Public bug reported: [Availability] The package libmysofa is already in Ubuntu universe. The package libmysofa build for the architectures it is designed to work on. It currently builds and works for architetcures: amd64 arm64 armhf i386 ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/libmysofa
[Rationale] - The package libmysofa is required in Ubuntu main as a (optional) depends of pipewire - the library parses spatial audio files which are used by 3D audio systems - the libmysofa1 binary needs to be promoted - There is no other/better way to solve this that is already in main or should go universe->main instead of this. - The package libmysofa is required in Ubuntu main no later than August 17th due to mantic feature freeze [Security] - Had 15 security issues in the past, sorted out by their status on https://ubuntu.com/security/cves?package=libmysofa Released - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16095 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16094 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16093 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16092 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16091 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672 Needed - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3756 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6860 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20063 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20016 Needs triage - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36152 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36151 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36150 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36149 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36148 those are also listed in https://security- tracker.debian.org/tracker/source-package/libmysofa - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu/Upstream and only has minor open bugs - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libmysofa/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libmysofa - Upstream https://github.com/hoene/libmysofa/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] TOFIX - The package does not run a test at build time, Debian disabled them because they were hanging? - The package runs an autopkgtest, and is currently passing on amd64 arm64 armhf ppc64el https://autopkgtest.ubuntu.com/packages/libm/libmysofa - The tests fail on i386 due to installability issues of depends which isn't an issue - The s390x failure might be an endian problem and worth investigating though we don't support desktop on that architecture so it should probably not be a blocker the issue had been reported upstream (but closed since) on https://github.com/hoene/libmysofa/issues/129 [Quality assurance - packaging] - debian/watch is present and works - debian/control defines a correct Maintainer - This package has no lintian warnings - Please link to a recent build log of the package https://launchpadlibrarian.net/632293649/buildlog_ubuntu-lunar-amd64.libmysofa_1.3.1~dfsg0-1_BUILDING.txt.gz - Please attach the full output you have got from `lintian --pedantic` # lintian --pedantic libmysofa_1.3.1~dfsg0-1_amd64.changes # - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to debian/rules https://salsa.debian.org/multimedia- team/libmysofa/-/blob/master/debian/rules [UI standards] - Application is not end-user facing (does not need translation) [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - Owning Team will be desktop-packages - Team is already subscribed to the package - This does not use static builds - This does not use vendored code - This package is not rust based - The package has been built in the archive more recently than the last - The package successfully built during the most recent test rebuild [Background information] The Package description explains the package well Upstream Name is libmysofa Link to upstream project https://github.com/hoene/libmysofa ** Affects: libmysofa (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libmysofa in Ubuntu. https://bugs.launchpad.net/bugs/2019951 Title: [MIR] libmysofa Status in libmysofa package in Ubuntu: New Bug description: [Availability] The package libmysofa is already in Ubuntu universe. The package libmysofa build for the architectures it is designed to work on. It currently builds and works for architetcures: amd64 arm64 armhf i386 ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/libmysofa [Rationale] - The package libmysofa is required in Ubuntu main as a (optional) depends of pipewire - the library parses spatial audio files which are used by 3D audio systems - the libmysofa1 binary needs to be promoted - There is no other/better way to solve this that is already in main or should go universe->main instead of this. - The package libmysofa is required in Ubuntu main no later than August 17th due to mantic feature freeze [Security] - Had 15 security issues in the past, sorted out by their status on https://ubuntu.com/security/cves?package=libmysofa Released - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16095 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16094 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16093 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16092 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16091 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672 Needed - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3756 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6860 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20063 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20016 Needs triage - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36152 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36151 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36150 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36149 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36148 those are also listed in https://security- tracker.debian.org/tracker/source-package/libmysofa - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu/Upstream and only has minor open bugs - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libmysofa/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libmysofa - Upstream https://github.com/hoene/libmysofa/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] TOFIX - The package does not run a test at build time, Debian disabled them because they were hanging? - The package runs an autopkgtest, and is currently passing on amd64 arm64 armhf ppc64el https://autopkgtest.ubuntu.com/packages/libm/libmysofa - The tests fail on i386 due to installability issues of depends which isn't an issue - The s390x failure might be an endian problem and worth investigating though we don't support desktop on that architecture so it should probably not be a blocker the issue had been reported upstream (but closed since) on https://github.com/hoene/libmysofa/issues/129 [Quality assurance - packaging] - debian/watch is present and works - debian/control defines a correct Maintainer - This package has no lintian warnings - Please link to a recent build log of the package https://launchpadlibrarian.net/632293649/buildlog_ubuntu-lunar-amd64.libmysofa_1.3.1~dfsg0-1_BUILDING.txt.gz - Please attach the full output you have got from `lintian --pedantic` # lintian --pedantic libmysofa_1.3.1~dfsg0-1_amd64.changes # - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to debian/rules https://salsa.debian.org/multimedia- team/libmysofa/-/blob/master/debian/rules [UI standards] - Application is not end-user facing (does not need translation) [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - Owning Team will be desktop-packages - Team is already subscribed to the package - This does not use static builds - This does not use vendored code - This package is not rust based - The package has been built in the archive more recently than the last - The package successfully built during the most recent test rebuild [Background information] The Package description explains the package well Upstream Name is libmysofa Link to upstream project https://github.com/hoene/libmysofa To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libmysofa/+bug/2019951/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
