File: changelog

package info (click to toggle)
libxfont1 1%3A1.5.2-4
links: PTS, VCS
area: main
in suites: stretch
size: 3,140 kB
ctags: 1,863
sloc: ansic: 20,803; sh: 4,112; xml: 550; makefile: 220
file content (406 lines) | stat: -rw-r--r-- 14,115 bytes
libxfont1 (1:1.5.2-4) unstable; urgency=medium

  [ Andreas Boll ]
  * Fix a typo in override_dh_strip.
  * Remove dh-autoreconf build-dep. Not needed with debhelper 10.
  * Remove obsolete Conflicts from pre-wheezy.
  * Update a bunch of URLs in packaging to https.
  * Remove superfluous --libdir from dh_auto_configure. Not needed with
    debhelper compat level >= 9.

 -- Timo Aaltonen <tjaalton@debian.org>  Thu, 24 Nov 2016 21:26:43 +0200

libxfont1 (1:1.5.2-3) unstable; urgency=medium

  * Drop libxfont1-udeb.
  * Switch to -dbgsym.
  * Bump debhelper compat to 10. Drop --with quilt and --parallel flags,
    they are enabled by default now.

 -- Timo Aaltonen <tjaalton@debian.org>  Thu, 24 Nov 2016 00:16:53 +0200

libxfont1 (1:1.5.2-2) unstable; urgency=medium

  * Rename source to libxfont1.
  * Rename dev package to libxfont1-dev.
  * control: Move to oldlibs.
  * control: Add myself to uploaders.

 -- Timo Aaltonen <tjaalton@debian.org>  Thu, 17 Nov 2016 13:19:18 +0200

libxfont (1:1.5.2-1) unstable; urgency=medium

  * Team upload.
  * New upstream release.
  * Use https URL in watch file.
  * Add Adam Jackson's key to debian/upstream/signing-key.asc.
  * Bump Standards-Version to 3.9.8.
  * Use https URLs in Vcs-* control fields.
  * Remove Drew from Uploaders.

 -- Julien Cristau <jcristau@debian.org>  Sat, 24 Sep 2016 12:46:32 +0200

libxfont (1:1.5.1-1) unstable; urgency=high

  * New upstream release
    + bdfReadProperties: property count needs range check [CVE-2015-1802]
    + bdfReadCharacters: bailout if a char's bitmap cannot be read
      [CVE-2015-1803]
    + bdfReadCharacters: ensure metrics fit into xCharInfo struct
      [CVE-2015-1804]

 -- Julien Cristau <jcristau@debian.org>  Tue, 17 Mar 2015 16:55:21 +0100

libxfont (1:1.4.99.901-1) unstable; urgency=medium

  * New upstream release candidate.
    + includes the CVE-2014-{0209,0210,0211} patches
  * Remove Cyril from Uploaders.
  * Allow uscan to verify tarball signature.

 -- Julien Cristau <jcristau@debian.org>  Sat, 12 Jul 2014 17:44:11 +0200

libxfont (1:1.4.7-2) unstable; urgency=high

  * Pull from upstream git to fix FTBFS with new fontsproto (closes: #746052)
  * CVE-2014-0209: integer overflow of allocations in font metadata
  * CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
  * CVE-2014-0211: integer overflows calculating memory needs for xfs replies
  * Add breaks on xfs because we broke it by disabling font protocol support
    in 1.4.7.

 -- Julien Cristau <jcristau@debian.org>  Tue, 13 May 2014 17:25:49 +0200

libxfont (1:1.4.7-1) unstable; urgency=high

  * New upstream release
    + CVE-2013-6462: unlimited sscanf overflows stack buffer in
      bdfReadCharacters()
  * Don't put dbg symbols from the udeb in the dbg package.
  * dev package is no longer Multi-Arch: same (closes: #720026).
  * Disable support for connecting to a font server.  That code is horrible and
    full of holes.

 -- Julien Cristau <jcristau@debian.org>  Tue, 07 Jan 2014 17:51:29 +0100

libxfont (1:1.4.6-1) unstable; urgency=low

  * New upstream release.
  * Build for multiarch (closes: #654252).  Patch by Riku Voipio, thanks!
  * Disable silent build rules.

 -- Julien Cristau <jcristau@debian.org>  Mon, 12 Aug 2013 18:28:57 +0200

libxfont (1:1.4.5-2) unstable; urgency=low

  * Ease sync for Ubuntu: strip -Bsymbolic-functions from LDFLAGS
    (LP: #992745).

