On Tue, Feb 09, 2010 at 09:53:46AM +0100, Reinhard Tartler wrote:
> On Do, Jan 28, 2010 at 22:26:45 (CET), Moritz Muehlenhoff wrote:
> 
> > On Fri, Jan 22, 2010 at 06:10:55PM +0100, Moritz Muehlenhoff wrote:
> >> On Wed, Jan 13, 2010 at 09:28:43AM +0100, Reinhard Tartler wrote:
> >> > found 550442 0.svn20080206-18
> >> > stop
> >> > 
> >> > On Sa, Dez 05, 2009 at 00:33:02 (CET), Reinhard Tartler wrote:
> >> > 
> >> > > Moritz Muehlenhoff <j...@inutil.org> writes:
> >> > >
> >> > >> Sorry, this slipped through. An update for stable-security would be 
> >> > >> very
> >> > >> welcome.
> >> > >
> >> > > Test packages (both amd64 and i386) with build logs can be found at
> >> > > http://pkg-multimedia.alioth.debian.org/ffmpeg-lenny/ for now.
> >> > >
> >> > > Please note that because lenny does *not* ship FFmpeg 0.5 but an 
> >> > > earlier
> >> > > snapshot, not all patches did apply cleanly.  I did my best to 
> >> > > backports
> >> > > all patches, but I needed to drop thee of them:
> >> > >
> >> > > security/libavcodec/mpegaudiodec/0002-Check-data_size-in-decode_frame_mp3on4.patch
> >> > > security/libavformat/mov/0003-check-stream-existence-before-assignment-fix-1222.patch
> >> > > security/libavcodec/vp3/0003-Make-sure-that-all-memory-allocations-succeed.patch
> >> > >
> >> > > The biggest problem is that I haven't tested them yet. Testers very
> >> > > welcome!
> >> > >
> >> > > If I get positive feedback, or Moritz asks me to do so, I'll of course
> >> > > upload to security.debian.org immediately.
> >> > 
> >> > ping?
> >> > Any interest from the security team having this in lenny?
> >> 
> >> Sorry, I've been busy. I'll test, review and release.
> >
> > Updates are tested and building, should appear soon.
> 
> ping? I've noticed a failed upload, but no packages in the archive nor
> any announcement. are we still on track?

Packages are built on security-master and tested. I'm waiting for CVE
assignment from either CERT or MITRE for more than a week now. If they
don't react soon, I'll just go ahead and release w/o CVE IDs.

Cheers,
        Moritz



_______________________________________________
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers

Reply via email to