X-Git-Url: http://andersk.mit.edu/gitweb/libyaml.git/blobdiff_plain/9886d41b959a87c1564cd269a30c17e2444a305c..e13fd2441670d670eb5194da72e5b729b38f0785:/debian/changelog diff --git a/debian/changelog b/debian/changelog index d41c3b0..ffaec3f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,127 @@ +libyaml (0.2.1-1) UNRELEASED; urgency=medium + + * New upstream version 0.2.1. + + Moved canonical repo to GitHub. (Closes: #865709) + * Bump Standards-Version to 4.1.4 and debian/compat to 11. + + Moved documentation in libyaml-doc from /usr/share/doc/libyaml-doc + to /usr/share/doc/libyaml-dev. + + -- Anders Kaseorg Fri, 21 Oct 2016 02:54:31 -0400 + +libyaml (0.1.7-2) unstable; urgency=medium + + * Clean doxygen-generated documentation with dh_doxygen. + * Mark libyaml-doc Multi-Arch: foreign. + * Add libyaml-0-2.symbols file. + + -- Anders Kaseorg Fri, 30 Sep 2016 22:06:09 -0400 + +libyaml (0.1.7-1) unstable; urgency=medium + + * New upstream version 0.1.7. + + Fix segfault in yaml_string_write_handler. + + Fix invalid simple key assertion. + * Drop upstreamed patches. + * Migrate packaging from CDBS to dh. + * Drop libyaml-0-2-dbg in favor of automatically generated + libyaml-0-2-dbgsym package. + + -- Anders Kaseorg Sat, 03 Sep 2016 06:48:38 -0400 + +libyaml (0.1.6-3) unstable; urgency=high + + * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion + failure caused by wrapped strings. (Closes: #771366) + * Bump Standards-Version to 3.9.6 (no changes needed). + + -- Anders Kaseorg Fri, 28 Nov 2014 22:05:10 -0500 + +libyaml (0.1.6-2) unstable; urgency=medium + + * Move doxygen from Build-Depends to Build-Depends-Indep. + + -- Anders Kaseorg Tue, 19 Aug 2014 21:56:25 -0400 + +libyaml (0.1.6-1) unstable; urgency=medium + + * New upstream version 0.1.6. + + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML + tags. + + Fix CVE-2014-2525: heap-based buffer overflow in + yaml_parser_scan_uri_escapes. + * Drop upstreamed patches. + * Run tests at build time. + * Bump Standards-Version to 3.9.5 (no changes needed). + * Use dh-autoreconf. (Closes: #745078) + * Use dh-buildinfo. + * Add libyaml-doc package for Doxygen-generated API documentation and + examples. (Closes: #696821) + * Acknowledge NMUs. + + -- Anders Kaseorg Tue, 19 Aug 2014 00:03:53 -0400 + +libyaml (0.1.4-3.2) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Add CVE-2014-2525.patch patch. + CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. + The heap overflow is caused by not properly expanding a string before + writing to it in function yaml_parser_scan_uri_escapes in scanner.c. + (Closes: #742732) + + -- Salvatore Bonaccorso Thu, 27 Mar 2014 06:22:25 +0100 + +libyaml (0.1.4-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Drop libyaml-indent-column-overflow-v2.patch patch. + This patch causes additional regressions on simple YAML files. + * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. + Add upstream's patch to guard against overflows in indent and + flow_level. (Closes: #738587) + + -- Salvatore Bonaccorso Thu, 13 Feb 2014 07:51:58 +0100 + +libyaml (0.1.4-3) unstable; urgency=high + + * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. + (Closes: #737076) + + -- Anders Kaseorg Wed, 29 Jan 2014 20:11:48 -0500 + +libyaml (0.1.4-2) unstable; urgency=low + + * Remove extra libyaml-0.so symlink from libyaml-dev. + * Bump Debhelper compat level to 9. + * Support multiarch. (Closes: #653748) (LP: #905630) + * Use 3.0 (quilt) source format. + + -- Anders Kaseorg Fri, 30 Dec 2011 17:14:52 -0500 + +libyaml (0.1.4-1) unstable; urgency=low + + * New upstream version 0.1.4. + + Fixed a bug that prevented an empty mapping being used as a simple + key. + + Fixed pointer overflow when calculating the position of a potential + simple key. + + Added pkg-config support. (Closes: #537834) + * Remove unneded libyaml.la file. (Closes: #622452) + * Add libyaml-0-2-dbg package with debugging symbols. + (Closes: #592747) + * Bumped standards version to 3.9.2 without further change + + -- Anders Kaseorg Mon, 30 May 2011 22:27:27 -0400 + +libyaml (0.1.3-1) unstable; urgency=low + + * New upstream version 0.1.3. + + This release fixes non-standard structure initialization and a + streaming-related issue. + * Bump priority from extra to optional. + + -- Anders Kaseorg Sun, 04 Oct 2009 14:07:18 -0400 + libyaml (0.1.2-1) unstable; urgency=low * New upstream version 0.1.2.