gzip (1.3.2-3woody3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Revert patches for zdiff and znew since the use of 'set -C' should indeed be sufficient. -- Martin Schulze Thu, 4 Nov 2004 12:55:03 +0100 gzip (1.3.2-3woody2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Trustix patch to correct insecure temporary file use in zdiff and znew [zdiff.in, znew.in, CAN-2004-0970, Bugtraq Id 11288] -- Martin Schulze Sun, 31 Oct 2004 20:02:13 +0100 gzip (1.3.2-3woody1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix multiple instances of insecure temporary files - gzexe.in (CVE-1999-1332), which became un-fixed sometime since potato - znew (CAN-2003-0367) -- Matt Zimmerman Sat, 31 May 2003 17:41:06 -0400 gzip (1.3.2-3) unstable; urgency=low * modify gzexe.in to hard-code /bin/gzip instead of trying to use BINDIR which yields /usr/bin/gzip. Don't use PATH since we have no idea what it might be when the gzexe'd executable gets run. Closes: #119641 -- Bdale Garbee Wed, 14 Nov 2001 23:00:59 -0700 gzip (1.3.2-2) unstable; urgency=low * fix silly mistake made when moving man pages from hard to soft links, so man pages for zegrep, zfgrep, and uncompress work again, closes: #118325 -- Bdale Garbee Mon, 5 Nov 2001 00:53:40 -0700 gzip (1.3.2-1) unstable; urgency=low * new upstream release, incorporating my diffs to 1.3.1 -- Bdale Garbee Sun, 4 Nov 2001 09:47:40 -0700 gzip (1.3.1-2) unstable; urgency=low * add build dependencies on autoconf and automake * fix infodir spec so we install in the build tree, not the system directory -- Bdale Garbee Sat, 3 Nov 2001 02:18:06 -0700 gzip (1.3.1-1) unstable; urgency=low * new upstream version! From alpha.gnu.org, on the explicit advice of the current upstream maintainers, who are working with Debian to prepare a new stable release that addresses many of the open issues in our BTS. . large file support handled in configure, closes: #108612, #83061, #113000 it appears the subtle problem with concatenation is fixed, closes: #114591 various segfault problems appear fixed, closes: #46312 gzip -r issues fixed, closes: #53645, #106186 problem with --no-filename option fixed, closes: #59067 zgrep -r disallowed - "I did not use the patch as it was not a complete . fix for the problem and I thought it would cause more problems than . it would cure. Instead, I simply disallowed zgrep -r", closes: #81288 error message reworded, closes: #76238 compression factor output fixed, closes: #80362 zgrep -H fixed, closes: #84371 permission issue when forced to compress linked file fixed, closes: #88918 manpage hardlinks fixed, closes: #94733 gzip --help now goes to stdout, closes: #97020 zless no longer runs less if file doesn't exist, closes: #109097 problem with -best fixed, closes: #17650 zgrep now understands --, closes: #28475 file size output by gzip fixed for large files, closes: #40721 * fix location referenced for GPL on Debian systems, closes: #112095 * move install-info remove call from from postrm to prerm -- Bdale Garbee Sat, 3 Nov 2001 01:01:02 -0700 gzip (1.2.4-33) unstable; urgency=low * update to current policy -- Bdale Garbee Thu, 2 Dec 1999 01:10:58 -0700 gzip (1.2.4-32) unstable; urgency=low * update prototype for and definition of basename function for compatibility with glibc2.0, still in use on m68k. Closes: #45058 -- Bdale Garbee Wed, 15 Sep 1999 02:01:47 -0600 gzip (1.2.4-31) unstable; urgency=medium * fix problems I induced while merging the upstream patch in the last upload, most notably omitting zless from the package. Closes: #44883, #44885, #44890, #44882, #44887, #44895, #44896 -- Bdale Garbee Sun, 12 Sep 1999 12:06:00 -0600 gzip (1.2.4-30) unstable; urgency=low * upstream patch, closes: #28872 1998-11-18 Paul Eggert gzip.c (get_method): Don't complain about trailing zeros at the end of a gzipped file, as they're commonly appended to fill out a block (e.g. by GNU tar). * update to FHS compliance -- Bdale Garbee Fri, 10 Sep 1999 21:34:07 -0600 gzip (1.2.4-29) unstable; urgency=low * apply patch from Vincent Renardias that improves behavior when trying to decompress a corrupted .gz file. Closes 7472, 16385 -- Bdale Garbee Wed, 27 Jan 1999 20:50:12 -0700 gzip (1.2.4-28) frozen