zziplib (0.13.62-3ubuntu0.16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: invalid mem access in zzip_disk_fread - debian/patches/CVE-2018-6381.patch: check sizes in zzip/memdisk.c. - CVE-2018-6381 * SECURITY UPDATE: alignment and bus errors in __zzip_fetch_disk_trailer - debian/patches/CVE-2018-6484.patch: check sizes in zzip/zip.c. - CVE-2018-6484 - CVE-2018-6541 - CVE-2018-6869 * SECURITY UPDATE: bus error in zzip_disk_findfirst - debian/patches/CVE-2018-6540.patch: check endbuf in zzip/mmapped.c. - CVE-2018-6540 * SECURITY UPDATE: invalid memory dereference - debian/patches/CVE-2018-7725.patch: check zlib space in zzip/memdisk.c, zzip/mmapped.c. - CVE-2018-7725 * SECURITY UPDATE: bus error in __zzip_parse_root_directory - debian/patches/CVE-2018-7726-1.patch: check rootseek and rootsize in zzip/zip.c. - debian/patches/CVE-2018-7726-2.patch: check rootseek in zzip/zip.c. - debian/patches/CVE-2018-7726-3.patch: check zz_rootsize in zzip/zip.c. - CVE-2018-7726 -- Marc Deslauriers Fri, 29 Jun 2018 12:27:57 -0400 zziplib (0.13.62-3ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: multiple security issues - debian/patches/*: synchronize security fixes with Debian's 0.13.62-3.1 release. Thanks to Josef Moellers of SuSE and Moritz Muehlenhoff of Debian! - CVE-2017-5974, CVE-2017-5975, CVE-2017-5976, CVE-2017-5978, CVE-2017-5979, CVE-2017-5980, CVE-2017-5981 -- Marc Deslauriers Tue, 13 Jun 2017 09:40:14 -0400 zziplib (0.13.62-3) unstable; urgency=medium * debian/rules: Lintian error cleaning pkg-config-bad-directive -- Scott Howard Sun, 24 Aug 2014 22:20:40 -0400 zziplib (0.13.62-2) unstable; urgency=low * Merge in Ubuntu changes to use dh-autoreconf to ensure package remains buildable across future ports. Thanks to Steve Langasek. (Closes: #736810) -- Scott Howard Sun, 26 Jan 2014 18:54:39 -0500 zziplib (0.13.62-1) unstable; urgency=low * New upstream release (Closes: #709437) * Updated symbols file. * export-dynamic.patch dropped, accepted upstream -- Scott Howard Mon, 20 Jan 2014 17:12:51 -0500 zziplib (0.13.56-2) unstable; urgency=low * Adopting package (Closes: #733144) * use source/format 3.0 (quilt), and separate debian changes into patch "export-dynamic.patch" * simple dh rules - multiarch enabled - use --with autotools-dev (Closes: #717837) * build depend on zip so build checks run * added symbols file * No longer conflict with zziplib-0-12 (no reason to conflict) (Closes: #565982) * Removed unneeded -lz from .pc file (Closes: #471065) - debian/patches/remove_extra_z_linking.patch -- Scott Howard Tue, 07 Jan 2014 13:57:57 -0500 zziplib (0.13.56-1.1) unstable; urgency=low * Non-maintainer upload. * Fix "FTBFS: x86_64-linux-gnu-gcc: error: unrecognized option '--export-dynamic'": apply patch from Ubuntu / Matthias Klose: - Pass correct linker option. LP: #832895. Closes: #625064. * Fix "Emptying dependency_libs in .la files": use recipe provided by Neil Williams in the bug report. Closes: #633335 -- gregor herrmann Thu, 06 Oct 2011 20:07:37 +0200 zziplib (0.13.56-1) unstable; urgency=low * New Upstream Version - update debian/man3.patch - remove msvc8/zip.exe and msvc7/pkzip.exe * Upgrade the standard version to 3.8.2 * Add the vcs information to debian/control -- LIU Qi Sun, 12 Jul 2009 14:37:46 +0800 zziplib (0.13.54-1) unstable; urgency=low * New Maintainer. Closes: #529561 * New Upstream Version. Closes: #530850 * Fixed the lintian warnings of manpages. * 01-fetch.patch: dropped as it was merged upstream -- LIU Qi Sun, 31 May 2009 00:08:56 +0800 zziplib (0.13.50-1) unstable; urgency=low * New upstream version - Update 01-fetch.patch * debhelper compat version is 7 * Standards version is 3.8.1 * Run dh_prep instead of dh_clean -k * Add debian/watch -- Anibal Monsalve Salazar Mon, 23 Mar 2009 21:13:57 +1100 zziplib (0.13.49-4) unstable; urgency=low * NMU acknowledgement. Closes: #443880 * Fixed the following lintian issues: - zziplib source: out-of-date-standards-version 3.7.2 (current is 3.7.3) - zziplib: description-contains-homepage -- Anibal Monsalve Salazar Sun, 06 Apr 2008 08:13:02 +1000 zziplib (0.13.49-3.1) unstable; urgency=low * NMU from the Cambridge BSP * Fixed SIGBUS due to alignment problems, closes: #443880. Patch: 01-fetch.patch -- Steve McIntyre <93sam@debian.org> Sat, 05 Apr 2008 17:54:27 +0100 zziplib (0.13.49-3) unstable; urgency=low * Fixed SIGSEGV on hppa, ia64, sparc, closes: #443880. Patch by brian m. carlson Patch: 01-zip.c.patch * Fixed FTBFS if build twice in a row, closes: #442779. * Build-depends on quilt -- Anibal Monsalve Salazar Wed, 07 Nov 2007 17:43:35 +1100 zziplib (0.13.49-2) unstable; urgency=low * debian/rules: added configure option --datadir, closes: #439395. -- Anibal Monsalve Salazar Sat, 25 Aug 2007 10:29:31 +1000 zziplib (0.13.49-1) unstable; urgency=low * libzzip-0-13 Replaces & Conflicts: libzzip-0-12 -- Anibal Monsalve Salazar Fri, 24 Aug 2007 08:41:46 +1000 zziplib (0.13.49-0) unstable; urgency=low * New upstream version. Closes: #399617. - zzip-config was removed by upstream maintainer. - htmpages.ar was not shipped by upstream maintainer. - new build dependency: python. * Fixed: CVE-2007-1614 DoS and execution of arbitrary code. Closes: #436701. * Fixed the following lintian messages: - W: zziplib source: substvar-source-version-is-deprecated libzzip-dev - W: zziplib source: debian-rules-ignores-make-clean-error line 62 -- Anibal Monsalve Salazar Thu, 09 Aug 2007 18:47:38 +1000 zziplib (0.12.83-8) unstable; urgency=low * New maintainer. * Fixed "libzzip-dev: Override says libdevel - optional, .deb says devel - optional". -- Anibal Monsalve Salazar Tue, 03 Oct 2006 11:08:37 +1000 zziplib (0.12.83-7) unstable; urgency=low * Orphaning this package, setting maintainer field to packages@qa.debian.org. -- Aurelien Jarno Mon, 2 Oct 2006 11:03:22 +0200 zziplib (0.12.83-6) unstable; urgency=low * bins/zziptest.c: fixed a cast to pointer from integer of different size. * Bumped Standards-Version to 3.7.2 (nochanges). -- Aurelien Jarno Wed, 7 Jun 2006 14:31:12 +0200 zziplib (0.12.83-5) unstable; urgency=low * zzip/zzip.h: include sys/types.h instead of stddef.h, so that zziplib could be built on GNU/Hurd and GNU/kFreeBSD. -- Aurelien Jarno Sun, 3 Jul 2005 11:42:08 +0200 zziplib (0.12.83-4) unstable; urgency=low * Libtool update for kfreebsd-gnu in zziplib/ directory (closes: bug#294730). -- Aurelien Jarno Fri, 18 Feb 2005 12:45:00 +0100 zziplib (0.12.83-3) unstable; urgency=low * Added GCC 4.0 fixes from Andreas Jochens (closes: bug#295055). -- Aurelien Jarno Sun, 13 Feb 2005 16:10:27 +0100 zziplib (0.12.83-2) unstable; urgency=low * Libtool update for kfreebsd-gnu (closes: bug#294730). -- Aurelien Jarno Fri, 11 Feb 2005 17:32:04 +0100 zziplib (0.12.83-1) unstable; urgency=low * New upstream version. -- Aurelien Jarno Sun, 26 Sep 2004 21:48:52 +0200 zziplib (0.12.82-1) unstable; urgency=low * New upstream version. * Added manpages for zziplib-bin and included tools. Thanks to Ricardo Mones (closes: bug#256186). -- Aurelien Jarno Sat, 26 Jun 2004 16:33:10 +0200 zziplib (0.10.82-1) unstable; urgency=low * Initial Release (closes: bug#173511, bug#222397). -- Aurelien Jarno Mon, 29 Mar 2004 12:41:28 +0200