File: changelog

package info (click to toggle)
tardiff 0.1-6
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 140 kB
  • sloc: perl: 1,109; makefile: 5
file content (74 lines) | stat: -rw-r--r-- 3,020 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
tardiff (0.1-6) unstable; urgency=medium

  * Update renamed lintian tag names in overrides.
  * Update Vcs-* headers for move to Salsa.
  * Declare compliance with Debian Policy 4.4.0.
    + Update debian/copyright format URL to HTTPS.
    + Set "Rules-Requires-Root: no".
  * Fix spelling error in fix-unique-uniquebase.diff and make its headers
    DEP-3 compliant.
  * Bump debhelper compatibility level to 12.
    + Build-depend on "debhelper-compat (= 12)" to replace debian/compat.
  * Update URLs in debian/copyright to HTTPS where feasible.

 -- Axel Beckert <abe@debian.org>  Sun, 01 Sep 2019 16:19:23 +0200

tardiff (0.1-5) unstable; urgency=medium

  * Also fix `tar …` code injection which is also part of CVE-2015-0857.
  * Update Vcs-Browser header to use https and cgit.
  * Declare compliance with Debian Policy 3.9.8. (No changes needed.)
  * Update Vcs-Git header to use https:// instead of git://.
  * Fix typos found by lintian in man page and long package description.
  * Add lintian overrides for "pedantic"-level warnings related to tardiff
    being distributed as a single file.

 -- Axel Beckert <abe@debian.org>  Fri, 29 Apr 2016 00:37:49 +0200

tardiff (0.1-4) unstable; urgency=high

  * Fix CVE-2015-0858.diff to explicitly hardcode OldStyle diff style to
    work with fix-statistic.diff. Text::Diff has different defaults than
    "diff".

 -- Axel Beckert <abe@debian.org>  Sat, 17 Oct 2015 17:33:35 +0200

tardiff (0.1-3) unstable; urgency=high

  * Add patch to fix miscalculated statistics. (Closes: #802098)
  * Add patches to fix two security issues:
    + CVE-2015-0857: shell command injection through file names
    + CVE-2015-0858: /tmp race condition in handling temporary directory
    Issues found and reported by Rainer Müller and Florian Weimer.
    Additional necessary changes:
    + Add new run-time dependency on libtext-diff-perl.
  * Declare compliance with Debian Policy 3.9.6 (no changes needed).

 -- Axel Beckert <abe@debian.org>  Sat, 17 Oct 2015 17:20:17 +0200

tardiff (0.1-2) unstable; urgency=low

  * Patch -a vs -s mixup. (Due to a typo, the short option -a is not
    queried while the short option -s works as if would have been -a. The
    according long options worked as advertised.)
  * Bump debhelper compatibility to 9
    + Update versioned debhelper build-dependency
    + Remove manual clean up of *-stamp files
  * Revamp debian/rules:
    + Move dh_installman parameter to debian/manpages
    + Switch to a dh7 style debian/rules file
  * Remove recommends on essential package
  * Bump Standards-Version to 3.9.4 (no changes)
  * Fix lintian warning vcs-field-not-canonical
  * Remove stray debian/debian/patches/series
  * Apply wrap-and-sort

 -- Axel Beckert <abe@debian.org>  Mon, 03 Jun 2013 12:57:19 +0200

tardiff (0.1-1) unstable; urgency=low

  * Initial release (Closes: #650668)
  * Add patch to fix comparison of tar balls with the same base
    directory.

 -- Axel Beckert <abe@debian.org>  Mon, 07 May 2012 01:02:25 +0200