-libyaml (0.1.4-2) UNRELEASED; urgency=low
+libyaml (0.1.5-1) UNRELEASED; urgency=medium
+
+ * New upstream version 0.1.5.
+ + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
+ tags.
+ * Drop upstreamed patches.
+ * Run tests at build time.
+
+ -- Anders Kaseorg <andersk@mit.edu> Sun, 23 Feb 2014 21:48:49 -0500
+
+libyaml (0.1.4-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Drop libyaml-indent-column-overflow-v2.patch patch.
+ This patch causes additional regressions on simple YAML files.
+ * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
+ Add upstream's patch to guard against overflows in indent and
+ flow_level. (Closes: #738587)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100
+
+libyaml (0.1.4-3) unstable; urgency=high
+
+ * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags.
+ (Closes: #737076)
+
+ -- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500
+
+libyaml (0.1.4-2) unstable; urgency=low
* Remove extra libyaml-0.so symlink from libyaml-dev.
* Bump Debhelper compat level to 9.
* Support multiarch. (Closes: #653748) (LP: #905630)
* Use 3.0 (quilt) source format.
- -- Anders Kaseorg <andersk@mit.edu> Fri, 23 Dec 2011 20:35:55 -0500
+ -- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500
libyaml (0.1.4-1) unstable; urgency=low