Bug#1041825: libopenraw: new upstream release 0.3.6

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1041825: libopenraw: new upstream release 0.3.6
From: Simon McVittie <smcv@debian.org>
Date: Mon, 24 Jul 2023 00:02:15 +0100
Message-id: <[🔎] ZL2xdwkWw5Z0MUNJ@tautology.pseudorandom.co.uk>
Reply-to: Simon McVittie <smcv@debian.org>, 1041825@bugs.debian.org

Source: libopenraw
Version: 0.1.2-0.2
Severity: wishlist
X-Debbugs-Cc: tumbler@packages.debian.org
Control: affects -1 + tumbler-plugins-extra

While investigating whether libopenraw's dependency on GTK 2 can be
removed (which it can, see #967585), I noticed that the version of
libopenraw in Debian is from 2018 and there have been 12 new upstream
releases since then.

With this being file parsing code, I'm concerned that this might mean
unfixed security issues (although I don't see any obvious security fixes
in the upstream NEWS).

tumbler-plugins-extra seems to be the only package in Debian that makes
use of libopenraw (gegl also has a Build-Depends on it, but it seems to
be unused there) so the maintainers of tumbler might be interested in
salvaging libopenraw to have a high-quality version to depend on if its
current Debian maintainer is no longer active?

    smcv

Reply to:

Prev by Date: Bug#1039957: light-locker: Bug 1039957: light-locker: coredump from light-locker
Next by Date: Bug#1039957: light-locker: Bug 1039957: light-locker: coredump from light-locker
Previous by thread: Bug#1039957: light-locker: Bug 1039957: light-locker: coredump from light-locker
Index(es):
- Date
- Thread