File: changelog

package info (click to toggle)
openjpeg2 2.1.2-1.1%2Bdeb9u4
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 13,772 kB
  • sloc: ansic: 162,102; cpp: 6,732; java: 1,996; tcl: 678; sh: 495; makefile: 65
file content (120 lines) | stat: -rw-r--r-- 4,718 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
openjpeg2 (2.1.2-1.1+deb9u4) stretch; urgency=medium

  * Non-maintainer upload.
  * CVE-2018-21010: heap buffer overflow in color_apply_icc_profile
    (Closes: #939553).
  * CVE-2018-20847: improper computation of values in the function
    opj_get_encoding_parameters, leading to an integer overflow
    (Closes: #931294).
  * CVE-2016-9112: floating point exception or divide by zero in the
    function opj_pi_next_cprl (Closes: #844551).

 -- Hugo Lefeuvre <hle@debian.org>  Tue, 08 Oct 2019 15:20:27 +0200

openjpeg2 (2.1.2-1.1+deb9u3) stretch-security; urgency=medium

  * Non-maintainer upload by the Security Team.
  * CVE-2018-14423: Division-by-zero vulnerabilities in the functions
    pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873).
  * CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks
    (closes: #889683).
  * CVE-2017-17480: Write stack buffer overflow due to missing buffer
    length formatter in fscanf call (closes: #884738).
  * CVE-2018-18088: Null pointer dereference caused by null image
    components in imagetopnm (closes: #910763).
  * CVE-2018-5785: Integer overflow in convertbmp.c (closes: #888533).

 -- Luciano Bello <luciano@debian.org>  Thu, 07 Mar 2019 16:41:30 -0500

openjpeg2 (2.1.2-1.1+deb9u2) stretch-security; urgency=medium

  * Fix whitespace/indent mess
  * CVE-2017-14039: CVE-2017-14039.patch
  * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
  * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
  * CVE-2017-14151: afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
  * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch

 -- Mathieu Malaterre <malat@debian.org>  Mon, 16 Oct 2017 21:15:20 +0200

openjpeg2 (2.1.2-1.1+deb9u1) stretch-security; urgency=medium

  * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
  * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
  * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
  * CVE-2016-10504: 397f62c0a838e15d667ef50e27d5d011d2c79c04.patch

 -- Mathieu Malaterre <malat@debian.org>  Mon, 16 Oct 2017 07:27:49 +0200

openjpeg2 (2.1.2-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Add CVE-2016-9572_CVE-2016-9573.patch patch.
    CVE-2016-9572: NULL pointer dereference in input decoding
    CVE-2016-9573: Heap out-of-bounds read due to insufficient check in
    imagetopnm(). (Closes: #851422)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 22 Jan 2017 14:18:13 +0100

openjpeg2 (2.1.2-1) unstable; urgency=medium

  * New upstream. Closes: #839120
  * Fix CVE-2016-7163. Closes: #837604
  * Fix CVE-2016-7445. Closes: #838690
  * Remove patches applied upstream:

 -- Mathieu Malaterre <malat@debian.org>  Thu, 29 Sep 2016 08:11:30 +0200

openjpeg2 (2.1.1-1) unstable; urgency=medium

  * New upstream. Closes: #829734
    + d/watch points toward github now
    + Fix man page typos. Closes: #772889, #784377
    + Raise priority to optional. Closes: #822577
    + Fix multiple CVEs: Closes: #800453, #800149, #818399
  * Fix pc file. Closes: #787383
  * Remove reference to contrib. Closes: #820190
  * Bump Std-Vers to 3.9.8, no changes needed

 -- Mathieu Malaterre <malat@debian.org>  Mon, 11 Jul 2016 09:28:19 +0200

openjpeg2 (2.1.0-2.1) unstable; urgency=high

  * Non-maintainer upload.
  * Apache 2.4 transition: (Closes: #786333)
    + d/rules: Added --with apache2.
    + Drop d/libopenjpip-server.install.
    + Drop d/libopenjpip-server.prerm.
    + d/control: Add build-depends on dh-apache2, replace depends on
      apache2.2-bin by ${misc:Recommends}, add recommends on
      libapache2-mod-fastcgi.
    + New d/libopenjpip-server.conf for apache2 fastcgi setup.
    + Drop d/libopenjpip-server.load.
    + New d/libopenjpip-server.apache2 to set up the configuration.

 -- Jean-Michel Vourgère <nirgal@debian.org>  Thu, 21 May 2015 23:05:40 +0200

openjpeg2 (2.1.0-2) unstable; urgency=low

  * Install *.pc files. Closes: #762251
  * Remove cmake-fatal-error export stuff
  * Fix warnings in d/copyright
  * Bump Std-Vers to 3.9.6, no changes needed
  * Fix include path in export file to handle multi-arch install
    + debian/patches/multiarch_path.patch

 -- Mathieu Malaterre <malat@debian.org>  Tue, 07 Oct 2014 13:14:43 +0200

openjpeg2 (2.1.0-1) unstable; urgency=low

  * New upstream. Closes: #761154, #761155
  * Rename binary packages to prevent conflicts. Closes: #760874
  * Remove "Multi-Arch: same" for -dev package. Closes: #760421

 -- Mathieu Malaterre <malat@debian.org>  Thu, 11 Sep 2014 17:40:46 +0200

openjpeg2 (2.0.0-1) unstable; urgency=low

  * New upstream. Closes: #738655.

 -- Mathieu Malaterre <malat@debian.org>  Fri, 23 May 2014 18:23:37 +0200