This package has a long security history, and a currently left-open CVE
because the upload of 3.100 did not include closing the active CVE.
If there's a go-ahead from the Security Team (I'm not looking for a code
review, just an acknowledgement that they are aware of the requirement
for this package, and are fine with its current general state); then I
see no issues with this MIR.
** Changed in: lame (Ubuntu)
Status: New => Incomplete
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lame in Ubuntu.
Status in lame package in Ubuntu:
Built for all supported architectures. In sync with Debian.
For the 1.14 series, GStreamer upstream moved MP3 encoding and decoding into
gst-plugins-good. These are installed by default, and so now we can have MP3
support in the default install. The desktop team would like this feature.
For that, it uses some libraries and we'll need to put them in main.
There are some CVEs in the history of the project.
The Ubuntu CVE page lists some 'needed' ones but from looking at those
ones in Debian they are duplicates and should be fixed already.
Desktop team is subscribed.
I think they are reasonably calm given that this is a well known
We need libmp3lame0 in main, and this depends on libc6 only.
4.1.1 and dh minimal style rules.
Desktop team will maintain. In Debian this is maintained by the multimedia
team, which is active. We don't envisage the package diverging from Debian.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~touch-packages
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp