arj (3.10.22-10+deb7u1build0.12.04.1) precise-security; urgency=medium * fake sync from Debian -- Steve Beattie Wed, 13 May 2015 00:47:20 -0700 arj (3.10.22-10+deb7u1) wheezy-security; urgency=high * Non-maintainer upload by the Security Team with patches from Guillem Jover * Fix buffer overflow from size under user control. This is causing free() on an invalid pointer. Fixes: CVE-2015-2782 (Closes: #774015) * Fix absolute path directory traversal. Fixes: CVE-2015-0557 (Closes: #774435) * Fix symlink directory traversal. Fixes: CVE-2015-0556 (Closes: #774434) -- Salvatore Bonaccorso Fri, 03 Apr 2015 20:21:46 +0200 arj (3.10.22-10) unstable; urgency=low * Fix build failure on GNU/Hurd due to missing -ldl, by adding “gnu*” to the configure case handling libdl linking. -- Guillem Jover Mon, 28 Feb 2011 04:52:17 +0100 arj (3.10.22-9) unstable; urgency=low * Use a safe strcpy for overlapping strings, among others fixes a build problem with a mangled generated .c file by msgbind (thus FTBFS), and CRC errors at run-time. (Closes: #590354) * Now using Standards-Version 3.9.1 (no changes needed). -- Guillem Jover Mon, 26 Jul 2010 15:18:11 +0200 arj (3.10.22-8) unstable; urgency=low * Switch to source format “3.0 (quilt)”: - Remove quilt from Build-Depends. - Remove quilt.make include from debian/rules. - Remove patch and unpatch targets from debian/rules. - Remove now unneeded debian/README.source. -- Guillem Jover Wed, 02 Dec 2009 21:27:38 +0100 arj (3.10.22-7) unstable; urgency=low * Switch to debhelper compatibility level 7. * Use dh_prep instead of “dh_clean -k”. * Use $(filter ...) instead of $(findstring ...) to extract space separated options from DEB_BUILD_OPTIONS in debian/rules. * Now using Standards-Version 3.8.3 (no changes needed). * Detect and conditionally use system strnlen function. This fixes build failures when the system has eglibc 2.10. (Closes: #546475) * Add misc:Depends substvar to arj Depends. * Update config.guess and config.sub before running configure and remove them on clean to avoid shipping them on the diff. * Build-Depend on autotools-dev to guarantee up to date config.guess and config.sub files. -- Guillem Jover Sun, 13 Sep 2009 22:16:12 +0200 arj (3.10.22-6) unstable; urgency=low * Update packaging Vcs fields to the new URL. * Remove DPATCHLEVEL variable from patches. * Refresh patches with -pab. * Add a debian/README.source file. * Now using Standards-Version 3.8.0. * Refer to GPL-2 from common-licenses instead of just GPL. -- Guillem Jover Sun, 22 Jun 2008 05:23:35 +0300 arj (3.10.22-5) unstable; urgency=low * Remove packaging svn information from debian/copyright. * Cleanup debian/copyright: - Change 'Copyright' to 'Copyright Holders'. - Use UTF-8 copyright symbol. * Refer to original author Robert K. Jung in the manual page. - doc_refer_robert_k_jung.patch: New file. (Closes: #456275) -- Guillem Jover Thu, 29 May 2008 04:04:06 +0300 arj (3.10.22-4) unstable; urgency=low * Do not ignore make errors on 'debian/rules clean'. * Add Vcs-Browser and Vcs-Svn fields. * Add Homepage field. * Now using Standards-Version 3.7.3 (no changes needed). * Call configure with autotools-dev recommended --build and --host options. * Remove irrelevant commented out debhelper commands. * Remove Tag field, it's better maintained outside the package. * Do not directly use the QA SourceForge redirector, instead use an URL to sf.net. (Closes: #453532) * Fix upstream Makefile to support parallel builds. - 004_parallel_build.patch: New file. * Move