Rename library package to libgpac4 (Closes: #791490) * Convert to multiarch (Closes: #791492) * Bump standards version * Add symbols file * Pass CFLAGS and LDFLAGS to ./configure * Remove space from license names * Drop all include files in extra_lib from upstream source * Fix upstream version number's dfsg postfix * Fix symbols file for libgpac4 [ Alessio Treglia ] * Fix unmanaged SONAME bump. Add Breaks/Replaces fields for a smooth libgpac3 -> libgpac4 migration. * Multiarchify libgpac-dbg * Fix few lintian warnings concerning debian/copyright. -- Alessio Treglia Wed, 08 Jul 2015 15:15:55 +0100 gpac (0.5.2-426-gc5ad4e4~dfsg4-1) unstable; urgency=medium [ Alessio Treglia ] * New upstream version 0.5.2-426-gc5ad4e4 (Closes: #776301, #783879) * Update repacking mechanism. The project moved to github. * Update repack.sh * Update compression in gbp.conf * Refresh patches [ Balint Reczey ] * Refresh remaining patches * Update passing revision to configure * Don't fail the build intentionally on unknown systems * Skip test using .swf file * List removed files in copyright file * Remove sourceless .swf from original tarball * Add myself to uploaders -- Balint Reczey Sun, 28 Jun 2015 11:44:32 -0500 gpac (0.5.0+svn5324~dfsg1-1) unstable; urgency=medium * New upstream snapshot. * Refresh patches. * debian/copyright: - Improve copyright and licensing information on src/utils/unicode.c. Thanks to bastien ROUCARIES for pointing this out. (Closes: #754732) - Update debian/* copyright holders's information. - Mention debian/copyright in debian/source/lintian-overrides to avoid lintian's license-problem-non-free-RFC error. -- Alessio Treglia Thu, 31 Jul 2014 14:13:58 +0100 gpac (0.5.0+svn5294~dfsg1-1) unstable; urgency=low * New upstream snapshot. * Refresh patches. -- Alessio Treglia Tue, 08 Jul 2014 13:04:26 +0100 gpac (0.5.0+svn5194~dfsg1-4) unstable; urgency=low * Drop build-dep on libxmlrpc-c3-dev. -- Alessio Treglia Mon, 07 Jul 2014 16:41:09 +0100 gpac (0.5.0+svn5194~dfsg1-3) unstable; urgency=low * Removed Andres Meja from Uploaders list. Thanks Andres for your contributions on the gpac package. Closes: 743529 * Removed unused BD on libwxgtk2.8-dev. Thanks to Olly Betts for pointing this out. Closes: #748715 -- Reinhard Tartler Thu, 29 May 2014 19:57:10 -0400 gpac (0.5.0+svn5194~dfsg1-2) unstable; urgency=low * Upload to unstable -- Reinhard Tartler Sun, 11 May 2014 19:00:36 -0400 gpac (0.5.0+svn5194~dfsg1-1) experimental; urgency=low * New upstream version 0.5.0+svn5194~dfsg: - now decodes 10bit HEVC video * Add patch to export gf_isom_set_pixel_aspect_ratio. This allows x264 to link dynamically against libgpac.so.3 * Refresh patches * Upload to unstable -- Reinhard Tartler Sun, 06 Apr 2014 12:11:08 -0400 gpac (0.5.0+svn5104~dfsg1-1) experimental; urgency=low * New upstream version 0.5.0+svn5104~dfsg1: - src/utils/sha1.c is relicensed under LGPLv2.1, Closes: #730759 * Don't install modules in multi-arch directories, Closes: #730497 * Add libusb-1.0.0-dev headers because libfreenect requires this * Fix install rule * Follow upstream soname bump - Drop the symbols file for now until it has been revised thourougly * Let binaries produce the correct svn revision * Refresh patches * Patch and build against libav10, Closes: #739321 * Bump standards version, no changes necessary -- Reinhard Tartler Sat, 22 Feb 2014 18:15:00 +0000 gpac (0.5.0+svn4288~dfsg1-4) unstable; urgency=low * Compile with libfreenect support. -- Alessio Treglia Sun, 06 Oct 2013 21:53:29 +0100 gpac (0.5.0+svn4288~dfsg1-3) unstable; urgency=low * Do not fail if dh_auto_clean returns some value different from 0. (Closes: #725541) -- Alessio Treglia Sun, 06 Oct 2013 21:43:12 +0100 gpac (0.5.0+svn4288~dfsg1-2) unstable; urgency=low * Upload to unstable -- Reinhard Tartler Thu, 15 Aug 2013 18:05:38 +0200 gpac (0.5.0+svn4288~dfsg1-1) experimental; urgency=low [ Alessio Treglia ] * New upstream snapshot. * Refresh patches. * Update symbols. * Fix Homepage URL. (Closes: #688063) * Set get-orig-source back to retrieve sources from SVN. * Strip libav stuff out of the tarball, bump DFSG versioning. * Don't remove include/gpac/version.h * Overwriting include/gpac/version.h is no longer needed as buildsystem works now. Upstream's buildsystem has been fixed so there is no need to overwrite include/gpac/version.h anymore. * Bump Standards. [ Reinhard Tartler ] * Build against libav 9. -- Alessio Treglia Wed, 30 Jan 2013 14:41:46 +0000 gpac (0.5.0~dfsg0-1) unstable; urgency=low * New stable release. * debian/{rules,watch}: - Download new stable releases from upstream's website. * Refresh patches. -- Alessio Treglia Sun, 27 May 2012 11:25:44 +0200 gpac (0.4.5+svn4035~dfsg0-1) unstable; urgency=low * New upstream snapshot. * Small improvements to debian/watch. * debian/copyright: Group files by License, try to better organize stanzas. -- Alessio Treglia Tue, 15 May 2012 19:37:01 +0200 gpac (0.4.5+svn4019~dfsg0-3) unstable; urgency=low * Move the header into the multiarch path. (Closes: #669999) -- Alessio Treglia Mon, 23 Apr 2012 10:10:10 +0200 gpac (0.4.5+svn4019~dfsg0-2) unstable; urgency=low * Upload to unstable. * Blacklist gf_dvb_get_freq_from_url on non-Linux architectures. -- Alessio Treglia Fri, 20 Apr 2012 15:11:23 +0200 gpac (0.4.5+svn4019~dfsg0-1) experimental; urgency=low * New upstream snapshot. * Add symbols file, ABI should be stable now. -- Alessio Treglia Fri, 20 Apr 2012 12:36:11 +0200 gpac (0.4.5+svn4002~dfsg0-1) experimental; urgency=low * Merge with upstream snapshot svn4002. * Bump SONAME. -- Alessio Treglia Fri, 06 Apr 2012 11:00:34 +0200 gpac (0.4.5+svn3950~dfsg0-1) experimental; urgency=low * Merge new upstream snapshot. * Update repackaging: - Include modules/widgetman/*, which are now dual-licensed. - Strip more unneeded code. * Drop {dfsg,soname-fix}.patch patches, not needed anymore. * Refresh patches. * Correct team's name. * Update debian/copyright. * Bump debhelper requirement. * Bump Standards. -- Alessio Treglia Tue, 06 Mar 2012 23:52:07 +0100 gpac (0.4.5+svn3912~dfsg1-1) experimental; urgency=low * Merge upstream latest nightly build. * Refresh patches. -- Alessio Treglia Sat, 11 Feb 2012 18:46:42 +0100 gpac (0.4.5+svn3462~dfsg0-1) unstable; urgency=low * Merge upstream SVN snapshot svn3462: - DASH: SPTS don't need '-dash-ts-prog' option (+doc added) - support in the player for BaseURL as source as specified in latest draft and generated by MP4Box - Fixed bug in edit list rewrite when concatenating - Added simple osd module for perf monitoring (cpu/mem/fps) - Fixed some crashes when destroying objects/services before their creation is completed (stress mode) - Fixed event firing for secondary scenes and exported createVRMLfromString - Only notify fractionChanged when it actually changes - Commented full AAC file scan for duration - Made DX module store its YUV config (speeds up startup) - Added option to avoid unloading modules - use gf_esd_get_textual_description() instead of (incomplete) switches - Fixed UPnP detection and removed extension loading * Drop xulrunner-dev, gpac doesn't build against it. * Revise repackaging and debian/rules' get-orig-source target. * Refresh patches. * Configure with --enable-debug. * Add -O2 to CFLAGS, use -O0 when optimizations are disabled. * Implement DEB_BUILD_OPTIONS' noopt flag. * Install modules in multiarch path. * Split gpac and install modules into new gpac-modules-base package. * Add -DBG packages. -- Alessio Treglia Sat, 11 Feb 2012 17:35:15 +0100 gpac (0.4.5+svn3450~dfsg3-1) unstable; urgency=low * Initial release. (Closes: #636350) -- Andres Mejia Sat, 04 Feb 2012 00:12:54 +0100