 -- Cyril Brulebois <kibi@debian.org>  Thu, 03 May 2012 19:59:46 +0200

libxfont (1:1.4.5-1) unstable; urgency=low

  [ Cyril Brulebois ]
  * New upstream release.
  * Switch to dh:
    - Bump debhelper build-dep and compat.
    - Rewrite debian/rules, using autoreconf and quilt sequences.
    - Adjust build dependencies accordingly.
    - Use build-main and build-udeb as build directories.
    - Adjust .install accordingly.
  * Remove xsfbs accordingly.
  * Add support for hardened build flags through dpkg-buildflags, based
    on a patch by Moritz Muehlenhoff, thanks! (Closes: #654154).

  [ Julien Cristau ]
  * Remove David Nusinow from Uploaders.

 -- Cyril Brulebois <kibi@debian.org>  Sun, 04 Mar 2012 09:24:59 +0000

libxfont (1:1.4.4-1) unstable; urgency=high

  [ Julien Cristau ]
  * Drop Pre-Depends on x11-common (only needed for upgrades from the
    monolith) and Replaces on xlibs-static-dev (hasn't existed in forever).

  [ Cyril Brulebois ]
  * New upstream release:
    - LZW decompress: fix for CVE-2011-2895. From the commit message:
      “Specially crafted LZW stream can crash an application using libXfont
       that is used to open untrusted font files.  With X server, this may
       allow privilege escalation when exploited.”
  * Set urgency to “high” accordingly.
  * Update debian/copyright from upstream COPYING.
  * Bump xorg-sgml-doctools build-dep.
  * Drop xorg.css from .install, no longer shipped upstream.

 -- Cyril Brulebois <kibi@debian.org>  Thu, 11 Aug 2011 11:17:16 +0200

libxfont (1:1.4.3-2) unstable; urgency=low

  * Upload to unstable.

 -- Cyril Brulebois <kibi@debian.org>  Sat, 05 Feb 2011 11:48:49 +0100

libxfont (1:1.4.3-1) experimental; urgency=low

  * New upstream release.
  * Bump xutils-dev build-dep for new macros.
  * Add xmlto, xorg-sgml-doctools, and w3m build-dep for the doc.
  * Pass --with-xmlto and --without-fop for the regular build (we want
    html and txt only). Disable both for the udeb build.
  * Tweak doc filenames, and handle that through dh_install.
  * Add --fail-missing -XlibXfont.la for the second dh_install call (the
    udeb one), for additional safety.

 -- Cyril Brulebois <kibi@debian.org>  Fri, 19 Nov 2010 01:17:48 +0100

libxfont (1:1.4.2-1) experimental; urgency=low

  * New upstream release.
  * Bump xutils-dev build-dep for new xorg-macros.
  * Bump shlibs for register_fpe_functions().
  * Update debian/copyright.
  * Bump Standards-Version to 3.9.0, no changes.

 -- Julien Cristau <jcristau@debian.org>  Wed, 07 Jul 2010 18:25:15 +0100

libxfont (1:1.4.1-2) unstable; urgency=low

  [ Julien Cristau ]
  * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
    good reason.  Thanks, Colin Watson!
  * Remove myself from Uploaders

  [ Cyril Brulebois ]
  * Use dh_makeshlibs’s -V argument instead of debian/libxfont1.shlibs
  * Add udeb needed for the graphical installer: libxfont1-udeb.
  * Version the B-D on libfontenc-dev to ensure libxfont1-udeb gets a
    dependency on libfontenc1-udeb.
  * Use a bzip2-less flavour for the udeb.
  * Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
  * Fix obsolete-relation-form-in-source by using “<<” instead of “<” for
    xprint in Conflicts, thanks to lintian.
  * Add myself to Uploaders.

 -- Cyril Brulebois <kibi@debian.org>  Wed, 10 Mar 2010 20:05:31 +0100

libxfont (1:1.4.1-1) unstable; urgency=low

  * New upstream release.
  * Bump xutils-dev build-dep for new util-macros.
  * Build documentation, install it in libxfont-dev.
  * Enable support for bzip2 compressed bitmap fonts.
  * Don't use LDFLAGS from the environment.  Ubuntu sets that to
    -Bsymbolic-functions, which breaks libXfont's weak symbols usage.

