I just researched current open CVEs in bionic. The only one open is
CVE-2017-15019, which is a minor issue.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15019
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lame in Ubuntu.
Status in lame package in Ubuntu:
Built for all supported architectures. In sync with Debian.
For the 1.14 series, GStreamer upstream moved MP3 encoding and decoding into
gst-plugins-good. These are installed by default, and so now we can have MP3
support in the default install. The desktop team would like this feature.
For that, it uses some libraries and we'll need to put them in main.
There are some CVEs in the history of the project.
The Ubuntu CVE page lists some 'needed' ones but from looking at those
ones in Debian they are duplicates and should be fixed already.
Desktop team is subscribed.
I think they are reasonably calm given that this is a well known
We need libmp3lame0 in main, and this depends on libc6 only.
4.1.1 and dh minimal style rules.
Desktop team will maintain. In Debian this is maintained by the multimedia
team, which is active. We don't envisage the package diverging from Debian.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~desktop-packages
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp