X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=debian%2Fchangelog;h=077ef39d19e209cd82d1895c6f76d7b8c5f0036a;hb=ce8afb6db89e58713e1758c1805abb5315b570ae;hp=52d6a13cc7fa5870b0df1fa2e84d87ac2dd342ea;hpb=8ba3484138b5d1e72fd4ef49d27159263cb6bea6;p=gzip diff --git a/debian/changelog b/debian/changelog index 52d6a13..077ef39 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,23 +1,64 @@ -gzip (1.3.5-10sarge2) stable-security; urgency=high +gzip (1.3.9-2) unstable; urgency=low - * Non-maintainer upload by the Security Team: - * Fix several security problems discovered by Tavis Ormandy of Google: - - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - - Buffer overflow in pack code (CVE-2006-4336) - - Buffer overflow in LZH code (CVE-2006-4337) - - DoS through an infinite loop in LZH code (CVE-2006-4337) - (Patch by Thomas Biege of SuSe) + * change direntry ordering in gzip.texi to work around bug in install-info, + closes: #404048 - -- Moritz Muehlenhoff Sun, 10 Sep 2006 21:01:47 +0000 + -- Bdale Garbee Thu, 21 Dec 2006 09:16:16 -0700 -gzip (1.3.5-10sarge1) stable; urgency=low +gzip (1.3.9-1) unstable; urgency=low + + * new upstream version, closes: #366660, #403308 + * clean up a few gratuitous differences from new upstream, leaving + only the rsyncable patch and tweaks like zmore always using more + * fix spelling error in documentation, closes: #395450 + * upstream patch for regression uncompressing null input, closes: #403970 + + -- Bdale Garbee Wed, 20 Dec 2006 19:16:36 -0700 + +gzip (1.3.5-15) unstable; urgency=high + + * security update, covering the following alerts: + CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 + + -- Bdale Garbee Tue, 19 Sep 2006 06:35:26 -0600 + +gzip (1.3.5-14) unstable; urgency=medium + + * update section to match override + * patch from Matthew Chapman to avoid deleting input file before we're + sure the output file has been written without errors, closes: #366660 + * patch from Reuben Thomas to fix zgrep return code, + closes: #292896, #192891, #190442 + * enable gzexe compressed files to work on systems where tempfile is not + available while retaining preference for tempfile, closes: #334540 + + -- Bdale Garbee Tue, 20 Jun 2006 15:02:27 -0600 + +gzip (1.3.5-13) unstable; urgency=low + + * patch from Reuben Thomas fixes problem passing zgrep filenames starting + with dashes, closes: #342501 + * fix a spelling error in gzip man page, closes: #356011 + * document the fact that zless doesn't work with stdin, + closes: #320226, #345036 + + -- Bdale Garbee Sat, 15 Apr 2006 01:31:54 -0600 + +gzip (1.3.5-12) unstable; urgency=low * merge patch from Matt Zimmerman for futex hang due to improper signal handling, closes: #310053, #315612 - * backport to stable since this problem affects several debian.org servers + * merge patch to add --rsyncable to the man page, closes: #289616, #295721 + * don't return failing result code on harmless warning, closes: #169669 + + -- Bdale Garbee Mon, 11 Jul 2005 22:10:51 +0300 + +gzip (1.3.5-11) unstable; urgency=low + + * patch from Peter Samuelson for bashism in zgrep, + closes: #314342, #314211, #312380, #310329 - -- Bdale Garbee Tue, 8 Nov 2005 22:25:19 -0700 + -- Bdale Garbee Wed, 15 Jun 2005 14:39:11 -0600 gzip (1.3.5-10) unstable; urgency=medium