giflib (5.1.4-0.3~16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-11490.patch: adding checks in DGifDecompressLine in order to avoid a heap buffer overflow and a denial of service in lib/dgif_lib.c. - CVE-2018-11490 * SECURITY UPDATE: Divide-by-zero - debian/patches/CVE-2019-15133.patch: adding checks bounds in lib/dgif_lib.c. - CVE-2019-15133 -- Leonidas S. Barbosa Mon, 19 Aug 2019 15:21:52 -0300 giflib (5.1.4-0.3~16.04) xenial-proposed; urgency=medium * SRU: LP: #1580376: Upload bug fix release for 16.04 LTS. -- Matthias Klose Tue, 14 Jun 2016 17:09:38 +0200 giflib (5.1.4-0.3) unstable; urgency=medium * Non-maintainer upload. * CVE-2016-3977: gif2rgb: heap buffer overflow. Closes: #820526. -- Matthias Klose Fri, 10 Jun 2016 00:24:07 +0200 giflib (5.1.4-0.2) unstable; urgency=medium * Non-maintainer upload. * Drop the local fix for issue #81, solved differently upstream. Closes: #823481. -- Matthias Klose Sun, 08 May 2016 17:40:28 +0200 giflib (5.1.4-0.1) unstable; urgency=medium * Non-maintainer upload. * New upstream version. * Security issues already fixed in 5.1.2: CVE-2016-3977. Closes: #820594, #820526. * Update symbols file. -- Matthias Klose Mon, 25 Apr 2016 20:19:43 +0200 giflib (5.1.2-0.3) unstable; urgency=medium * Non-maintainer upload. [ Tobias Frost ] * debian/patches/ef0cb9b4be572262b49fbc26fb2348683f44a517.patch: try to fix testsuite failures on feh/powerpc. (Closes: #812657) -- Gianfranco Costamagna Fri, 15 Apr 2016 19:09:44 +0200 giflib (5.1.2-0.2) unstable; urgency=medium * Non-maintainer upload. * Fix DGifOpen(), uninitialized memory. Closes: #812093. -- Matthias Klose Wed, 27 Jan 2016 01:00:16 +0100 giflib (5.1.2-0.1) unstable; urgency=high * Non-maintainer upload. * New upstream version. - CVE-2015-7555, Heap-based buffer overflow in giffix utility. Closes: #808704. -- Matthias Klose Sat, 16 Jan 2016 22:26:13 +0100 giflib (5.1.1-0.2) unstable; urgency=medium * Non-maintainer upload, upload to unstable. Closes: #803158. -- Matthias Klose Sat, 12 Dec 2015 16:13:06 +0100 giflib (5.1.1-0.1) experimental; urgency=medium * Non-maintainer upload. * New upstream version. See: #803158. * Enable parallel builds. * Build-depend on xmlto. * Don't ship broken libungif symlinks. Closes: #732272. LP: #1337898. -- Matthias Klose Wed, 28 Oct 2015 01:07:33 +0100 giflib (4.1.6-11) unstable; urgency=low * Remove Provides: libungif4g. * Enable Multiarch (Closes: #647497). * depend on dh-autoreconf. * Update to debhelper 9 and bump Standards to 3.9.4. * Honor the LAFileRemoval goal. * Update git links. -- Thibaut Gridel Sat, 07 Dec 2013 18:40:27 +0100 giflib (4.1.6-10) unstable; urgency=low * Fixing fprintf issues by YunQiang Su. * Hardening build flags (Closes: #673660). * Updating Standards (no change). -- Thibaut Gridel Fri, 19 Oct 2012 23:03:46 +0200 giflib (4.1.6-9.1) unstable; urgency=low * Non-maintainer upload. * Depend on libperl4-corelibs-perl (Closes: #659421) -- Dominic Hargreaves Sat, 28 Apr 2012 17:29:52 +0100 giflib (4.1.6-9) unstable; urgency=low * New Maintainer (Closes: #543841) * Adding watch file (Closes: #453530) * Converting to source package "3.0 (quilt)". * Correcting debhelper version dependency. * Adding Vcs fields. * Adding manpages. * Removing duplicate