1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131
|
libyaml (0.1.7-2) unstable; urgency=medium
* Clean doxygen-generated documentation with dh_doxygen.
* Mark libyaml-doc Multi-Arch: foreign.
* Add libyaml-0-2.symbols file.
-- Anders Kaseorg <andersk@mit.edu> Fri, 30 Sep 2016 22:06:09 -0400
libyaml (0.1.7-1) unstable; urgency=medium
* New upstream version 0.1.7.
+ Fix segfault in yaml_string_write_handler.
+ Fix invalid simple key assertion.
* Drop upstreamed patches.
* Migrate packaging from CDBS to dh.
* Drop libyaml-0-2-dbg in favor of automatically generated
libyaml-0-2-dbgsym package.
-- Anders Kaseorg <andersk@mit.edu> Sat, 03 Sep 2016 06:48:38 -0400
libyaml (0.1.6-3) unstable; urgency=high
* debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion
failure caused by wrapped strings. (Closes: #771366)
* Bump Standards-Version to 3.9.6 (no changes needed).
-- Anders Kaseorg <andersk@mit.edu> Fri, 28 Nov 2014 22:05:10 -0500
libyaml (0.1.6-2) unstable; urgency=medium
* Move doxygen from Build-Depends to Build-Depends-Indep.
-- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 21:56:25 -0400
libyaml (0.1.6-1) unstable; urgency=medium
* New upstream version 0.1.6.
+ Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
tags.
+ Fix CVE-2014-2525: heap-based buffer overflow in
yaml_parser_scan_uri_escapes.
* Drop upstreamed patches.
* Run tests at build time.
* Bump Standards-Version to 3.9.5 (no changes needed).
* Use dh-autoreconf. (Closes: #745078)
* Use dh-buildinfo.
* Add libyaml-doc package for Doxygen-generated API documentation and
examples. (Closes: #696821)
* Acknowledge NMUs.
-- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 00:03:53 -0400
libyaml (0.1.4-3.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2014-2525.patch patch.
CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
The heap overflow is caused by not properly expanding a string before
writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
(Closes: #742732)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 27 Mar 2014 06:22:25 +0100
libyaml (0.1.4-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Drop libyaml-indent-column-overflow-v2.patch patch.
This patch causes additional regressions on simple YAML files.
* Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
Add upstream's patch to guard against overflows in indent and
flow_level. (Closes: #738587)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100
libyaml (0.1.4-3) unstable; urgency=high
* Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags.
(Closes: #737076)
-- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500
libyaml (0.1.4-2) unstable; urgency=low
* Remove extra libyaml-0.so symlink from libyaml-dev.
* Bump Debhelper compat level to 9.
* Support multiarch. (Closes: #653748) (LP: #905630)
* Use 3.0 (quilt) source format.
-- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500
libyaml (0.1.4-1) unstable; urgency=low
* New upstream version 0.1.4.
+ Fixed a bug that prevented an empty mapping being used as a simple
key.
+ Fixed pointer overflow when calculating the position of a potential
simple key.
+ Added pkg-config support. (Closes: #537834)
* Remove unneded libyaml.la file. (Closes: #622452)
* Add libyaml-0-2-dbg package with debugging symbols.
(Closes: #592747)
* Bumped standards version to 3.9.2 without further change
-- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 22:27:27 -0400
libyaml (0.1.3-1) unstable; urgency=low
* New upstream version 0.1.3.
+ This release fixes non-standard structure initialization and a
streaming-related issue.
* Bump priority from extra to optional.
-- Anders Kaseorg <andersk@mit.edu> Sun, 04 Oct 2009 14:07:18 -0400
libyaml (0.1.2-1) unstable; urgency=low
* New upstream version 0.1.2.
+ Fixed grammar in error messages (from YAML::XS::LibYAML).
+ Rewritten whitespace detection in the scalar analyzer and block
scalar writers (ported from PyYAML).
+ Fixed emitting folded scalars with trailing breaks; Forced emitting
of a document end indicator when there is a possibility of ambiguous
parsing.
-- Anders Kaseorg <andersk@mit.edu> Mon, 29 Dec 2008 21:10:48 -0500
libyaml (0.1.1-1) unstable; urgency=low
* Initial release (Closes: #484381).
-- Anders Kaseorg <andersk@mit.edu> Tue, 10 Jun 2008 02:37:34 -0400
|