unstable; urgency=medium * patch zforce to make it work at all, closes 22760 * patch to fix decompression of concatenated gzip files, closes 30537 -- Bdale Garbee Fri, 22 Jan 1999 10:43:09 -0700 gzip (1.2.4-27) frozen unstable; urgency=low * patch from Jean-loup (upstream maintainer) for zgrep.in to fix the problems with -A and -B successfully passing to grep. Closes 21209. -- Bdale Garbee Sat, 25 Apr 1998 22:47:15 -0600 gzip (1.2.4-26) frozen unstable; urgency=low * fix FSF address in copyright file, lintian now reports no errors * minor tweak to Makefile to fix warnings during dh_installmanpages run -- Bdale Garbee Tue, 24 Mar 1998 00:40:48 -0700 gzip (1.2.4-25) frozen unstable; urgency=low * update znew.in and zdiff.in to do save tempfile handling, closes 19794 -- Bdale Garbee Sat, 21 Mar 1998 23:48:26 -0700 gzip (1.2.4-24) unstable; urgency=low * minor fix for complaints about short files, closes 19159 -- Bdale Garbee Wed, 11 Mar 1998 02:21:50 -0700 gzip (1.2.4-23) unstable; urgency=high * respond to security advisory from Alan Cox via Christian Hudon, fixes an obscure possibility to get gzip to execute code -- Bdale Garbee Wed, 11 Mar 1998 02:16:59 -0700 gzip (1.2.4-22) unstable; urgency=high * gzexe modified to use tempfile in response to security advisory -- Bdale Garbee Sat, 31 Jan 1998 14:30:20 -0700 gzip (1.2.4-21) unstable; urgency=low * fix from the upstream maintainer for voluminous "Broken Pipe" messages when using 'zgrep -l' or equivalent. Closes bug 15178. -- Bdale Garbee Sun, 4 Jan 1998 00:56:21 -0700 gzip (1.2.4-20) unstable; urgency=low * freshen rules file to match current debhelper * improve handling of undocumented executables. Closes bug 13578. -- Bdale Garbee Sun, 4 Jan 1998 00:56:21 -0700 gzip (1.2.4-19) unstable; urgency=low * change dependency to Pre-Depends, to keep dpkg from getting hosed during libc6 upgrades. Closes 15091. * switch from debmake to debhelper. In the process, closes 15412. -- Bdale Garbee Mon, 8 Dec 1997 23:42:49 -0700 gzip (1.2.4-18) unstable; urgency=low * don't install INSTALL in the doc directory, closes bug 13224. -- Bdale Garbee Fri, 5 Sep 1997 15:06:35 -0600 gzip (1.2.4-17) unstable; urgency=low * fix distribution problem in changelog file -- Bdale Garbee Fri, 5 Sep 1997 15:06:35 -0600 gzip (1.2.4-16) stable frozen unstable; urgency=low * libc6 * tweaks to rules file to install Changelog, closes bug 12488 -- Bdale Garbee Thu, 4 Sep 1997 22:46:28 -0600 gzip (1.2.4-15) stable frozen unstable; urgency=low * fix minor security issue - race condition reported on bugtraq list * rework debian/rules to build with debugging then strip -- Bdale Garbee Fri, 14 Mar 1997 21:14:44 -0700 gzip (1.2.4-14) stable frozen unstable; urgency=medium * The -13 upload was built against a libc5 too new for 'stable'. -- Bdale Garbee Thu, 28 Nov 1996 11:37:31 -0700 gzip (1.2.4-13) stable frozen unstable; urgency=medium * Fix missing "essential" flag on package, lost during standards update. * Push this version back into stable to solve the 'compress' link problem. -- Bdale Garbee Tue, 19 Nov 1996 09:14:14 -0700 gzip (1.2.4-12) unstable; urgency=low * New packag format. -- Bdale Garbee Sat, 02 Nov 1996 14:47:42 -0800 Thu Jul 18 01:30:22 MDT 1996 Bdale Garbee * add zegrep and zfgrep links in /usr/bin (Bug#3326) * add an extended description (Bug#3591) * tweak control files to use dpkg-name, etc. Fri May 24 07:37:54 MDT 1996 Bdale Garbee * don't provide a 'compress' link since it breaks things, but provide an 'uncompress' link since it's useful. * fix some administrivia Sun Apr 14 20:39:19 MDT 1996 Bdale Garbee * change gzexe.in to not use BINDIR, but assume gzip is in PATH * add Architecture field in the control file Wed Jan 17 00:07:00 MST 1996 Bdale Garbee * switch targets in the Makefile to also install the links called 'compress' and 'uncompress' since some utilities care about these, and we're unlikely to ever have a 'compress' package because of the intellectual property issues. Sat Dec 2 23:45:40 MST 1995 Bdale Garbee * building for ELF * add 'zless' as a near-clone of 'zmore', closes bug 1776 * unable to duplicate bug 1090, something has improved since then? * add libc5 dependency * new maintainer