flightcrew (0.7.2+dfsg-10ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted EPUB file - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed opf items in GetRelativePathToNcx() - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed opf items in GetRelativePathsToXhtmlDocuments() - CVE-2019-13032 * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted EPUB file - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to always be safe - debian/patches/CVE-2019-13241-3.patch: harden further by throwing exception - CVE-2019-13241 * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios library by checking for EOF - CVE-2019-13453 -- Mike Salvatore Mon, 01 Jul 2019 15:30:35 -0400 flightcrew (0.7.2+dfsg-10) unstable; urgency=medium * d/control: + Move the packaging to salsa.d.o. + Move libflightcrew0v5 to Section:libs where it belongs. * Bump Standards-Version to 4.1.3: + Bump priority from extra (deprecated) to optional. + Use HTTPS in d/copyright's Format field. * d/copyright: bump copyright years for debian/*. * Bump debhelper compat level to 11. * d/rules: replace dh_install --fail-missing by dh_missing. -- Mattia Rizzolo Sat, 24 Feb 2018 18:09:34 +0100 flightcrew (0.7.2+dfsg-9) unstable; urgency=medium * d/copyright: claim copyright for the 2017. * Add patch to fix a security issue due to insecure use of /tmp. Thanks to Jakub Wilk for the report and to Thomas Pierson for the patch. Closes: #861987 -- Mattia Rizzolo Mon, 15 May 2017 13:04:05 +0200 flightcrew (0.7.2+dfsg-8) unstable; urgency=medium * Bump debhelper compat level to 10. + --parallel is now default. * Add missing Build-Depends on libgtest-dev. Thanks to Gianfranco Costamagna for the patch. Closes: #844856 -- Mattia Rizzolo Thu, 24 Nov 2016 12:36:34 +0100 flightcrew (0.7.2+dfsg-7) unstable; urgency=medium * debian/control: + Bump Standards-Version to 3.9.8, no changes needed. + Use HTTPS in Vcs-Git. + wrap-and-sort -ast + Drop non-existant misc:Recommends and shlibs:Recommends substvars. -- Mattia Rizzolo Thu, 26 May 2016 18:12:24 +0000 flightcrew (0.7.2+dfsg-6) unstable; urgency=medium * [7ccf0ab] debian/patches/reproducible-build: also sort the sources of xerces before compiling/linking them. -- Mattia Rizzolo Tue, 08 Dec 2015 09:35:22 +0000 flightcrew (0.7.2+dfsg-5) unstable; urgency=medium * [fb787bf] debian/patches/reproducible-build: also sort the sources of zipios before compiling/linking them. -- Mattia Rizzolo Mon, 07 Dec 2015 18:06:12 +0000 flightcrew (0.7.2+dfsg-4) unstable; urgency=medium * [2f174b8] debian/patches/reproducible-build: also sort the sources of flightcrew-gui before compiling/linking them. -- Mattia Rizzolo Sun, 06 Dec 2015 19:42:33 +0000 flightcrew (0.7.2+dfsg-3) unstable; urgency=medium * [fba6efa] debian/{control,copyright}: use my @debian.org email address. * [c33d445] debian/patch/reproducible-build: add to make the build reproducible independent from readdir() order. -- Mattia Rizzolo Sun, 06 Dec 2015 00:05:50 +0000 flightcrew (0.7.2+dfsg-2) unstable; urgency=medium * [56f6b9c] debian/rules: enable parallel building * [89b9213] libflightcrew0 → libflightcrew0v5 for the libstdc++6 transition -- Mattia Rizzolo Sat, 29 Aug 2015 17:15:30 +0000 flightcrew (0.7.2+dfsg-1) experimental; urgency=low [ Don Armstrong ] * Initial packaging (closes: #602781) -- Mattia Rizzolo Thu, 12 Feb 2015 18:11:30 +0100