File: changelog

package info (click to toggle)
smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 2,036 kB
  • sloc: php: 18,535; yacc: 982; makefile: 74
file content (242 lines) | stat: -rw-r--r-- 8,832 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
smarty3 (3.1.33+20180830.1.3a78a21f+selfpack1-1) unstable; urgency=medium

  * New upstream release.
    - CVE-2018-16831: Don't bypass trusted directories with "../". (Closes:
      #908698).
  * debian/control:
    + Bump Standards-Version: to 4.2.1. No changes needed.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 17 Sep 2018 13:04:18 +0200

smarty3 (3.1.32+20180424.1.ac9d4b58+selfpack1-1) unstable; urgency=medium

  * New upstream release.
  * debian/*: White-space clean-up at EOL.
  * debian/patches:
    + Drop 0001_CVE-2017-1000480.patch. Applied upstream.
  * debian/rules:
    + Avoid using dpkg-parsechangelog.
  * debian/copyright:
    + Update copyright attributions.
    + Use secure URI to obtain copyright references.
    + Add global Comment: field. Explain about brokenness of upstream tarballs.
  * debian/control:
    + Update Vcs-*: fields. Packaging Git has been migrated to
      salsa.debian.org.
    + Bump Standards-Version: to 4.1.4. No changes needed.
  * debian/{control,compat}:
    + Bump DH version level to 11.

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 27 May 2018 23:21:33 +0200

smarty3 (3.1.31+20161214.1.c7d42e4+selfpack1-3) unstable; urgency=medium

  * debian/patches:
    + Add 0001_CVE-2017-1000480.patch. Fixes CVE-2017-1000480. (Closes:
      #886460).

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 14 Jan 2018 11:13:16 +0100

smarty3 (3.1.31+20161214.1.c7d42e4+selfpack1-2) unstable; urgency=medium

  * Re-upload to Debian unstable to enforce package rebuild (as we don't
    have binNMUs for arch:all packages).

  * debian/control:
    + Update versioned B-D on smarty-lexer (>=  3.1.30+dfsg1-1.1~).
      This is to assure correct lexer/parser generation which was broken by
      smarty-lexer 3.1.30+dfsg1-1. See Debian bug #847571 for further
      reference.

 -- Mike Gabriel <sunweaver@debian.org>  Tue, 21 Mar 2017 10:13:01 +0100

smarty3 (3.1.31+20161214.1.c7d42e4+selfpack1-1) unstable; urgency=medium

  * New upstream release.
  * debian/rules:
    + Self-pack orig tarball from Git commit, due to broken upstream
      tarball generation on Github. For details see:
      https://github.com/smarty-php/smarty/issues/325
  * debian/copyright:
    + Update copyright attributions.

 -- Mike Gabriel <sunweaver@debian.org>  Tue, 24 Jan 2017 21:17:51 +0100

smarty3 (3.1.30-1) unstable; urgency=medium

  * Upload to unstable.
  * Update versioned B-D:
    + smarty-lexert (>= 3.1.30+dfsg1-1~).

 -- Mike Gabriel <sunweaver@debian.org>  Fri, 25 Nov 2016 19:52:30 +0100

smarty3 (3.1.30-1~exp1) experimental; urgency=medium

  * New upstream release. Upload to experimental for testing with
    GOsa, FusionDirectory and other web portals that depend on Smarty3.
  * debian/copyright:
    + Update copyright attributions.

 -- Mike Gabriel <sunweaver@debian.org>  Thu, 20 Oct 2016 14:00:22 +0200

smarty3 (3.1.29-2) unstable; urgency=medium

  * Re-upload unchanged to unstable.

 -- Mike Gabriel <sunweaver@debian.org>  Fri, 07 Oct 2016 14:03:44 +0200

smarty3 (3.1.29-1) experimental; urgency=medium

  * New upstream release. (Closes: #825250).
  * debian/smarty3-lexer:
    + Remove shipped-with .plex and .y files for template and configfile
      parser/lexer. This version uses smarty-lexer src:package at build
      time instead.
  * debian/control:
    + Add B-D pkg-php-tools (for dh_phpcomposer)
    + Versioned B-D: debhelper (>= 9).
    + Use encrypted URLs for Vcs-*: field.
    + Bump Standards: to 3.9.8. No changes needed.
  * debian/{control,rules}:
    + Create internal lexer and parser PHP code at package build time (using
      B-D smarty-lexer). (Closes: #765730). This also solves issues in Debian
      package smarty3 3.1.21-1 caused by lexer/parser PHP files using the old
      trigger_error class API of Smarty.class.php. (Closes: #799282).
  * debian/smarty3.{install,docs}:
    + Use debhelper for installing bin:package files.
  * debian/compat:
    + Bump to DH version level 9.
  * debian/watch:
    + Upstream location has changed, now on Github.
  * debian/rules:
    + Use pure debhelper, with phpcomposer.
    + Make package build idempotent.
  * debian/copyright:
    + Update copyright attributions.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 30 May 2016 14:03:16 +0200

smarty3 (3.1.21-1.1) unstable; urgency=medium

  * Non-maintainer upload in coordination with the maintainer.
  * Update depends and README.Debian for the php 7.0 transition. Thanks to
    Wolfgang Schweer for the patch! (Closes: #821660)

