X-Git-Url: http://andersk.mit.edu/gitweb/libyaml.git/blobdiff_plain/678a07c9ec6a40ef81405e8db7153d354bac14c0..b46834b37908d8052738f5b150970b56dc629fd5:/debian/changelog

diff --git a/debian/changelog b/debian/changelog
index 7f126d5..8ff9a6c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,9 +4,27 @@ libyaml (0.1.5-1) UNRELEASED; urgency=medium
     + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
       tags.
   * Drop upstreamed patches.
+  * Run tests at build time.
+  * Bump Standards-Version to 3.9.5 (no changes needed).
+  * Use dh-autoreconf.
+  * Use dh-buildinfo.
+  * Add libyaml-doc package for Doxygen-generated API documentation and
+    examples.  (Closes: #696821)
+  * Acknowledge NMUs.
 
  -- Anders Kaseorg <andersk@mit.edu>  Sun, 23 Feb 2014 21:48:49 -0500
 
+libyaml (0.1.4-3.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Add CVE-2014-2525.patch patch.
+    CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
+    The heap overflow is caused by not properly expanding a string before
+    writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
+    (Closes: #742732)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 27 Mar 2014 06:22:25 +0100
+
 libyaml (0.1.4-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.