desktop-packages team mailing list archive

Thread
Date

[Bug 1512274] Re: Sync libvdpau 1.1.1-3 (main) from Debian sid (main)

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Logan Rosen <loganrosen@xxxxxxxxx>
Date: Fri, 06 Nov 2015 00:36:05 -0000
Reply-to: Bug 1512274 <1512274@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The new vdpau-driver-all package depends on libvdpau-va-gl1, which is in
universe.

** Changed in: libvdpau (Ubuntu)
   Importance: Undecided => Wishlist

** Changed in: libvdpau (Ubuntu)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libvdpau in Ubuntu.
https://bugs.launchpad.net/bugs/1512274

Title:
  Sync libvdpau 1.1.1-3 (main) from Debian sid (main)

Status in libvdpau package in Ubuntu:
  Triaged

Bug description:
  Please sync libvdpau 1.1.1-3 (main) from Debian sid (main)

  Explanation of the Ubuntu delta and why it can be dropped:
    * SECURITY UPDATE: privilege escalation when used in setuid or setgid
      applications
      - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
        against directory traversal in configure.ac, src/Makefile.am,
        src/mesa_dri2.c, src/util.h, src/vdpau_wrapper.c,
        trace/vdpau_trace.cpp.
      - CVE-2015-5198
      - CVE-2015-5199
      - CVE-2015-5200
    * SECURITY UPDATE: privilege escalation when used in setuid or setgid
      applications
      - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
        against directory traversal in configure.ac, src/Makefile.am,
        src/mesa_dri2.c, src/util.h, src/vdpau_wrapper.c,
        trace/vdpau_trace.cpp.
      - CVE-2015-5198
      - CVE-2015-5199
      - CVE-2015-5200

  Debian package already include everything in the Ubuntu package.

  Changelog entries since current xenial version 1.1-1ubuntu1:

  libvdpau (1.1.1-3) unstable; urgency=medium

    [ Luca Boccassi ]
    * Cherry-pick patch for DRI_PRIME crash. (Closes: #802625)
    * Upload to unstable.

   -- Andreas Beckmann <anbe@xxxxxxxxxx>  Thu, 29 Oct 2015 00:47:28
  +0100

  libvdpau (1.1.1-2) experimental; urgency=medium

    * Add vdpau-driver-all driver metapackage.  (Closes: #800657)
    * libvdpau1: Recommends: vdpau-driver-all | vdpau-driver.
    * Upload to experimental.

   -- Andreas Beckmann <anbe@xxxxxxxxxx>  Thu, 08 Oct 2015 10:15:00
  +0200

  libvdpau (1.1.1-1) unstable; urgency=medium

    [ Andreas Beckmann ]
    * simplify d/rules

    [ Luca Boccassi ]
    * New upstream release.
      - Use secure_getenv(3) to improve security
        (CVE-2015-5198, CVE-2015-5199, CVE-2015-5200). Closes: #797895.
    * Do not check for pdftex, removed upstream
    * Add myself to Uploaders
    * Refresh dlopen-path patch, upstream changes
    * Refresh patch module-searchpath, upstream changes

   -- Luca Boccassi <luca.boccassi@xxxxxxxxx>  Thu, 03 Sep 2015 23:31:59
  +0100

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvdpau/+bug/1512274/+subscriptions

References

[Bug 1512274] [NEW] Sync libvdpau 1.1.1-3 (main) from Debian sid (main)
From: Oibaf, 2015-11-02