patch dependency in debian/rules from gnu/configure target to gnu/configure.in. -- Guillem Jover Fri, 07 Dec 2007 06:12:20 +0200 arj (3.10.22-3) unstable; urgency=low * Switched to quilt: - Add new debian/patches/series file. - Add Build-Depends on 'quilt (>= 0.40)'. - Include quilt.make from debian/rules. - Make clean a single colon target and depend on unpatch in debian/rules. - Remove now unused debian/patch.mk. * Split autoconf and configure targets. * Do not remove configure-stamp, as it's not created anymore. * Rename the build target to build-arch, add a build-indep target and a build one which depends on both. * Switch to debhelper compatibility level 5. * Now using Standards-Version 3.7.2 (no changes needed). * Get rid of brace expansion bashisms in debian/rules. * Add a Tag: field to the binary package, using the data from debtags. -- Guillem Jover Fri, 20 Apr 2007 03:03:26 +0300 arj (3.10.22-2) unstable; urgency=low * Make the code 64 bit clean. (Closes: #339815) - 003_64_bit_clean.patch: New patch. * Remove unused INSTALL variables and move nostrip comment just before the commented dh_strip command from debian/rules. * Reindent debian/copyright. * Update FSF's address. -- Guillem Jover Thu, 24 Nov 2005 03:38:31 +0200 arj (3.10.22-1) unstable; urgency=low * New Upstream Release. - 001_arches_align.patch: Synced. - 002_kbsd_build.patch: Integrated upstream. Removed. - 003_gcc34_static_const.patch: Likewise. - 004_doc_typos.patch: Likewise. * Update watch file to version 3 (no changes needed). * Use new QA SourceForge watch redirector. * Do not build integr.o with optimizations, otherwise gcc-4.0 removes the static const variable. (Closes: #318366) - 002_no_remove_static_const.patch: New file. * Now using Standards-Version 3.6.2 (no changes needed). * Removed transitional dummy package unarj. * Clean up debian/rules. -- Guillem Jover Thu, 4 Aug 2005 23:00:51 +0300 arj (3.10.21-4) unstable; urgency=low * Fix typos in documentation. (Closes: #309875, #309876) - 004_doc_typos.patch: New. Thanks to A Costa . -- Guillem Jover Sat, 4 Jun 2005 06:16:35 +0300 arj (3.10.21-3) unstable; urgency=low * Fix Subversion repository URL. * Fix build failure on GNU/k*BSD. (Closes: #303945) - 002_kbsd_build.patch: New. Thanks to Aurelien Jarno . * Mark an unreferenced variable as const otherwise gcc 3.4 removes it. (Closes: #283913) * Do not use a stamp file for configure. -- Guillem Jover Sun, 15 May 2005 18:10:22 +0300 arj (3.10.21-2) unstable; urgency=low * Fixed the watch file. * Make references to Debian, system neutral. * Do not use a build file stamp. -- Guillem Jover Mon, 15 Nov 2004 11:41:51 +0100 arj (3.10.21-1) unstable; urgency=low * New Upstream Release. * Provide a patch target instead of pre-build. - debian/patch.mk: Likewise. - debian/rules: Fix accordingly. * Added the location of the Subversion repo used for the packages. - debian/copyright. -- Guillem Jover Sun, 27 Jun 2004 08:07:09 +0200 arj (3.10.20-1) unstable; urgency=low * New Upstream Release. - 002_statsfs.patch: Integrated upstream. Patch removed. - 003_fix_CFLAGS.patch: Likewise. - 004_fix_warnings.patch: Likewise. * Fixed patches: - 001_arches_align.patch: Properly test for alignment and endianess. * Build binary independent packages only in binary-indep target. (Closes: #244395) * debian/copyright: Updated copyright year. -- Guillem Jover Tue, 27 Apr 2004 11:42:45 +0200 arj (3.10.19-2) unstable; urgency=low * Added patches: - 001_arches_align.patch: Correct build failure