X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=debian%2Fchangelog;h=c46d75085ecad19f6fb9fcba1b718fa1f7281353;hb=e7921f54c622e3b32e525f345bc34308821e4ae0;hp=04297aedccbcf40572399f0bdb60200bfbcd5fab;hpb=bef5279812845d49f988580e076c0ca597078dfd;p=gzip diff --git a/debian/changelog b/debian/changelog index 04297ae..c46d750 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,44 +1,160 @@ -gzip (1.3.2-3woody5) oldstable-security; urgency=high +gzip (1.3.9-1) unstable; urgency=low - * Non-maintainer upload by the Security Team - * No changes upload due to the release + * new upstream version, closes: #366660, #403308 + * clean up a few gratuitous differences from new upstream, leaving + only the rsyncable patch and tweaks like zmore always using more + * fix spelling error in documentation, closes: #395450 + * upstream patch for regression uncompressing null input, closes: #403970 - -- Martin Schulze Sat, 11 Jun 2005 16:20:43 +0200 + -- Bdale Garbee Wed, 20 Dec 2006 19:16:36 -0700 -gzip (1.3.2-3woody4) stable-security; urgency=high +gzip (1.3.5-15) unstable; urgency=high - * Non-maintainer upload by the Security Team - * Applied patch by Steve Grub to fix premission setting race condition - [gzip.c, CAN-2005-0988] - * Applied patch by Ulf Härnhammar to fix directory traversal problem - [gzip.c, CAN-2005-1228, Bug#305255] + * security update, covering the following alerts: + CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 - -- Martin Schulze Thu, 2 Jun 2005 16:26:06 +0200 + -- Bdale Garbee Tue, 19 Sep 2006 06:35:26 -0600 -gzip (1.3.2-3woody3) stable-security; urgency=high +gzip (1.3.5-14) unstable; urgency=medium - * Non-maintainer upload by the Security Team - * Revert patches for zdiff and znew since the use of 'set -C' should - indeed be sufficient. + * update section to match override + * patch from Matthew Chapman to avoid deleting input file before we're + sure the output file has been written without errors, closes: #366660 + * patch from Reuben Thomas to fix zgrep return code, + closes: #292896, #192891, #190442 + * enable gzexe compressed files to work on systems where tempfile is not + available while retaining preference for tempfile, closes: #334540 - -- Martin Schulze Thu, 4 Nov 2004 12:55:03 +0100 + -- Bdale Garbee Tue, 20 Jun 2006 15:02:27 -0600 -gzip (1.3.2-3woody2) stable-security; urgency=high +gzip (1.3.5-13) unstable; urgency=low - * Non-maintainer upload by the Security Team - * Applied Trustix patch to correct insecure temporary file use in zdiff - and znew [zdiff.in, znew.in, CAN-2004-0970, Bugtraq Id 11288] + * patch from Reuben Thomas fixes problem passing zgrep filenames starting + with dashes, closes: #342501 + * fix a spelling error in gzip man page, closes: #356011 + * document the fact that zless doesn't work with stdin, + closes: #320226, #345036 - -- Martin Schulze Sun, 31 Oct 2004 20:02:13 +0100 + -- Bdale Garbee Sat, 15 Apr 2006 01:31:54 -0600 -gzip (1.3.2-3woody1) stable-security; urgency=high +gzip (1.3.5-12) unstable; urgency=low - * Non-maintainer upload by the Security Team - * Fix multiple instances of insecure temporary files - - gzexe.in (CVE-1999-1332), which became un-fixed sometime since potato - - znew (CAN-2003-0367) + * merge patch from Matt Zimmerman for futex hang due to improper signal + handling, closes: #310053, #315612 + * merge patch to add --rsyncable to the man page, closes: #289616, #295721 + * don't return failing result code on harmless warning, closes: #169669 - -- Matt Zimmerman Sat, 31 May 2003 17:41:06 -0400 + -- Bdale Garbee Mon, 11 Jul 2005 22:10:51 +0300 + +gzip (1.3.5-11) unstable; urgency=low + + * patch from Peter Samuelson for bashism in zgrep, + closes: #314342, #314211, #312380, #310329 + + -- Bdale Garbee Wed, 15 Jun 2005 14:39:11 -0600 + +gzip (1.3.5-10) unstable; urgency=medium + + * remove PAGER reference from zmore.1, closes: #263792 + * patch to improve zgrep argument sanitizing (CAN-2005-0758), + closes: #308379 + * patch isolated by Petter Reinholdtsen for