File: changelog

package info (click to toggle)
tardiff 0.1-5
  • links: PTS, VCS
  • area: main
  • in suites: buster, stretch
  • size: 144 kB
  • ctags: 42
  • sloc: perl: 1,109; makefile: 5
file content (59 lines) | stat: -rw-r--r-- 2,401 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
tardiff (0.1-5) unstable; urgency=medium

  * Also fix `tar …` code injection which is also part of CVE-2015-0857.
  * Update Vcs-Browser header to use https and cgit.
  * Declare compliance with Debian Policy 3.9.8. (No changes needed.)
  * Update Vcs-Git header to use https:// instead of git://.
  * Fix typos found by lintian in man page and long package description.
  * Add lintian overrides for "pedantic"-level warnings related to tardiff
    being distributed as a single file.

 -- Axel Beckert <abe@debian.org>  Fri, 29 Apr 2016 00:37:49 +0200

tardiff (0.1-4) unstable; urgency=high

  * Fix CVE-2015-0858.diff to explicitly hardcode OldStyle diff style to
    work with fix-statistic.diff. Text::Diff has different defaults than
    "diff".

 -- Axel Beckert <abe@debian.org>  Sat, 17 Oct 2015 17:33:35 +0200

tardiff (0.1-3) unstable; urgency=high

  * Add patch to fix miscalculated statistics. (Closes: #802098)
  * Add patches to fix two security issues:
    + CVE-2015-0857: shell command injection through file names
    + CVE-2015-0858: /tmp race condition in handling temporary directory
    Issues found and reported by Rainer Müller and Florian Weimer.
    Additional necessary changes:
    + Add new run-time dependency on libtext-diff-perl.
  * Declare compliance with Debian Policy 3.9.6 (no changes needed).

 -- Axel Beckert <abe@debian.org>  Sat, 17 Oct 2015 17:20:17 +0200

tardiff (0.1-2) unstable; urgency=low

  * Patch -a vs -s mixup. (Due to a typo, the short option -a is not
    queried while the short option -s works as if would have been -a. The
    according long options worked as advertised.)
  * Bump debhelper compatibility to 9
    + Update versioned debhelper build-dependency
    + Remove manual clean up of *-stamp files
  * Revamp debian/rules:
    + Move dh_installman parameter to debian/manpages
    + Switch to a dh7 style debian/rules file
  * Remove recommends on essential package
  * Bump Standards-Version to 3.9.4 (no changes)
  * Fix lintian warning vcs-field-not-canonical
  * Remove stray debian/debian/patches/series
  * Apply wrap-and-sort

 -- Axel Beckert <abe@debian.org>  Mon, 03 Jun 2013 12:57:19 +0200

tardiff (0.1-1) unstable; urgency=low

  * Initial release (Closes: #650668)
  * Add patch to fix comparison of tar balls with the same base
    directory.

 -- Axel Beckert <abe@debian.org>  Mon, 07 May 2012 01:02:25 +0200