]>
Commit | Line | Data |
---|---|---|
9a751a1d | 1 | libyaml (0.1.6-3) unstable; urgency=high |
6ecaf949 AK |
2 | |
3 | * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion | |
4 | failure caused by wrapped strings. (Closes: #771366) | |
48fc5d2d | 5 | * Bump Standards-Version to 3.9.6 (no changes needed). |
6ecaf949 | 6 | |
9a751a1d | 7 | -- Anders Kaseorg <andersk@mit.edu> Fri, 28 Nov 2014 22:05:10 -0500 |
6ecaf949 | 8 | |
6f165d57 | 9 | libyaml (0.1.6-2) unstable; urgency=medium |
ec5a74bd AK |
10 | |
11 | * Move doxygen from Build-Depends to Build-Depends-Indep. | |
12 | ||
6f165d57 | 13 | -- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 21:56:25 -0400 |
ec5a74bd | 14 | |
aaf3a1c2 | 15 | libyaml (0.1.6-1) unstable; urgency=medium |
678a07c9 | 16 | |
0070a532 | 17 | * New upstream version 0.1.6. |
678a07c9 AK |
18 | + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML |
19 | tags. | |
0070a532 AK |
20 | + Fix CVE-2014-2525: heap-based buffer overflow in |
21 | yaml_parser_scan_uri_escapes. | |
678a07c9 | 22 | * Drop upstreamed patches. |
dd2bbc9e | 23 | * Run tests at build time. |
d328a1cd | 24 | * Bump Standards-Version to 3.9.5 (no changes needed). |
a3d68865 | 25 | * Use dh-autoreconf. (Closes: #745078) |
f8dcd9ae | 26 | * Use dh-buildinfo. |
47950261 AK |
27 | * Add libyaml-doc package for Doxygen-generated API documentation and |
28 | examples. (Closes: #696821) | |
4fdeceb2 | 29 | * Acknowledge NMUs. |
678a07c9 | 30 | |
aaf3a1c2 | 31 | -- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 00:03:53 -0400 |
678a07c9 | 32 | |
0e9a9917 SB |
33 | libyaml (0.1.4-3.2) unstable; urgency=high |
34 | ||
35 | * Non-maintainer upload by the Security Team. | |
36 | * Add CVE-2014-2525.patch patch. | |
37 | CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. | |
38 | The heap overflow is caused by not properly expanding a string before | |
39 | writing to it in function yaml_parser_scan_uri_escapes in scanner.c. | |
40 | (Closes: #742732) | |
41 | ||
42 | -- Salvatore Bonaccorso <carnil@debian.org> Thu, 27 Mar 2014 06:22:25 +0100 | |
43 | ||
8c29bde4 SB |
44 | libyaml (0.1.4-3.1) unstable; urgency=medium |
45 | ||
46 | * Non-maintainer upload. | |
47 | * Drop libyaml-indent-column-overflow-v2.patch patch. | |
48 | This patch causes additional regressions on simple YAML files. | |
49 | * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. | |
50 | Add upstream's patch to guard against overflows in indent and | |
51 | flow_level. (Closes: #738587) | |
52 | ||
53 | -- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100 | |
54 | ||
757f614e | 55 | libyaml (0.1.4-3) unstable; urgency=high |
4690e8e8 AK |
56 | |
57 | * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. | |
58 | (Closes: #737076) | |
59 | ||
757f614e | 60 | -- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500 |
4690e8e8 | 61 | |
9d74d117 | 62 | libyaml (0.1.4-2) unstable; urgency=low |
5d566460 AK |
63 | |
64 | * Remove extra libyaml-0.so symlink from libyaml-dev. | |
264015cb | 65 | * Bump Debhelper compat level to 9. |
dc0d8d28 | 66 | * Support multiarch. (Closes: #653748) (LP: #905630) |
5ebf03b5 | 67 | * Use 3.0 (quilt) source format. |
5d566460 | 68 | |
9d74d117 | 69 | -- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500 |
5d566460 | 70 | |
7919b4c8 | 71 | libyaml (0.1.4-1) unstable; urgency=low |
a16771db AK |
72 | |
73 | * New upstream version 0.1.4. | |
74 | + Fixed a bug that prevented an empty mapping being used as a simple | |
75 | key. | |
76 | + Fixed pointer overflow when calculating the position of a potential | |
77 | simple key. | |
18d792f8 | 78 | + Added pkg-config support. (Closes: #537834) |
d27f4509 | 79 | * Remove unneded libyaml.la file. (Closes: #622452) |
2dff8bb1 AK |
80 | * Add libyaml-0-2-dbg package with debugging symbols. |
81 | (Closes: #592747) | |
8e7f8c47 | 82 | * Bumped standards version to 3.9.2 without further change |
a16771db | 83 | |
7919b4c8 | 84 | -- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 22:27:27 -0400 |
a16771db | 85 | |
6e99db53 | 86 | libyaml (0.1.3-1) unstable; urgency=low |
b5157f22 AK |
87 | |
88 | * New upstream version 0.1.3. | |
89 | + This release fixes non-standard structure initialization and a | |
90 | streaming-related issue. | |
91 | * Bump priority from extra to optional. | |
92 | ||
6e99db53 | 93 | -- Anders Kaseorg <andersk@mit.edu> Sun, 04 Oct 2009 14:07:18 -0400 |
b5157f22 | 94 | |
d571cc8b | 95 | libyaml (0.1.2-1) unstable; urgency=low |
2decfa0e AK |
96 | |
97 | * New upstream version 0.1.2. | |
98 | + Fixed grammar in error messages (from YAML::XS::LibYAML). | |
99 | + Rewritten whitespace detection in the scalar analyzer and block | |
100 | scalar writers (ported from PyYAML). | |
101 | + Fixed emitting folded scalars with trailing breaks; Forced emitting | |
102 | of a document end indicator when there is a possibility of ambiguous | |
103 | parsing. | |
104 | ||
d571cc8b | 105 | -- Anders Kaseorg <andersk@mit.edu> Mon, 29 Dec 2008 21:10:48 -0500 |
2decfa0e | 106 | |
01068572 AK |
107 | libyaml (0.1.1-1) unstable; urgency=low |
108 | ||
109 | * Initial release (Closes: #484381). | |
110 | ||
111 | -- Anders Kaseorg <andersk@mit.edu> Tue, 10 Jun 2008 02:37:34 -0400 |