Public bug reported: [Availability]
libsoxr is in "universe", it compiles for all target architectures: https://launchpad.net/ubuntu/+source/libsoxr/0.1.2-2 [Rationale] I would like libsoxr to be moved to "main" so that it can be used in PulseAudio as an audio resampler backend (see https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1574746). The library provides improved quality and performance over the currently used speex resamplers. [Security] The library is used for raw audio processing. Its input and output data is produced and consumed by PulseAudio server. The library builds into two library packages: libsoxr0 and libsoxr-lsr0. The library does not use network or external strings. Library from libsoxr-lsr0 uses environment variables to control some aspects of its behavior, but this library will not be used in PulseAudio (only libsoxr0 will). The environment variables are: SOXR_LSR_NUM_THREADS, SOXR_LSR_STRICT, see src/lsr.c. There were no CVE found for libsoxr: http://cve.mitre.org/cve/cve.html https://www.google.com/search?client=ubuntu&channel=fs&q=site%3Awww.openwall.com%2Flists%2Foss-security+libsoxr&ie=utf-8&oe=utf-8&gfe_rd=cr&ei=gz9dWYW3DMf37gSm-JrYCg#newwindow=1&channel=fs&q=site:www.openwall.com/lists/oss-security+libsoxr http://people.canonical.com/~ubuntu-security/cve/universe.html Package build scripts enable hardening. Overall I consider this library to have low security risk. [Quality assurance] The package build scripts automatically run library tests. There are currently no open bug reports for the package in Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libsoxr There are couple of bugs in Debian: https://bugs.debian.org/src:libsoxr There are no bugs in the upstream bug tracker: https://sourceforge.net/p/soxr/tickets/?source=navbar Recent discussion is happening on the project forum: https://sourceforge.net/p/soxr/discussion/general/ Package installation does not require any manual configuration. There is a debian/watch file. [Dependencies] The library depends only on libc6 and libgomp1, both of which are in "main". [Standards compliance] AFAICS, FHS and Debian policy are fulfilled. [Maintenance] The package is currently maintained by Debian Multimedia Maintainers. [Background information] Package description adequately describe the purpose of the library. I have been building PulseAudio locally with support for libsoxr and have been using it for a few years now, without problem. I used libsoxr in other projects as well. This is a fast library that produces audio of a very good quality. ** Affects: libsoxr (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1702558 Title: [MIR] libsoxr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoxr/+bug/1702558/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