 -- Holger Levsen <holger@debian.org>  Mon, 23 May 2016 11:32:02 +0200

smarty3 (3.1.21-1) unstable; urgency=medium

  * New upstream release. (Closes: #765920).
  * debian/smarty3-lexer:
    + Add 4 files from smarty3 SVN that are used to generate some PHP
      files in the upstream tarball. See README.lexer for details.
      (Closes: #636148).
  * debian/copyright:
    + Add copyright information for debian/smarty3-lexer/*.
    + Fix upstream license (LGPL-3 -> LGPL-3+) after reading the upstream-
      shipped COPYING.lib file more thoroughly.
    + Relicense debian/* under same license as upstream sources (LGPL-3+).
  * debian/control:
    + Bump Standards: to 3.9.6. No changes needed.

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 19 Oct 2014 23:45:18 +0200

smarty3 (3.1.19-1) unstable; urgency=medium

  * New upstream release.
    + Obtain upstream sources as zip files from upstream. Stop checking out
      SVN tags. This change drops three embedded PHP libraries and files with
      problematic PHP licenses. (Closes: #752614).
  * debian/control:
    + Alioth-canonicalize Vcs-Git field.
    + Bump Standards: to 3.9.5. No changes needed.
  * lintian:
    + Drop unused override: embedded-php-library.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 04 Aug 2014 21:32:20 +0200

smarty3 (3.1.13-1) unstable; urgency=low

  * New upstream release.
  * /debian/control:
    + Use my DD address in Maintainer: field.
    + Bump Standards: to 3.9.4. No changes needed.
  * /debian/patches:
    + Drop patch: 001_escape-smarty-exception-messages.patch, included in new
      upstream release.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 06 May 2013 10:19:14 +0200

smarty3 (3.1.10-2) unstable; urgency=low

  * Fix CVE-2012-4437: Add patch 001_escape-smarty-exception-messages.patch.
    Closes: #688153.

 -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Sat, 22 Sep 2012 21:32:58 +0200

smarty3 (3.1.10-1) unstable; urgency=low

  * New upstream release. Closes: #678095.

 -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Tue, 19 Jun 2012 16:41:06 +0200

smarty3 (3.1.8-2) unstable; urgency=low

  * Package smarty3 provides smarty (closes: #657536).
  * Make /debian/copyright machine parsable, explicitly names files that
    have dissenting licenses, license /debian folder under GPLv2+.

 -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Thu, 17 May 2012 00:32:29 +0200

smarty3 (3.1.8-1) experimental; urgency=low

  * New upstream release (rev. 4611).
  * New package maintainer (closes: #668200).
  * Add watch file (closes: #657385).
  * Add Vcs-* lines to control file.
  * Add README.source that explains how we obtain code from
    upstream SVN. Make sure all upstream source files are
    shipped with the Debian source package (closes: #636148).

 -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Thu, 10 May 2012 10:44:55 +0200

smarty3 (3.1.0-1) experimental; urgency=low

  * New upstream release (rev. 4284)
  * Used the code source from subversion (Closes: #636148)
  * debian/copyright:
    + added LexerGenerator copyright
    + added ParserGenerator copyright
  * Fixed security holes:
    + multiple unspecified vulnerabilities (CVE-2009-5052, CVE-2009-5053,
      CVE-2010-4722, CVE-2010-4724, CVE-2010-4726)
    + not consider the umask value when setting the permissions of files
      (CVE-2009-5054)
    + not prevent access to the dynamic and private object members of an
      assigned object (CVE-2010-4723)
    + not properly handle an on value of the asp_tags option in the php.ini file
      (CVE-2010-4725)
    + not properly handle the <?php and ?> tags (CVE-2010-4727)

 -- Thierry Randrianiriana <thierry@debian.org>  Sat, 17 Sep 2011 21:22:11 +0300

smarty3 (3.0.8-1) unstable; urgency=low

  * New upstream release (Closes: #631619)
  * Bumped Standards-Version to 3.9.2
  * Updated licence to LGPL-3

 -- Thierry Randrianiriana <thierry@debian.org>  Wed, 20 Jul 2011 11:29:24 +0300

smarty3 (3.0~rc1-2) unstable; urgency=low

  * Bumped Standards-Version to 3.9.1
  * Removed debian/watch

 -- Thierry Randrianiriana <thierry@debian.org>  Tue, 21 Sep 2010 14:45:44 +0300

smarty3 (3.0~rc1-1) unstable; urgency=low

  * Initial release (Closes: #580754)

 -- Thierry Randrianiriana <thierry@debian.org>  Sat, 08 May 2010 14:36:04 +0300