Upstream has "released" (but not really announced anywhere aside from a comment on an issue on their Github bugtracker) pre-release 2 of libsndfile 1.0.29:
Also, I've put together ready-made git-based PKGBUILDs for both the libsndfile and lib32-libsndfile packages, in the desperate hope that somebody will actually give a fuck about Archlinux shipping packages with a dozen unfixed CVEs.
I've just signed off on both libsndfile 1.0.31-1 and lib32-libsndfile 1.0.31-1, but both package require one additional signoff to be moved from testing/multilib-testing to extra/multilib.
Upstream has "released" (but not really announced anywhere aside from a comment on an issue on their Github bugtracker) pre-release 2 of libsndfile 1.0.29:
https://github.com/erikd/libsndfile/issues/470#issuecomment-501893463
Also, I've put together ready-made git-based PKGBUILDs for both the libsndfile and lib32-libsndfile packages, in the desperate hope that somebody will actually give a fuck about Archlinux shipping packages with a dozen unfixed CVEs.
@loqs wonderful - any news when this will be deployed? can one help testing? i could at least test my case ...
I've just signed off on both libsndfile 1.0.31-1 and lib32-libsndfile 1.0.31-1, but both package require one additional signoff to be moved from testing/multilib-testing to extra/multilib.