Override component to main
libyuv 0.0.1899.20250103-1 in plucky: universe/misc -> main
libyuv-dev 0.0.1899.20250103-1 in plucky amd64: universe/libs/optional/100% ->
main
libyuv-dev 0.0.1899.20250103-1 in plucky arm64: universe/libs/optional/100% ->
main
libyuv-dev 0.0.1899.20250103-1 in plucky a
I've subscribed desktop-packages to the ubuntu package now, since
libcamera is what is pulling it in main it makes sense for us to be the
owner. Was there anything else need or is it fine to promote it now?
(the depends is preventing libcamera to migrate out of proposed)
--
You received this bug
It is needed by libcamera now in plucky
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifications about this bug go to:
ht
Thanks for the investigation of the new dependency tracking!
I missed that previously. Sorry for all the extra work involved for getting
this landed in time!
I'll unsubscribe ~foundations-bugs and move it to "In Progress", as the
MIR still passed. So it has the correct state, should it be needed
Slight change here - this isn't needed for libaom3.
Due to the good use of non-embedded libs we now have correct dependency
tracking.
That shows that only aom-tools would needed it, which isn't pulled in from
libheif.
We could promote it, but if you want that you'd need to seed aom-tools
(if it
** Changed in: libyuv (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage not
This is now ready and can be promoted with the rest of the libgd2 ->
libheif -> PLUGINS -> CODECS chain
** Changed in: libyuv (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bug
I reviewed libyuv 0.0~git202401110.af6ac82-1 as checked into noble. This
shouldn't be considered a full audit but rather a quick gauge of
maintainability.
libyuv is an open source project that includes YUV scaling and
conversion functionality.
- CVE History:
- none
- open bug reports are not
When is Security review absolutely needed by? Is April 17th, the day
before Final Freeze okay? Would that give Foundation's enough time to
promote to main?
There may not be enough time for Security to complete a review by Final
Freeze, but we are looking for someone to take this asap.
--
You rec
** Changed in: libyuv (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifica
Alex has granted the exception with a note advising against last minute
security reviews in the future.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependen
ravi-sharma> I sent a message to Alex to request an exception.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifications a
** Tags added: sec-4053
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifications about this bug go to:
https://bugs.launc
** Changed in: libyuv (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifica
Hello, the MIR process says any MIRs assigned to the security team after
the Beta Freeze deadline need to be discussed with the Director of
Security Engineering:
For a MIR to be considered for a release, it must be assigned to the
Security team (by the MIR team) before Beta Freeze. This
UPDATE:
I see the latest version 0.0~git202401110.af6ac82-1 is a sync from
Debian and also provides some non-superficial autopkgtests. So the
required MIR TODOs seems to be solved. I subscribed ~foundations-bugs
and moving it into the security queue.
** Changed in: libyuv (Ubuntu)
Assignee:
16 matches
Mail list logo