Section field. * Correctly hyphenate man pages. * Fixing spelling typos. * Adding symbols file. * Autoreconfiguring to fix rpath. * Cleaning what autoreconf did. * Registering html documentation. -- Thibaut GRIDEL Wed, 13 Jan 2010 21:22:00 +0100 giflib (4.1.6-8) unstable; urgency=low * Updating package to standards version 3.8.3. * Removing vcs fields. * Orphaning package. -- Daniel Baumann Thu, 27 Aug 2009 07:25:21 +0200 giflib (4.1.6-7) unstable; urgency=low * Replacing obsolete dh_clean -k with dh_prep. * Updating section of the debug package. * Using quilt rather than dpatch. * Using correct rfc-2822 date formats in changelog. * Updating package to standards version 3.8.2. * Removing old transitional packages. * Adding misc depends to debug and development package. * Updating year in copyright file. * Minimizing rules file. -- Daniel Baumann Mon, 27 Jul 2009 13:12:16 +0200 giflib (4.1.6-6) unstable; urgency=low * Updating vcs fields in control file. * Using patch-stamp rather than patch in rules file. * Removing config.guess and config.sub in clean target of rules. * Passing '--disable-x11' to configure call to ensure that giflib is not linked against X11 libs by accident (Closes: #503836). -- Daniel Baumann Tue, 28 Oct 2008 21:57:00 +0100 giflib (4.1.6-5) unstable; urgency=low * Correcting mistake of having libungif4-dev transitional package arch dependent. * Also adding libgif.so.4.1 symlink. * Using links debhelper to create symlinks. * Reordering rules file (Closes: #488586). * Rewriting copyright file in machine-interpretable format. * Adding vcs fields in control file. * Upgrading package to standards .8.0. * Upgrading package to debhelper 7. * Reverting config.guess and config.sub to upstream. -- Daniel Baumann Wed, 16 Jul 2008 12:06:00 +0200 giflib (4.1.6-4) unstable; urgency=high * Adding patch from libungif to fix CVE-2005-2974 and CVE-2005-3350. * Updating upstream homepage (Closes: #469561). -- Daniel Baumann Fri, 07 Mar 2008 14:40:00 +0100 giflib (4.1.6-3) unstable; urgency=high * Adding transitional packages to kick libungif out of the archive by force. * Removing watch file (Closes: #453592). -- Daniel Baumann Wed, 06 Feb 2008 23:22:00 +0100 giflib (4.1.6-2) unstable; urgency=low * Adding legacy links for libungif4g/libungif4-dev. -- Daniel Baumann Thu, 17 Jan 2008 20:02:00 +0100 giflib (4.1.6-1) unstable; urgency=low * New upstream release. * Bumped package to new policy. * Using new homepage field in control. * Don't hide make errors in clean target of rules. * Added --fail-missing to dh_install call. * Updated conficts/replaces/provides to initiate libungif4 to libgif4 transition. -- Daniel Baumann Thu, 17 Jan 2008 18:34:00 +0100 giflib (4.1.4-2) unstable; urgency=low * Minor cleanups. -- Daniel Baumann Fri, 19 Jan 2007 14:14:00 +0100 giflib (4.1.4-1) unstable; urgency=low * Took over package from Pawel. * New upstream release (Closes: #395388): - This is giflib 4.x, replacing giflib 3.x. No package in the archive has to be transitioned. After etch, giflib will replace libungif (all alleged patents are expired all over the world). - doesn't contain gif2x11 (Closes: #328665) - isn't affected by CVE-2005-2974 and CVE-2005-3350 (Closes: #395382). * Redone debian directory