aom (1.0.0.errata1-3+deb11u1ubuntu0.1) focal-security; urgency=medium

   * SECURITY UPDATE: Integer overflow in img_alloc_helper
    - d/p/0001-Do-not-account-for-high-bit-depth-twice.patch: Do
      not account for high bit depth twice in aom/src/aom_image.c
    - d/p/0002-Fix-integer-overflows-in-calc-of-stride_in_bytes.patch:
      Fix integer overflows in calc of stride_in_bytes in aom/src/aom_image.c
    - d/p/0003-Avoid-integer-overflows-in-align_image_dimension.patch:
      Avoid integer overflows in align_image_dimension() in aom/aom_image.h
      and aom/src/aom_image.c
    - d/p/0004-Apply-stride_align-to-byte-count-not-pixel-count.patch:
      Apply stride_align to byte count, not pixel count in aom/src/aom_image.c
    - CVE-2024-5171

 -- Chrisa Oikonomou <chrisa.oikonomou@canonical.com>  Thu, 27 Mar 2025 14:12:19 +0000

aom (1.0.0.errata1-3+deb11u1build0.20.04.1) focal-security; urgency=medium

  * fake sync from Debian

 -- Amir Naseredini <amir.naseredini@canonical.com>  Thu, 19 Oct 2023 16:03:29 +0100

aom (1.0.0.errata1-3+deb11u1) bullseye-security; urgency=high

  * Non-maintainer upload.
  * Fix CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135,
    CVE-2021-30473, CVE-2021-30474 and CVE-2021-30475.
    Multiple security vulnerabilities have been discovered in aom, the AV1
    Video Codec Library. Buffer overflows, use-after-free and NULL pointer
    dereferences may cause a denial of service or other unspecified impact if a
    malformed multimedia file is processed.

 -- Markus Koschany <apo@debian.org>  Tue, 05 Sep 2023 23:10:00 +0200

aom (1.0.0.errata1-3) unstable; urgency=medium

  [ James Cowgill ]
  * d/tests:
    - Merge pkg-config invocations.
    - Make library-build test cross test friendly.
      Thanks to Steve Langasek for the original patch. (Closes: #946236)

  [ Ondřej Nový ]
  * d/control: Bump Standards-Version to 4.4.1.

 -- James Cowgill <jcowgill@debian.org>  Thu, 02 Jan 2020 19:26:18 +0000

aom (1.0.0.errata1-2) unstable; urgency=medium

  [ James Cowgill ]
  * d/rules:
    - Manually set AOM_NEON_INTRIN_FLAG on armhf.
    - Enable CONFIG_LOWBITDEPTH.

  [ Tom Finegan ]
  * cmake: Fix arm neon intrinsic flag handling bugs.

 -- James Cowgill <jcowgill@debian.org>  Sun, 01 Sep 2019 13:28:49 +0100

aom (1.0.0.errata1-1) unstable; urgency=medium

  [ James Cowgill ]
  * New upstream release.

  * d/control:
    - Add build-dependency on graphviz,
    - Bump debhelper compat to 12,
    - Bump standards version to 4.4.0,
  * d/rules: Manually specify target cpu and enable multithreading.
  * d/source: Add dgit-maint-merge workflow files,
  * d/watch: Fix tag URLs and upstream version mangling,

  [ Jan Beich ]
  * cmake: Assume ELF object format for unknown target systems.
    (Closes: #934604)

 -- James Cowgill <jcowgill@debian.org>  Sat, 31 Aug 2019 19:21:46 +0100

aom (1.0.0-3) unstable; urgency=medium

  [ John Paul Adrian Glaubitz ]
  * d/rules: Disable AltVec on powerpcspe. (Closes: #909950)

 -- James Cowgill <jcowgill@debian.org>  Thu, 04 Oct 2018 18:21:30 +0100

aom (1.0.0-2) unstable; urgency=medium

  * Cherry-pick upstream commit to fix FTBFS on ppc64el.
  * d/control:
    - Use correct Maintainer.
    - Bump standards version.
  * d/rules:
    - Workaround broken 32-bit ARM architecture detection.
    - Disable optimizations on x32 to fix FTBFS.
  * d/tests:
    - control: make library-build depend on build-essential.
    - encode-decode: fix target size.
    - library-build: Remove useless include.
    - library-build: Make some function args const.
    - library-build: Test number of generated packets.
    - library-build: Add copyright notice.

 -- James Cowgill <jcowgill@debian.org>  Thu, 20 Sep 2018 09:58:42 +0100

aom (1.0.0-1) unstable; urgency=medium

  * Initial release. (Closes: #905096)

 -- James Cowgill <jcowgill@debian.org>  Sun, 12 Aug 2018 18:18:57 +0100
