X-Git-Url: http://andersk.mit.edu/gitweb/libyaml.git/blobdiff_plain/f8dcd9ae23b881b8ff0bf269efdf7f3006842cf9..e13fd2441670d670eb5194da72e5b729b38f0785:/debian/changelog

diff --git a/debian/changelog b/debian/changelog
index 607ea5e..ffaec3f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,15 +1,75 @@
-libyaml (0.1.5-1) UNRELEASED; urgency=medium
+libyaml (0.2.1-1) UNRELEASED; urgency=medium
 
-  * New upstream version 0.1.5.
+  * New upstream version 0.2.1.
+    + Moved canonical repo to GitHub.  (Closes: #865709)
+  * Bump Standards-Version to 4.1.4 and debian/compat to 11.
+    + Moved documentation in libyaml-doc from /usr/share/doc/libyaml-doc
+      to /usr/share/doc/libyaml-dev.
+
+ -- Anders Kaseorg <andersk@mit.edu>  Fri, 21 Oct 2016 02:54:31 -0400
+
+libyaml (0.1.7-2) unstable; urgency=medium
+
+  * Clean doxygen-generated documentation with dh_doxygen.
+  * Mark libyaml-doc Multi-Arch: foreign.
+  * Add libyaml-0-2.symbols file.
+
+ -- Anders Kaseorg <andersk@mit.edu>  Fri, 30 Sep 2016 22:06:09 -0400
+
+libyaml (0.1.7-1) unstable; urgency=medium
+
+  * New upstream version 0.1.7.
+    + Fix segfault in yaml_string_write_handler.
+    + Fix invalid simple key assertion.
+  * Drop upstreamed patches.
+  * Migrate packaging from CDBS to dh.
+  * Drop libyaml-0-2-dbg in favor of automatically generated
+    libyaml-0-2-dbgsym package.
+
+ -- Anders Kaseorg <andersk@mit.edu>  Sat, 03 Sep 2016 06:48:38 -0400
+
+libyaml (0.1.6-3) unstable; urgency=high
+
+  * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion
+    failure caused by wrapped strings.  (Closes: #771366)
+  * Bump Standards-Version to 3.9.6 (no changes needed).
+
+ -- Anders Kaseorg <andersk@mit.edu>  Fri, 28 Nov 2014 22:05:10 -0500
+
+libyaml (0.1.6-2) unstable; urgency=medium
+
+  * Move doxygen from Build-Depends to Build-Depends-Indep.
+
+ -- Anders Kaseorg <andersk@mit.edu>  Tue, 19 Aug 2014 21:56:25 -0400
+
+libyaml (0.1.6-1) unstable; urgency=medium
+
+  * New upstream version 0.1.6.
     + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
       tags.
+    + Fix CVE-2014-2525: heap-based buffer overflow in
+      yaml_parser_scan_uri_escapes.
   * Drop upstreamed patches.
   * Run tests at build time.
   * Bump Standards-Version to 3.9.5 (no changes needed).
-  * Use dh-autoreconf.
+  * Use dh-autoreconf.  (Closes: #745078)
   * Use dh-buildinfo.
+  * Add libyaml-doc package for Doxygen-generated API documentation and
+    examples.  (Closes: #696821)
+  * Acknowledge NMUs.
+
+ -- Anders Kaseorg <andersk@mit.edu>  Tue, 19 Aug 2014 00:03:53 -0400
+
+libyaml (0.1.4-3.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Add CVE-2014-2525.patch patch.
+    CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
+    The heap overflow is caused by not properly expanding a string before
+    writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
+    (Closes: #742732)
 
- -- Anders Kaseorg <andersk@mit.edu>  Sun, 23 Feb 2014 21:48:49 -0500
+ -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 27 Mar 2014 06:22:25 +0100
 
 libyaml (0.1.4-3.1) unstable; urgency=medium