based on current debhelper templates, additionally: - added watch file. - added debug package. -- Daniel Baumann Thu, 02 Nov 2006 20:39:00 +0100 giflib (3.0-12) unstable; urgency=low * Applied patch from Dann Frazier to fix problems on 64-bit archs (closes: #325034) * Updated standards-version (no changes required) -- Pawel Wiecek Thu, 22 Sep 2005 21:15:00 +0200 giflib (3.0-11) unstable; urgency=low * Updated copyright file by removing warning saying it cannot by put on CDs, removed patent-related notes from long descriptions in control as well (should have done that in -10, but forgot). -- Pawel Wiecek Thu, 19 Aug 2004 00:43:34 +0200 giflib (3.0-10) unstable; urgency=low * Moved to main because of LZW's patent expiration (at long last!) (closes: #258465) * Fixed build-dependencies (closes: #262405) -- Pawel Wiecek Tue, 17 Aug 2004 22:09:18 +0200 giflib (3.0-9) unstable; urgency=low * Renamed getarg.h to gagetarg.h, to avoid name clashes (closes: #83331) * Updated standards version (no changes) -- Pawel Wiecek Mon, 19 Jan 2004 22:47:34 +0100 giflib (3.0-8) unstable; urgency=low * Applied patch from John Lightsey to fix transparency problems (closes: #20716) * Documented the fact, that giflib cannot be put on CD-ROMs (closes: #24580) * Applied patch from John Lightsey to fix gifinto's behavior when no arguments are supplied (closes: #49431) * giflib3g-dev now conflicts with heimdal-dev (closes: #83331, #180265) * Updated standards version * Updated sections (giflib3g-dev goes to non-free/libdevel, giflib3g-bin goes to non-free/utils) -- Pawel Wiecek Wed, 18 Jun 2003 13:54:09 +0200 giflib (3.0-7) unstable; urgency=low * New maintainer (closes: #139387) * Upgraded to current standards version (closes: #133331) -- Pawel Wiecek Tue, 09 Apr 2002 14:22:35 +0200 giflib (3.0-6) unstable; urgency=low * Move docs and man pages to /usr/share (Closes: #91165, #91479, #91480, #91482) -- Larry Daffner Tue, 27 Mar 2001 21:33:02 -0600 giflib (3.0-5.2) unstable; urgency=low * Redid debian/rules to use debhelper. * Added symlinks so giflib can be used with packages compiled with libungif. * Added shlibs control file so that packages compiled with giflib can also be used with libungif. -- Jim Pick Sun, 05 Jul 1998 22:46:51 -0700 giflib (3.0-5.1) unstable frozen; urgency=low * Corrected bogus hardwired dependency on libc6. -- Michael Alan Dorman Sun, 10 May 1998 11:31:47 -0500 giflib (3.0-5) unstable frozen; urgency=low * Fixed copyright location(s) * new maintainer address -- Larry Daffner Tue, 24 Mar 1998 11:31:47 -0600 giflib (3.0-4.1) unstable; urgency=low * libc6 release for hamm. -- Andreas Jellinghaus Sat, 18 Oct 1997 12:25:32 +0200 giflib (3.0-4) unstable; urgency=low * renamed binaries to giflib* to bring them in sync with source name. -- Andreas Jellinghaus Mon, 29 Sep 1997 18:11:22 +0200 giflib (3.0-3) unstable; urgency=low * fixed shared library. now link all bins with shared library. -- Andreas Jellinghaus Wed, 24 Sep 1997 19:14:48 +0200 giflib (3.0-2) unstable; urgency=low * added -D_REENTRANT and -lc to cflags/ldflags for glibc2. -- Andreas Jellinghaus Thu, 18 Sep 1997 14:26:06 +0200 giflib (3.0-1) unstable; urgency=low * Initial Release. -- Andreas Jellinghaus Thu, 18 Sep 1997 11:31:18 +0200