libyaml (0.2.5-1) unstable; urgency=medium
[ Debian Janitor ]
* Use secure copyright file specification URI.
* Set debhelper-compat version in Build-Depends.
* Set upstream metadata fields: Bug-Database, Bug-Submit (from ./configure),
Repository, Repository-Browse.
* Drop transition for old debug package migration.
* Update standards version to 4.6.0, no changes needed.
[ Florian Ernst ]
* [de63dcd] debian/watch: update as per latest uscan recommendations.
This allows detecting new upstream releases again and also migrates
to the actual upstream source tarballs not containing any pre-built
stuff like documentation, saving a bunch of lintian errors/warnings.
* [1b08058] New upstream version 0.2.5 (Closes: #987895)
* [dfbe297] debian/copyright: update years according to most recent changes
* [183f9d4] upgrade to recommended debhelper-compat (= 13)
But ignore libtool library during installation and simplify debian/rules
* [982974f] debian/rules: enable hardening=+all
* [1f7cabe] debian/libyaml-0-2.symbols: add Build-Depends-Package
meta-information
* [1104826] debian/control: declare Rules-Requires-Root: no
* [8f2e2e6] debian/tests/: add upstream tests as autopkgtest
* [f5e5378] Add Salsa pipeline via debian/salsa-ci.yml file
* [88cfa12] salvaging the package and moving to Debian group on Salsa
(Closes: #1012344)
* [da1b78b] debian/control: Standards-Version: 4.6.1.0 (no further changes
required)
-- Florian Ernst <florian@debian.org> Wed, 06 Jul 2022 16:45:09 +0200
libyaml (0.2.2-1) unstable; urgency=medium
* New upstream version 0.2.2.
* Bump Standards-Version to 4.4.0 and Debhelper compat to 12.
-- Anders Kaseorg <andersk@mit.edu> Sat, 14 Sep 2019 19:50:18 -0700
libyaml (0.2.1-1) unstable; urgency=medium
* New upstream version 0.2.1.
+ Moved canonical repo to GitHub. (Closes: #865709)
* Bump Standards-Version to 4.1.4 and debian/compat to 11.
+ Moved documentation in libyaml-doc from /usr/share/doc/libyaml-doc
to /usr/share/doc/libyaml-dev.
-- Anders Kaseorg <andersk@mit.edu> Tue, 26 Jun 2018 20:25:08 -0400
libyaml (0.1.7-2) unstable; urgency=medium
* Clean doxygen-generated documentation with dh_doxygen.
* Mark libyaml-doc Multi-Arch: foreign.
* Add libyaml-0-2.symbols file.
-- Anders Kaseorg <andersk@mit.edu> Fri, 30 Sep 2016 22:06:09 -0400
libyaml (0.1.7-1) unstable; urgency=medium
* New upstream version 0.1.7.
+ Fix segfault in yaml_string_write_handler.
+ Fix invalid simple key assertion.
* Drop upstreamed patches.
* Migrate packaging from CDBS to dh.
* Drop libyaml-0-2-dbg in favor of automatically generated
libyaml-0-2-dbgsym package.
-- Anders Kaseorg <andersk@mit.edu> Sat, 03 Sep 2016 06:48:38 -0400
libyaml (0.1.6-3) unstable; urgency=high
* debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion
failure caused by wrapped strings. (Closes: #771366)
* Bump Standards-Version to 3.9.6 (no changes needed).
-- Anders Kaseorg <andersk@mit.edu> Fri, 28 Nov 2014 22:05:10 -0500
libyaml (0.1.6-2) unstable; urgency=medium
* Move doxygen from Build-Depends to Build-Depends-Indep.
-- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 21:56:25 -0400
libyaml (0.1.6-1) unstable; urgency=medium
* New upstream version 0.1.6.
+ Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
tags.
+ Fix CVE-2014-2525: heap-based buffer overflow in
yaml_parser_scan_uri_escapes.
* Drop upstreamed patches.
* Run tests at build time.
* Bump Standards-Version to 3.9.5 (no changes needed).
* Use dh-autoreconf. (Closes: #745078)
* Use dh-buildinfo.
* Add libyaml-doc package for Doxygen-generated API documentation and
examples. (Closes: #696821)
* Acknowledge NMUs.
-- Anders Kaseorg <andersk@mit.edu> Tue, 19 Aug 2014 00:03:53 -0400
libyaml (0.1.4-3.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2014-2525.patch patch.
CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
The heap overflow is caused by not properly expanding a string before
writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
(Closes: #742732)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 27 Mar 2014 06:22:25 +0100
libyaml (0.1.4-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Drop libyaml-indent-column-overflow-v2.patch patch.
This patch causes additional regressions on simple YAML files.
* Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
Add upstream's patch to guard against overflows in indent and
flow_level. (Closes: #738587)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 13 Feb 2014 07:51:58 +0100
libyaml (0.1.4-3) unstable; urgency=high
* Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags.
(Closes: #737076)
-- Anders Kaseorg <andersk@mit.edu> Wed, 29 Jan 2014 20:11:48 -0500
libyaml (0.1.4-2) unstable; urgency=low
* Remove extra libyaml-0.so symlink from libyaml-dev.
* Bump Debhelper compat level to 9.
* Support multiarch. (Closes: #653748) (LP: #905630)
* Use 3.0 (quilt) source format.
-- Anders Kaseorg <andersk@mit.edu> Fri, 30 Dec 2011 17:14:52 -0500
libyaml (0.1.4-1) unstable; urgency=low
* New upstream version 0.1.4.
+ Fixed a bug that prevented an empty mapping being used as a simple
key.
+ Fixed pointer overflow when calculating the position of a potential
simple key.
+ Added pkg-config support. (Closes: #537834)
* Remove unneded libyaml.la file. (Closes: #622452)
* Add libyaml-0-2-dbg package with debugging symbols.
(Closes: #592747)
* Bumped standards version to 3.9.2 without further change
-- Anders Kaseorg <andersk@mit.edu> Mon, 30 May 2011 22:27:27 -0400
libyaml (0.1.3-1) unstable; urgency=low
* New upstream version 0.1.3.
+ This release fixes non-standard structure initialization and a
streaming-related issue.
* Bump priority from extra to optional.
-- Anders Kaseorg <andersk@mit.edu> Sun, 04 Oct 2009 14:07:18 -0400
libyaml (0.1.2-1) unstable; urgency=low
* New upstream version 0.1.2.
+ Fixed grammar in error messages (from YAML::XS::LibYAML).
+ Rewritten whitespace detection in the scalar analyzer and block
scalar writers (ported from PyYAML).
+ Fixed emitting folded scalars with trailing breaks; Forced emitting
of a document end indicator when there is a possibility of ambiguous
parsing.
-- Anders Kaseorg <andersk@mit.edu> Mon, 29 Dec 2008 21:10:48 -0500
libyaml (0.1.1-1) unstable; urgency=low
* Initial release (Closes: #484381).
-- Anders Kaseorg <andersk@mit.edu> Tue, 10 Jun 2008 02:37:34 -0400
Generated by dwww version 1.15 on Sun Jun 16 03:51:23 CEST 2024.