Bug#1034653: unblock: x264/2:0.164.3095+gitbaee400-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: x264@packages.debian.org, sramacher@debian.org
Control: affects -1 + src:x264
Please unblock package x264.
[ Reason ]
gpac has a long list of open security issues (see #1033116). As gpac is
a key package (via x264), it's not a removal candidate. With this
change, the x264 binary drops mp4box support and no longer links
libgpac11 which also removes gpac from the key packages set.
[ Impact ]
We will end up with an unfixed gpac in the archive. In bullseye we
currently have 156 open security issues in gpac. There "only" 48 issues
in bookworm.
[ Tests ]
x264 has autopkgtests.
[ Risks ]
Some users may rely on the mp4box support x264. They are required to
migrate to ffmpeg or other encoders. There are however none in the
archive.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock x264/2:0.164.3095+gitbaee400-2+b1
--
Sebastian Ramacher
diff -Nru x264-0.164.3095+gitbaee400/debian/changelog x264-0.164.3095+gitbaee400/debian/changelog
--- x264-0.164.3095+gitbaee400/debian/changelog 2022-06-16 19:31:55.000000000 +0200
+++ x264-0.164.3095+gitbaee400/debian/changelog 2023-04-12 23:37:05.000000000 +0200
@@ -1,3 +1,12 @@
+x264 (2:0.164.3095+gitbaee400-3) unstable; urgency=medium
+
+ * Team upload
+ * debian/: Disable gpac support
+ gpac is a constant source of security issues. gpac support is disabled so
+ it can be removed from bookworm.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Wed, 12 Apr 2023 23:37:05 +0200
+
x264 (2:0.164.3095+gitbaee400-2) unstable; urgency=medium
* Team upload
diff -Nru x264-0.164.3095+gitbaee400/debian/confflags x264-0.164.3095+gitbaee400/debian/confflags
--- x264-0.164.3095+gitbaee400/debian/confflags 2018-08-28 23:13:27.000000000 +0200
+++ x264-0.164.3095+gitbaee400/debian/confflags 2023-04-12 23:36:40.000000000 +0200
@@ -11,14 +11,14 @@
MAKEFLAGS += -j$(NUMJOBS)
endif
-common_confflags += --prefix=/usr --libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
+common_confflags += --prefix=/usr --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) --disable-gpac
ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
common_confflags += --host=$(DEB_HOST_GNU_TYPE) --cross-prefix=$(DEB_HOST_GNU_TYPE)-
endif
ifneq (,$(filter stage1,$(DEB_BUILD_PROFILES)))
-common_confflags += --disable-avs --disable-ffms --disable-gpac
+common_confflags += --disable-avs --disable-ffms
endif
# XXX why isn't --enable-visualize used in the static build?
diff -Nru x264-0.164.3095+gitbaee400/debian/control x264-0.164.3095+gitbaee400/debian/control
--- x264-0.164.3095+gitbaee400/debian/control 2022-06-16 19:31:55.000000000 +0200
+++ x264-0.164.3095+gitbaee400/debian/control 2023-04-12 23:37:05.000000000 +0200
@@ -9,7 +9,6 @@
debhelper-compat (= 13),
libavformat-dev (>= 6:9) <!stage1>,
libffms2-dev <!stage1>,
- libgpac-dev (>= 0.5.0+svn4288~) <!stage1>,
nasm (>= 2.13) [any-i386 any-amd64],
pkg-config
Standards-Version: 4.6.1
diff -Nru x264-0.164.3095+gitbaee400/debian/control.in x264-0.164.3095+gitbaee400/debian/control.in
--- x264-0.164.3095+gitbaee400/debian/control.in 2022-06-11 17:15:48.000000000 +0200
+++ x264-0.164.3095+gitbaee400/debian/control.in 2023-04-12 23:36:15.000000000 +0200
@@ -9,7 +9,6 @@
debhelper-compat (= 13),
libavformat-dev (>= 6:9) <!stage1>,
libffms2-dev <!stage1>,
- libgpac-dev (>= 0.5.0+svn4288~) <!stage1>,
nasm (>= 2.13) [any-i386 any-amd64],
pkg-config
Standards-Version: 4.6.1
Reply to: