mupdf (1.9a+ds1-4+deb9u4) stretch-security; urgency=high

  * Fix CVE-2017-17866, CVE-2018-1000037, CVE-2018-1000040, CVE-2018-5686,
    CVE-2018-6187, and CVE-2018-6192
    (Closes: #885120, #887130, #888464, #888487)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sun, 28 Oct 2018 18:14:58 +0900

mupdf (1.9a+ds1-4+deb9u3) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * CVE-2018-6544, CVE-2018-1000051
    add patches to fix use after free (Closes: #891245)

 -- Thorsten Alteholz <debian@alteholz.de>  Sat, 24 Mar 2018 19:03:02 +0100

mupdf (1.9a+ds1-4+deb9u2) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * A compiler optimization was removing the fix for CVE-2017-15587 

 -- Luciano Bello <luciano@debian.org>  Fri, 10 Nov 2017 14:58:10 -0500

mupdf (1.9a+ds1-4+deb9u1) stable-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2017-14685, CVE-2017-14686, CVE-2017-14687, and CVE-2017-15587
    (Closes: #877379, #879055)

 -- Luciano Bello <luciano@debian.org>  Sun, 22 Oct 2017 20:10:29 -0400

mupdf (1.9a+ds1-4) unstable; urgency=high

  * Fix patch for CVE-2017-5991: The original patch was incomplete.
    (Closes: #855383)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sat, 18 Feb 2017 00:43:12 +0800

mupdf (1.9a+ds1-3) unstable; urgency=high

  * CVE-2017-5896: use-after-free in fz_subsample_pixmap()  (Closes: #854734)
  * CVE-2017-5991: NULL pointer dereference in pdf_run_xobject()

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Thu, 16 Feb 2017 23:43:55 +0800

mupdf (1.9a+ds1-2) unstable; urgency=medium

  * Acknowledge NMU.
  * CVE-2016-8674: heap-use-after-free in pdf_to_num (pdf-object.c)
    (Closes: #840957)
  * Set debhelper compact to 9

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Tue, 15 Nov 2016 00:07:55 +0800

mupdf (1.9a+ds1-1.2) unstable; urgency=medium

  * Non-maintainer upload.
  * CVE-2016-6525: heap overflow in pdf_load_mesh_params() (Closes: #833417)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 06 Aug 2016 13:44:07 +0200

mupdf (1.9a+ds1-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * CVE-2016-6265: Use after free vulnerability in pdf_xref.c
    (Closes: #832031)

 -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 01 Aug 2016 14:17:20 +0200

mupdf (1.9a+ds1-1) unstable; urgency=medium

  * New upstream release (Closes: #819101)
  * Add glfw and harfbuzz third party libraries to Files-Excluded
  * Building now requires libharfbuzz-dev
  * Drop patches included in upstream release
  * Disable mupdf to read from console. (Closes: #830143)
  * The mudraw command is merged to mutool
  * Update debian/watch to reflect new download page structure
  * Fix typo in debian/control
  * Use --uscan with gbp import-orig by default
  * Support more options in the wrapper (Closes: #819099)
  * Bump Standards-Version to 3.9.8, no changes needed

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Thu, 07 Jul 2016 01:58:00 +0800

mupdf (1.7a-1) unstable; urgency=high

  * New Upstream version 1.7a
  * debian/rules: Fix FTBFS with new libjbig2. (Closes: #796420)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Fri, 18 Sep 2015 23:14:20 +0800

mupdf (1.7-1) unstable; urgency=medium

  * New Upstream version 1.7
    + Added missing section in mutool man page. (Closes: #775427)
    + Set _NET_WM_NAME properly. (Closes: #780019)
    + Support continuously scrolling. (Closes: #611221)
    + "mutool clean" now has correct exit status. (Closes: #781746)
  * Refresh patches
  * Remove generated file in clean target
  * debian/control: Add that MuPDF also reads XPS, OpenXPS and ePub.
  * debian/watch: Use repacksuffix and dversionmangle
  * Move mupdf-x11 out of /usr/bin.
    Thanks to Mathieu Malaterre for the patch (Closes: #752207)
  * debian/patches/0008-Bigger-scaling.patch: Add more scale level.
    Thanks to Thomas Prokosch for the patch (Closes: #769282)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Thu, 07 May 2015 00:03:39 +0800

mupdf (1.6-1) unstable; urgency=medium

  * New upstream release. (Closes: #767391)
  * Refresh patches.
  * debian/copyright: New files source/fitz/{ftoa.c,strtod.c}

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sat, 01 Nov 2014 19:28:58 +0800

mupdf (1.5-1) unstable; urgency=medium

  * New upstream release. (Closes: #761960)
  * Use git-buildpackage to maintain the package repository
  * Unapply patches from source after build
  * Use MUJS to provide JS functionality (Closes: #760480, #745247)
  * Build against openjpeg 2.1 (Closes: #745246, #761955)
  * Fix build with libopenjp2.
  * Fix -Werror=format-security error
  * debian/copyright: Add Files-Excluded header
  * debian/copyright: Update short license name
  * Fix unsafe conversion from float to fz_linecap (Closes: #749902)
  * Enable verbose build log
  * Fix FTBFS with clang.
    Thanks to Alexander (Closes: #755741)
  * Document mudraw -F command line switch in man page (Closes: #750724)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sat, 20 Sep 2014 23:18:10 +0800

mupdf (1.4-2) unstable; urgency=medium

  * Disable JavaScript support on powerpc, s390x and sparc. (Closes: #747131)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Mon, 19 May 2014 00:11:11 +0800

mupdf (1.4-1) unstable; urgency=medium

  [ Quoc-Viet Nguyen ]
  * New upstream release.
  * Fix compiling with libopenjpeg5. (Closes: #743103, #735878)

  [ Kan-Ru Chen (陳侃如) ]
  * Update debian/copyright.
  * Enable JavaScript support with v8. (Closes: #743414)
  * Won't crash when pdf file changes. (Closes: #699686)
  * Add mupdf.sh so it could be used with compressed pdf-files. Thanks
    Jörg-Volker Peetz! (Closes: #734183)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sun, 20 Apr 2014 01:49:29 +0800

mupdf (1.3-2) unstable; urgency=medium

  * Fix CVE-2014-2013: Stack-based Buffer Overflow in
    xps_parse_color(). (Closes: #738857)
  * Add description of key P to mupdf(1). (Closes: #736125)
  * Add description of BROWSER env to mupdf(1). (Closes: #699684)
  * Bump Standards-Version to 3.9.5, no changes needed

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Sun, 09 Mar 2014 23:41:55 +0800

mupdf (1.3-1) unstable; urgency=low

  * New upstream release. (Closes: #719281, #686806, #667971)
  * Remove fix_compiling_1.2.patch
  * Disable JPEG2000 support if compiled with libopenjpeg2
  * Fix header mismatch with libjpeg-dev. (Closes: #717201)

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Mon, 25 Nov 2013 01:38:45 +0800

mupdf (1.2-2) unstable; urgency=low

  * Upload to unstable
  * Fix build with openjpeg 1.3.
  * debian/control: Update mupdf-tools long description.

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Thu, 20 Jun 2013 22:59:39 +0800

mupdf (1.2-1) experimental; urgency=low

  [ Quoc-Viet Nguyen ]
  * New upstream release: 1.2. (Closes: #690983)
    - Changed MuPDF license to AGPL.
    - Increased openjpeg version dependency to 1.5.
    - New binary `mutool' now includes most mupdf tools. (Closes: #656267).
  * Use debian/watch from Bart Martens.

  [ Kan-Ru Chen (陳侃如) ]
  * Add Quoc-Viet Nguyen as co-maintainer. Congratulations!
  * Bump Standards-Version to 3.9.4, no changes needed
  * debian/copyright: Updated.
  * Provides: pdf-viewer. (Closes: #682450)
  * Enable CPPFLAGS hardening flags. Thanks Simon Ruderich (Closes: #665315)
  * debian/rules: Remove generated files at clean target.
  * Fix mudraw.1 formatting.

 -- Kan-Ru Chen (陳侃如) <koster@debian.org>  Thu, 20 Jun 2013 01:43:14 +0800

mupdf (0.9-2) unstable; urgency=low

  * Enable harden flags.
  * debian/copyright: Updated.
  * Bump Standards-Version to 3.9.2, no changes needed
  * debian/patches/bug621894.patch: Fix text copying with
    selection. (Closes: #621894)
  * debian/patches/bug646350.patch: Fix FTBFS with
    -Werror=format-security. (Closes: #646350)

 -- Kan-Ru Chen <koster@debian.org>  Sat, 17 Dec 2011 22:25:35 +0800

mupdf (0.9-1) unstable; urgency=low

  * New upstream release. (Closes: #641169)
  * debian/patches/mupdf_update_manpages.patch: Merged upstream.
  * debian/libmupdf-dev.install: Install more library and headers.

 -- Kan-Ru Chen <koster@debian.org>  Sun, 11 Sep 2011 12:08:18 +0800

mupdf (0.8.15-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/mupdf_fix_build.patch,
    debian/patches/mupdf_install_manpages_default.patch,
    debian/patches/mupdf_move_manpages_to_upstream.patch,
    debian/patches/mupdf_remove_extra_usage.patch: Merged upstream.
  * debian/watch: Upstream now uses google code hosting.

 -- Kan-Ru Chen <koster@debian.org>  Tue, 05 Apr 2011 20:03:33 +0800

mupdf (0.8-1) unstable; urgency=low

  * New upstream release. (Closes: #604746)
  * debian/patches/mupdf_move_manpages_to_upstream.patch,
    debian/patches/mupdf_update_manpages.patch: Sync with upstream.
    Remove debug purpose keybinding from manpage. (Closes: #597337)
  * Add NoDisplay=true to mupdf.desktop as the application is not
    intended for standalone use but a viewer. (Closes: #602293)
  * debian/mupdf.menu: Removed as well.
  * debian/patches/mupdf_remove_extra_usage.patch: New patch, remove
    redundant usage string from output.
  * Add non-standard DEB_BUILD_OPTIONS x-fpic support. (Closes: #617253)

 -- Kan-Ru Chen <koster@debian.org>  Wed, 09 Mar 2011 11:23:12 +0800

mupdf (0.7-2) unstable; urgency=low

  * Fix FTBFS on hurd-i386, kfreebsd-amd64, kfreebsd-i386

 -- Kan-Ru Chen <koster@debian.org>  Wed, 15 Sep 2010 17:15:47 +0800

mupdf (0.7-1) unstable; urgency=low

  * New upstream release
    (Closes: #590263, #590264, #590245)
  * Update manpages to reflect keybinding change
  * Patch build system to accept additional CFLAGS.
  * Add mupdf-tools to Suggests of mupdf. (Closes: #593446)
  * Update watch file
  * Bump Standards-Version to 3.9.1, no changes needed

 -- Kan-Ru Chen <koster@debian.org>  Wed, 15 Sep 2010 02:27:06 +0800

mupdf (0.6-1) unstable; urgency=low

  * Initial release. (Closes: #559906)

 -- Kan-Ru Chen <koster@debian.org>  Thu, 22 Jul 2010 08:23:00 +0800