touch-packages team mailing list archive

Thread
Date

[Bug 1486546] Re: Multiple security patches not imported from Debian

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1486546@xxxxxxxxxxxxxxxxxx>
Date: Mon, 19 Oct 2015 04:17:47 -0000
Reply-to: Bug 1486546 <1486546@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for lame (Ubuntu) because there has been no activity for 60
days.]

** Changed in: lame (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lame in Ubuntu.
https://bugs.launchpad.net/bugs/1486546

Title:
  Multiple security patches not imported from Debian

Status in lame package in Ubuntu:
  Expired

Bug description:
  A number of security issues in LAME were found by Debian developers
  via fuzzing and then patched in Debian. The discovered bugs and the
  respective patches can be found at https://bugs.debian.org/cgi-
  bin/bugreport.cgi?bug=775959

  However, the Ubuntu Trusty package for LAME is still vulnerable - the
  very first malformed sample from that bug report reliably causes a
  crash for me on amd64.

  ProblemType: Bug
  DistroRelease: elementary OS 0.3
  Package: lame 3.99.5+repack1-3ubuntu1
  ProcVersionSignature: Ubuntu 3.13.0-62.102-generic 3.13.11-ckt24
  Uname: Linux 3.13.0-62-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.11
  Architecture: amd64
  CurrentDesktop: Pantheon
  Date: Wed Aug 19 15:35:00 2015
  InstallationDate: Installed on 2014-12-10 (251 days ago)
  InstallationMedia: elementary OS 0.3 "Freya" - Daily amd64 (20141209)
  SourcePackage: lame
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lame/+bug/1486546/+subscriptions