+1 to go ahead. The Security Team will not do a code review at this
** Changed in: mpg123 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to mpg123 in Ubuntu.
Status in mpg123 package in Ubuntu:
Built for all supported architectures. In sync with Debian.
For the 1.14 series, GStreamer upstream moved MP3 encoding and decoding into
gst-plugins-good. These are installed by default, and so now we can have MP3
support in the default install. The desktop team would like this feature.
For that, it uses some libraries and we'll need to put them in main.
There are some CVEs in the history of the project.
The Ubuntu CVE page lists a 'needed' one which AFAICS is fixed in
Desktop team is subscribed.
We need libmpg123-0 in main, and this depends on libc6 only.
4.1.2. debian/rules is slightly complicated because it generates some wrapper
scripts for some old binary names. Those binaries don't go in a package that we
need in main.
Desktop team will maintain. In Debian this is maintained by the multimedia
team, which is active. We don't envisage the package diverging from Debian.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~desktop-packages
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp