File: changelog

package info (click to toggle)
libsdl2-image 2.0.4%2Bdfsg1-1%2Bdeb10u1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 2,132 kB
  • sloc: ansic: 13,623; sh: 10,638; makefile: 91
file content (146 lines) | stat: -rw-r--r-- 4,988 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
libsdl2-image (2.0.4+dfsg1-1+deb10u1) buster; urgency=medium

  * Non-maintainer upload.
  * Multiple security issues (Closes: #932754):
    - CVE-2019-5058: buffer overflow in do_layer_surface (IMG_xcf.c).
    - CVE-2019-5052: integer overflow and subsequent buffer overflow in
      IMG_pcx.c.
    - CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c).
    - CVE-2019-12216, CVE-2019-12217,
      CVE-2019-12218, CVE-2019-12219,
      CVE-2019-12220, CVE-2019-12221,
      CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c).

 -- Hugo Lefeuvre <hle@debian.org>  Fri, 26 Jul 2019 17:01:14 -0300

libsdl2-image (2.0.4+dfsg1-1) unstable; urgency=medium

  * New upstream version.
  * Drop CVE-2018-3977.patch, applied upstream.
  * Verify signature of upstream tarball.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 03 Feb 2019 11:59:26 +0100

libsdl2-image (2.0.3+dfsg1-3) unstable; urgency=high

  * Non-maintainer upload with permission of maintainers.
  * CVE-2018-3977: Prevent a potential buffer overflow on a corrupt or
    maliciously-crafted XCF file. (Closes: #912617)

 -- Chris Lamb <lamby@debian.org>  Sun, 04 Nov 2018 23:34:39 +0000

libsdl2-image (2.0.3+dfsg1-2) unstable; urgency=medium

  [ Manuel A. Fernandez Montecelo ]
  * Bump Policy Standards-Version to 4.2.1 (no changes needed)
  * d/watch:
    - Set to version=4
    - Update +dsfg mangling to correctly detect upstream version
  * Switch to debhelper compat level v11
  * d/copyright: use https in format URL
  * d/control: Set "Rules-Requires-Root: no"

 -- Chris Lamb <lamby@debian.org>  Sun, 04 Nov 2018 23:34:37 +0000

libsdl2-image (2.0.3+dfsg1-1) unstable; urgency=medium

  * New upstream release, fixing various security issues:
    - CVE-2017-12122
    - CVE-2017-14440
    - CVE-2017-14441
    - CVE-2017-14442
    - CVE-2017-14448
    - CVE-2017-14449
    - CVE-2017-14450
  * Requires libsdl2 >= 2.0.8

 -- Felix Geyer <fgeyer@debian.org>  Sun, 04 Mar 2018 15:50:05 +0100

libsdl2-image (2.0.2+dfsg1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 2.0.2+dfsg1.
  * Bump SHLIBVER, as INTERFACE_AGE has been reset in configure.in.
  * Remove patches backported from upstream.
  * Fix shlib symlink.
  * Move the dbgsym-migration parameter to the dh_strip call.

 -- Fabian Greffrath <fabian@debian.org>  Fri, 10 Nov 2017 13:46:09 +0100

libsdl2-image (2.0.1+dfsg-4) unstable; urgency=medium

  [ Manuel A. Fernandez Montecelo ]
  * d/copyright: Fix missing "General" in LGPL license

  [ Felix Geyer ]
  * Fix CVE-2017-2887: buffer overflow in the XCF property handling.
    (Closes: #878266)

 -- Felix Geyer <fgeyer@debian.org>  Wed, 18 Oct 2017 22:09:02 +0200

libsdl2-image (2.0.1+dfsg-3) unstable; urgency=medium

  * Bump Policy Standards-Version to 4.0.0 (no changes needed)
  * Update Vcs-* URLs
  * Switch to debhelper compat level v10
    - dh flags --parallel are not needed
    - autoreconf is invoked by default
  * Use automatic dbgsym packages, drop -dbg

 -- Manuel A. Fernandez Montecelo <mafm@debian.org>  Mon, 31 Jul 2017 23:43:58 +0200

libsdl2-image (2.0.1+dfsg-2) unstable; urgency=low

  * Team upload.
  * d/rules: Update shlib and .so symlink to the current version

 -- Gianfranco Costamagna <locutusofborg@debian.org>  Wed, 27 Jan 2016 09:34:58 +0100

libsdl2-image (2.0.1+dfsg-1) unstable; urgency=low

  * Team upload.
  [ Manuel A. Fernandez Montecelo ]
  * Build-Depends on pkg-config
  * Bump Policy Standards-Version to 3.9.6 (no changes needed)

  [ Gianfranco Costamagna ]
  * New upstream release (Closes: #812620).
  * Use Files-Excluded copyright keyword to exclude autogenerated
    files from tarball.
  * Remove patch about big endian build fix, it should be fixed upstream.

 -- Gianfranco Costamagna <locutusofborg@debian.org>  Mon, 25 Jan 2016 10:12:59 +0100

libsdl2-image (2.0.0+dfsg-3) unstable; urgency=low

  * Really regenerate autoconf files. The upstream autogen.sh doesn't
    work properly. Thanks to Pino Toscano for the patch.
    - Fixes FTBFS on hurd.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 08 Sep 2013 11:16:14 +0200

libsdl2-image (2.0.0+dfsg-2) unstable; urgency=low

  * Tighten libsdl2-dev dependency to 2.0.0 and bump the shlibver to 2.0.0,
    thanks to Gianfranco Costamagna for the patch.
  * Fix FTBFS on big endian architectures.
    - Add fix_ftbfs_big_endian.patch

 -- Felix Geyer <fgeyer@debian.org>  Sun, 25 Aug 2013 11:26:16 +0200

libsdl2-image (2.0.0+dfsg-1) unstable; urgency=low

  * New upstream release.
  * Add a watch file.
  * Remove external/ from upstream tarball.
  * Document miniz.h license in debian/copyright.

 -- Felix Geyer <fgeyer@debian.org>  Wed, 21 Aug 2013 09:44:44 +0200

libsdl2-image (2.0.0~rc1+dfsg-1) unstable; urgency=low

  * Initial release. (Closes: #710698)
  * Filter upstream tarball to remove precompiled binaries that don't
    ship with the corresponding source code.

 -- Felix Geyer <fgeyer@debian.org>  Fri, 12 Jul 2013 17:38:44 +0200