-libyaml (0.1.4-1) UNRELEASED; urgency=low
+libyaml (0.1.7-2) UNRELEASED; urgency=medium
+
+ * Clean doxygen-generated documentation with dh_doxygen.
+
+ -- Anders Kaseorg <andersk@mit.edu> Sun, 04 Sep 2016 04:34:55 -0400
+
+libyaml (0.1.7-1) unstable; urgency=medium
+
+ * New upstream version 0.1.7.
+ + Fix segfault in yaml_string_write_handler.
+ + Fix invalid simple key assertion.
+ * Drop upstreamed patches.
+ * Migrate packaging from CDBS to dh.
+ * Drop libyaml-0-2-dbg in favor of automatically generated
+ libyaml-0-2-dbgsym package.
+
+ -- Anders Kaseorg <andersk@mit.edu> Sat, 03 Sep 2016 06:48:38 -0400
+
+libyaml (0.1.6-3) unstable; urgency=high
+
+ * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion
+ failure caused by wrapped strings. (Closes: #771366)
+ * Bump Standards-Version to 3.9.6 (no changes needed).
+
+ -- Anders Kaseorg <andersk@mit.edu> Fri, 28 Nov 2014 22:05:10 -0500
+
+libyaml (0.1.6-2) unstable; urgency=medium
+
+ * Move doxygen from Build-Depends to Build-Depends-Indep.
+
+ -- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 21:56:25 -0400
+
+libyaml (0.1.6-1) unstable; urgency=medium
+
+ * New upstream version 0.1.6.
+ + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
+ tags.
+ + Fix CVE-2014-2525: heap-based buffer overflow in
+ yaml_parser_scan_uri_escapes.
+ * Drop upstreamed patches.
+ * Run tests at build time.
+ * Bump Standards-Version to 3.9.5 (no changes needed).
+ * Use dh-autoreconf. (Closes: #745078)
+ * Use dh-buildinfo.
+ * Add libyaml-doc package for Doxygen-generated API documentation and
+ examples. (Closes: #696821)
+ * Acknowledge NMUs.
+
+ -- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 00:03:53 -0400
+
+libyaml (0.1.4-3.2) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Add CVE-2014-2525.patch patch.
+ CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
+ The heap overflow is caused by not properly expanding a string before
+ writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
+ (Closes: #742732)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Thu, 27 Mar 2014 06:22:25 +0100
+
+libyaml (0.1.4-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Drop libyaml-indent-column-overflow-v2.patch patch.
+ This patch causes additional regressions on simple YAML files.
+ * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
+ Add upstream's patch to guard against overflows in indent and
+ flow_level. (Closes: #738587)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100
+
+libyaml (0.1.4-3) unstable; urgency=high
+
+ * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags.
+ (Closes: #737076)
+
+ -- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500
+
+libyaml (0.1.4-2) unstable; urgency=low
+
+ * Remove extra libyaml-0.so symlink from libyaml-dev.
+ * Bump Debhelper compat level to 9.
+ * Support multiarch. (Closes: #653748) (LP: #905630)
+ * Use 3.0 (quilt) source format.
+
+ -- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500
+
+libyaml (0.1.4-1) unstable; urgency=low
* New upstream version 0.1.4.
+ Fixed a bug that prevented an empty mapping being used as a simple
+ Fixed pointer overflow when calculating the position of a potential
simple key.
+ Added pkg-config support. (Closes: #537834)
+ * Remove unneded libyaml.la file. (Closes: #622452)
+ * Add libyaml-0-2-dbg package with debugging symbols.
+ (Closes: #592747)
+ * Bumped standards version to 3.9.2 without further change
- -- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 19:52:27 -0400
+ -- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 22:27:27 -0400
libyaml (0.1.3-1) unstable; urgency=low
andersk / libyaml.git / blobdiff