on ia64 due to unaligned memory access. - 004_fix_warnings.patch: Fix compilation warnings. * Allow user to override CFLAGS: - debian/rules: Likewise. - 003_fix_CFLAGS.patch: New patch. Likewise. * debian/copyright: Added "License:". -- Guillem Jover Fri, 9 Apr 2004 23:12:05 +0200 arj (3.10.19-1) unstable; urgency=low * New Upstream Release. - 000_fPIC.patch: Integrated upstream. Removed file. - 001_arches_align.patch: Likewise. - 002_statsfs.patch: Sync. * Provide a migration path from the old non-free unarj package. (Closes: #182273) -- Guillem Jover Sat, 13 Mar 2004 04:58:36 +0100 arj (3.10.18-3) unstable; urgency=low * The 'Happy New *RC*less Year' Release. * Moved autotools updating logic to the clean target, but only update the files. (Closes: #225688) -- Guillem Jover Thu, 1 Jan 2004 00:00:00 +0100 arj (3.10.18-2) unstable; urgency=low * Switched Maintainer and Co-Maintainer roles. * Lowercase package description initial letter. * Split diff patch: - 000_fPIC.patch - 001_arches_align.patch * Added patch: - 002_statsfs.patch: Include sys/statfs.h as it's not included in new linux kernel header linux/fs.h. (Closes: #223135) Thanks to Peter Hawkins . Also switch from FIGETBSZ ioctl to statvfs, thus removing any linux kernel header includes, that are breaking almost all builds lately. * Use debian/patch.mk. * Upgrade debhelper version to match DH_COMPAT. * Move autotools update to an independent target. * Move DH_COMPAT to debian/compat. -- Guillem Jover Wed, 10 Dec 2003 05:14:30 +0100 arj (3.10.18-1) unstable; urgency=low * New Upstream Release. - Fixed unaligned memory accesses. * Activate alignment support for ia64, hppa and arm. (Closes: #203832, #192563) * Build shared object with PIC flags. Thanks Randolph Chung . * debian/rules: Removed not used DDATE variable. -- Guillem Jover Thu, 23 Oct 2003 19:00:04 +0200 arj (3.10.17-1) unstable; urgency=low * New Upstream Release. * debian/copyright: Reformatted. * debian/rules: Changed misleading comment about stripping. * Now using Standards-Version 3.6.1. -- Guillem Jover Thu, 18 Sep 2003 08:51:46 +0200 arj (3.10.15-1) unstable; urgency=low * New Upstream Release. * Remove debian provided manpages as now they are integrated in upstream. * Specify configure argument for mandir. * Now using Standards-Version 3.6.0. -- Guillem Jover Wed, 30 Jul 2003 05:30:28 +0200 arj (3.10g-1) unstable; urgency=low * New Co-Maintainer. * New Upstream Version. * Added a watch file. * Added /etc/rearj.cfg (Closes: #180874). * Added arj crypto module. * Do not strip the binaries, as it removes all self-extracting modules and the help text appended to arj binary. * Converted man pages from pod to nroff, also adapted to Unix systems, and removed the build-dep on perl. * Removed temporal debian directory. * Do not include autoconf generated files, they are created at build time. * Fixed build system, now honours DESTDIR. * Use Makefile to install, thus allowig to build under non-linux systems. * Fixed join command returning an undefined exit code (Closes: #187854). * Now using Standards-Version 3.5.9. -- Guillem Jover Wed, 9 Apr 2003 21:55:10 +0200 arj (3.10b-3) unstable; urgency=low * Fixed build problem, closes: #179820. -- Ola Lundqvist Sun, 6 Apr 2003 14:01:09 +0200 arj (3.10b-2) unstable; urgency=low * Added more build dependencies, closes: #179691. -- Ola Lundqvist Tue, 4 Feb 2003 07:51:08 +0100 arj (3.10b-1) unstable; urgency=low * Initial release, closes: #178488. -- Ola Lundqvist Mon, 27 Jan 2003 19:47:51 +0100