]>
Commit | Line | Data |
---|---|---|
aaf3a1c2 | 1 | libyaml (0.1.6-1) unstable; urgency=medium |
678a07c9 | 2 | |
0070a532 | 3 | * New upstream version 0.1.6. |
678a07c9 AK |
4 | + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML |
5 | tags. | |
0070a532 AK |
6 | + Fix CVE-2014-2525: heap-based buffer overflow in |
7 | yaml_parser_scan_uri_escapes. | |
678a07c9 | 8 | * Drop upstreamed patches. |
dd2bbc9e | 9 | * Run tests at build time. |
d328a1cd | 10 | * Bump Standards-Version to 3.9.5 (no changes needed). |
a3d68865 | 11 | * Use dh-autoreconf. (Closes: #745078) |
f8dcd9ae | 12 | * Use dh-buildinfo. |
47950261 AK |
13 | * Add libyaml-doc package for Doxygen-generated API documentation and |
14 | examples. (Closes: #696821) | |
4fdeceb2 | 15 | * Acknowledge NMUs. |
678a07c9 | 16 | |
aaf3a1c2 | 17 | -- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 00:03:53 -0400 |
678a07c9 | 18 | |
0e9a9917 SB |
19 | libyaml (0.1.4-3.2) unstable; urgency=high |
20 | ||
21 | * Non-maintainer upload by the Security Team. | |
22 | * Add CVE-2014-2525.patch patch. | |
23 | CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. | |
24 | The heap overflow is caused by not properly expanding a string before | |
25 | writing to it in function yaml_parser_scan_uri_escapes in scanner.c. | |
26 | (Closes: #742732) | |
27 | ||
28 | -- Salvatore Bonaccorso <carnil@debian.org> Thu, 27 Mar 2014 06:22:25 +0100 | |
29 | ||
8c29bde4 SB |
30 | libyaml (0.1.4-3.1) unstable; urgency=medium |
31 | ||
32 | * Non-maintainer upload. | |
33 | * Drop libyaml-indent-column-overflow-v2.patch patch. | |
34 | This patch causes additional regressions on simple YAML files. | |
35 | * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. | |
36 | Add upstream's patch to guard against overflows in indent and | |
37 | flow_level. (Closes: #738587) | |
38 | ||
39 | -- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100 | |
40 | ||
757f614e | 41 | libyaml (0.1.4-3) unstable; urgency=high |
4690e8e8 AK |
42 | |
43 | * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. | |
44 | (Closes: #737076) | |
45 | ||
757f614e | 46 | -- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500 |
4690e8e8 | 47 | |
9d74d117 | 48 | libyaml (0.1.4-2) unstable; urgency=low |
5d566460 AK |
49 | |
50 | * Remove extra libyaml-0.so symlink from libyaml-dev. | |
264015cb | 51 | * Bump Debhelper compat level to 9. |
dc0d8d28 | 52 | * Support multiarch. (Closes: #653748) (LP: #905630) |
5ebf03b5 | 53 | * Use 3.0 (quilt) source format. |
5d566460 | 54 | |
9d74d117 | 55 | -- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500 |
5d566460 | 56 | |
7919b4c8 | 57 | libyaml (0.1.4-1) unstable; urgency=low |
a16771db AK |
58 | |
59 | * New upstream version 0.1.4. | |
60 | + Fixed a bug that prevented an empty mapping being used as a simple | |
61 | key. | |
62 | + Fixed pointer overflow when calculating the position of a potential | |
63 | simple key. | |
18d792f8 | 64 | + Added pkg-config support. (Closes: #537834) |
d27f4509 | 65 | * Remove unneded libyaml.la file. (Closes: #622452) |
2dff8bb1 AK |
66 | * Add libyaml-0-2-dbg package with debugging symbols. |
67 | (Closes: #592747) | |
8e7f8c47 | 68 | * Bumped standards version to 3.9.2 without further change |
a16771db | 69 | |
7919b4c8 | 70 | -- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 22:27:27 -0400 |
a16771db | 71 | |
6e99db53 | 72 | libyaml (0.1.3-1) unstable; urgency=low |
b5157f22 AK |
73 | |
74 | * New upstream version 0.1.3. | |
75 | + This release fixes non-standard structure initialization and a | |
76 | streaming-related issue. | |
77 | * Bump priority from extra to optional. | |
78 | ||
6e99db53 | 79 | -- Anders Kaseorg <andersk@mit.edu> Sun, 04 Oct 2009 14:07:18 -0400 |
b5157f22 | 80 | |
d571cc8b | 81 | libyaml (0.1.2-1) unstable; urgency=low |
2decfa0e AK |
82 | |
83 | * New upstream version 0.1.2. | |
84 | + Fixed grammar in error messages (from YAML::XS::LibYAML). | |
85 | + Rewritten whitespace detection in the scalar analyzer and block | |
86 | scalar writers (ported from PyYAML). | |
87 | + Fixed emitting folded scalars with trailing breaks; Forced emitting | |
88 | of a document end indicator when there is a possibility of ambiguous | |
89 | parsing. | |
90 | ||
d571cc8b | 91 | -- Anders Kaseorg <andersk@mit.edu> Mon, 29 Dec 2008 21:10:48 -0500 |
2decfa0e | 92 | |
01068572 AK |
93 | libyaml (0.1.1-1) unstable; urgency=low |
94 | ||
95 | * Initial release (Closes: #484381). | |
96 | ||
97 | -- Anders Kaseorg <andersk@mit.edu> Tue, 10 Jun 2008 02:37:34 -0400 |