CAN-2005-0988, closes: #303927 + * patch for dir traversal bug (CAN-2005-1228), closes: #305255 + * up the priority a click because of the security fixes + * patch to support cross building, closes: #283730 + + -- Bdale Garbee Fri, 20 May 2005 22:34:49 -0600 + +gzip (1.3.5-9) unstable; urgency=low + + * eliminate the autoconf and automake build dependencies, since they are + no longer needed, closes: #250766 + * improve temp file usage in gzexe, closes: #257314, #259043 + * have zmore use 'more' instead of honoring $PAGER, to avoid violating + the principle of least astonishment, closes: #234212 + * fix zgrep choke on filenames including a pipe character, closes: #216211 + * incorporate watch file, closes: #248722 + * suggest less, since we provide zless, closes: #217925 + * use signames instead of signumbers for trap calls, closes: #259284 + + -- Bdale Garbee Sat, 24 Jul 2004 01:23:03 -0600 + +gzip (1.3.5-8) unstable; urgency=low + + * run autoreconf -i to address problem reported with dir.old.gz being + included on rebuilds, closes: #249519 + * change automake build dependency from automake1.7 to automaken + * add lintian overrides to squelch the hardlink warnings + * fix typo in inflate.c comments, closes: #201881 + + -- Bdale Garbee Sun, 23 May 2004 01:07:03 -0600 + +gzip (1.3.5-7) unstable; urgency=low + + * patch from David Mosberger to incorporate work done by Sverre Jarp on + an ia64 version of match.c content. + + -- Bdale Garbee Thu, 10 Jul 2003 08:45:27 -0600 + +gzip (1.3.5-6) unstable; urgency=medium + + * patch for insecure temp file usage in znew, closes: #193375 + + -- Bdale Garbee Sat, 7 Jun 2003 09:05:11 -0600 + +gzip (1.3.5-5) unstable; urgency=low + + * apply patch from Anthony Towns that fixes seg faults on alpha during + build of Xfree86 at the expense of slightly decreasing the effectiveness + of the deflate implementation. closes: #184057, #187417 + + -- Bdale Garbee Wed, 16 Apr 2003 11:24:23 -0600 + +gzip (1.3.5-4) unstable; urgency=low + + * merge patch from Rusty Russell that adds --rsyncable option to gzip. + This modifies the output stream to allow rsync to transfer updated .gz + files much more effectively. The resulting .gz files should be compatible + with the existing gunzip. The plan is that if this works out well for + Debian, the functionality will be included in a future upstream gzip + release. Closes: #116183, #118118, #134741 + + -- Bdale Garbee Thu, 13 Feb 2003 23:50:23 -0700 + +gzip (1.3.5-3) unstable; urgency=low + + * upload a fresh version so m68k, et al, will rebuild, closes: #167790 + + -- Bdale Garbee Wed, 6 Nov 2002 16:13:42 -0700 + +gzip (1.3.5-2) unstable; urgency=low + + * fix gzexe.in again as per what I did for 1.3.2-3 that accidentally got + lost when I merged 1.3.5 from upstream... sigh. Closes: #167150 + * hack on gzip.texi a little harder to squelch warning at install time from + Debian's install-info, closes: #164106 + + -- Bdale Garbee Wed, 30 Oct 2002 20:21:42 -0700 + +gzip (1.3.5-1) unstable; urgency=low + + * new upstream version + * fixes a bug in the incorrect-suffix diagnostic, which can lead to a + core dump, closes: #152579 + * removes dangling output symlinks properly, closes: #144759 + * zless no longer thinks it is zmore in usage message, closes: #121810 + * zless replaced with a much simpler script, closes: #124097 + * uses shell pattern matching instead of 'expr', closes: #123295 + * man page suggests how to use gunzip on zip files, closes: #146019 + * uses "trap -" to avoid bashism, closes: #140972, #157111 + * accepts __i386 and __i386__ as synonyms for i386, closes: #152694 + * fixes printing values greater than 10 * 2**32 bytes, closes: #141189 + * includes fix for zforce needing -v, closes: #123294 + * hack gzip.texi so that the Debian install-info doesn't choke on it (grrr), + and add texinfo as a build dependency + * eliminate things hard-coded in postinst and prerm now handled by debhelper + + -- Bdale Garbee Wed, 9 Oct 2002 09:05:27 -0600 gzip (1.3.2-3) unstable; urgency=low