 -- Julien Cristau <jcristau@debian.org>  Wed, 02 Dec 2009 11:12:13 +0100

libxfont (1:1.4.0-3) unstable; urgency=low

  * libxfont1 Conflicts: xprint (< 2:1.6.0-1). 
    The requiem release of xprint (1.6) will not conflict with
    libxfont1. I am assured the garlic wreaths should prove most
    efficacious at protecting the general public from the undead. 
  * Standards version 3.8.3.

 -- Drew Parsons <dparsons@debian.org>  Sat, 31 Oct 2009 11:29:34 +1100

libxfont (1:1.4.0-2) unstable; urgency=high

  * libxfont1 Conflicts with xprint, printer font support was removed upstream
    in 1.4.0 (closes: #535952).
  * Add README.source from xsfbs.  Bump Standards-Version to 3.8.2.

 -- Julien Cristau <jcristau@debian.org>  Sun, 02 Aug 2009 13:36:46 +0200

libxfont (1:1.4.0-1) unstable; urgency=low

  * New upstream release.
  * Move libxfont1-dbg to new section 'debug'.

 -- Julien Cristau <jcristau@debian.org>  Mon, 13 Apr 2009 12:11:23 +0100

libxfont (1:1.3.4-2) unstable; urgency=low

  * Update debian/copyright from upstream COPYING.
  * Upload to unstable.

 -- Julien Cristau <jcristau@debian.org>  Mon, 16 Feb 2009 19:31:59 +0100

libxfont (1:1.3.4-1) experimental; urgency=low

  * Wrap build-deps in debian/control.
  * Run autoreconf on build; build-dep on xutils-dev, autoconf, automake and
    libtool.
  * Handle parallel builds.
  * New upstream release.
  * Drop obsolete x11proto-fontcache-dev build-dependency.

 -- Julien Cristau <jcristau@debian.org>  Tue, 23 Dec 2008 15:06:37 +0100

libxfont (1:1.3.3-1) unstable; urgency=high

  [ Julien Cristau ]
  * Drop dependency on x11-common from libxfont1{,-dbg}.
  * New upstream bugfix release.
  * Disable the type1 rasterizer and support for speedo font files.  The
    former is a security hazard, and Speedo fonts are disabled in the X server
    since before etch anyway.
  * Urgency high so the above gets in lenny.

  [ Brice Goglin ]
  * Add upstream URL to debian/copyright.
  * Add a link to www.X.org and a reference to the upstream module
    in the long description.

 -- Julien Cristau <jcristau@debian.org>  Thu, 17 Jul 2008 22:50:03 +0200

libxfont (1:1.3.2-1) unstable; urgency=low

  * New upstream release
  * Drop CVE-2008-0006.diff, included upstream.

 -- Julien Cristau <jcristau@debian.org>  Fri, 07 Mar 2008 13:32:43 +0100

libxfont (1:1.3.1-2) unstable; urgency=high

  * High urgency upload for security fix.
  * Fix a buffer overflow in the PCF font parser (CVE-2008-0006).
  * debian/control updates
    + add myself to Uploaders, and remove Branden and Fabio with their
      permission
    + s/^XS-Vcs/Vcs/
    + bump Standards-Version to 3.7.3 (no changes)
    + libxfont1 is Section: libs
    + libxfont-dev and libxfont1-dbg are Section: libdevel

 -- Julien Cristau <jcristau@debian.org>  Thu, 17 Jan 2008 00:09:38 +0100

libxfont (1:1.3.1-1) unstable; urgency=low

  * New upstream release.
  * Add libxfont1.shlibs, bump shlibs to >= 1:1.2.9.

 -- Julien Cristau <jcristau@debian.org>  Wed, 05 Sep 2007 22:45:57 +0200

libxfont (1:1.2.9-1) unstable; urgency=low

  * New upstream version.
    - Add a new 'catalogue' FPE (font path element), which takes font
      paths from symlinks in a dir.
  * Use libxfont1 (= ${binary:Version}) instead of ${Source-Version}
    in debian/control.

 -- Drew Parsons <dparsons@debian.org>  Sat, 23 Jun 2007 09:40:45 +1000

libxfont (1:1.2.8-1) unstable; urgency=low

  * Add XS-Vcs-Browser to debian/control.
  * New upstream release.
    + drop patch from 1:1.2.2-2, applied upstream.
  * Upload to unstable.

 -- Julien Cristau <jcristau@debian.org>  Wed, 11 Apr 2007 15:52:11 +0200

libxfont (1:1.2.7-1) experimental; urgency=low

  * New upstream release.
  * Add XS-Vcs-Git header to debian/control, and drop obsolete CVS information.
  * Install the upstream ChangeLog.

 -- Julien Cristau <jcristau@debian.org>  Fri, 16 Feb 2007 14:32:57 +0100

libxfont (1:1.2.2-2) unstable; urgency=high

  * Grab patch from upstream git to fix security issues:
    + CVE-2007-1351: BDFFont Parsing Integer Overflow
    + CVE-2007-1352: fonts.dir File Parsing Integer Overflow

 -- Julien Cristau <jcristau@debian.org>  Tue, 03 Apr 2007 19:31:24 +0200

libxfont (1:1.2.2-1) unstable; urgency=high

  * New upstream version.
    - closes security bug in CID encoded fonts (iDefense CVE-ID
      2006-3739, 2006-3740)
    - applies patches 10_freetype_buffer_overflow.patch, 10_pcf_font.patch
  * dbg package has priority extra.

 -- Drew Parsons <dparsons@debian.org>  Wed, 13 Sep 2006 17:50:06 +1000

libxfont (1:1.2.0-2) unstable; urgency=high

  * Apply upstream patch 10_pcf_font.patch (security vulnerability
    CVE-2006-3467).  Closes: #383353.
  * Upload to unstable to ensure patch is propagated quickly.
  * Apply patch 10_freetype_buffer_overflow.patch while we're at it
    (no known exploits).

 -- Drew Parsons <dparsons@debian.org>  Thu, 17 Aug 2006 07:45:40 +1000

libxfont (1:1.2.0-1) experimental; urgency=low

  * New upstream version. Closes: #364854.
    - builds and works with Freetype 2.2. Closes: #362920, #370149.
  * Standards version 3.7.2.
  * libxfont-dev doesn't need both Depends: and Pre-Depends: x11-common.
  * Use debhelper 5, tidy up debian/rules to match.
  * libxfont does not provide libfontcache.so!

 -- Drew Parsons <dparsons@debian.org>  Thu, 27 Jul 2006 15:08:14 +1000

libxfont (1:1.1.0-1) UNRELEASED; urgency=low

  [ David Nusinow ]
  * New upstream release
  * Remove obsolete patch 01_fontserver_fix_SEGV.diff

  [ Andres Salomon ]
  * Test for obj-$(DEB_BUILD_GNU_TYPE) before creating it during build;
    idempotency fix.
  * Run dh_install w/ --list-missing.

 -- Andres Salomon <dilinger@debian.org>  Mon, 17 Jul 2006 01:20:57 -0400

libxfont (1:1.0.0-4) unstable; urgency=low

  * Reorder makeshlib command in rules file so that ldconfig is run
    properly. Thanks Drew Parsons and Steve Langasek.
  * Add quilt to build-depends

 -- David Nusinow <dnusinow@debian.org>  Wed, 19 Apr 2006 00:10:33 -0400

libxfont (1:1.0.0-3) unstable; urgency=low

  * Upload to unstable

 -- David Nusinow <dnusinow@debian.org>  Thu, 23 Mar 2006 22:44:39 -0500

libxfont (1:1.0.0-2) experimental; urgency=low

  * Have libxfont-dev depend on libfreetype6-dev and libfontenc-dev. Thanks
    Eugene Konev.
  * Port patches from trunk
    + general/099v_fontserver_fix_SEGV.diff

 -- David Nusinow <dnusinow@debian.org>  Sun, 26 Feb 2006 18:35:44 -0500

libxfont (1:1.0.0-1) experimental; urgency=low

  * First upload to Debian

 -- David Nusinow <dnusinow@debian.org>  Thu, 29 Dec 2005 20:51:40 -0500

libxfont (1:0.99.0+cvs.20050909-1) breezy; urgency=low

  * Fix the XFONT_FONTCACHE/FONTCACHE define in configure.ac (close:
    Ubuntu#14319).

 -- Daniel Stone <daniel.stone@ubuntu.com>  Fri,  9 Sep 2005 15:39:57 +1000

libxfont (1:0.99.0-1) breezy; urgency=low

  * First libxfont release.

 -- Daniel Stone <daniel.stone@ubuntu.com>  Mon, 16 May 2005 22:10:17 +1000