exempi (2.5.1-1ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: Multiple security issues - debian/patches/202107.patch: port fixes from the 2021.07 code drop. - debian/patches/202108-1.patch: port fixes from the 2021.08 code drop. - debian/patches/202108-2.patch: port fixes from the 2021.08 code drop. - CVE-2021-36045, CVE-2021-36046, CVE-2021-36047, CVE-2021-36048, CVE-2021-36050, CVE-2021-36051, CVE-2021-36052, CVE-2021-36053, CVE-2021-36054, CVE-2021-36055, CVE-2021-36056, CVE-2021-36058, CVE-2021-36064, CVE-2021-39847, CVE-2021-40716, CVE-2021-40732, CVE-2021-42528, CVE-2021-42529, CVE-2021-42530, CVE-2021-42531, CVE-2021-42532 -- Marc Deslauriers Tue, 14 Jun 2022 09:49:44 -0400 exempi (2.5.1-1build1) focal; urgency=medium * No-change rebuild for libgcc-s1 package name change. -- Matthias Klose Sat, 21 Mar 2020 13:27:08 +0100 exempi (2.5.1-1) unstable; urgency=medium * New upstream version 2.5.1 * Update watch file * Drop no-longer needed libexempi3-dbg migration code -- Michael Biebl Wed, 07 Aug 2019 20:54:22 +0200 exempi (2.5.0-2) unstable; urgency=medium * Upload to unstable -- Michael Biebl Wed, 09 Jan 2019 16:22:23 +0100 exempi (2.5.0-1) experimental; urgency=medium * New upstream version 2.5.0 - CVE-2018-12648: fix null-pointer-dereference in WEBP_Support. * Drop unaligned-access.patch, applied upstream * Rename library package for 3 → 8 soname bump * Use debhelper-compat (= 12) Build-Depends and drop debian/compat * Bump Standards-Version to 4.3.0 * Bump shlibs version to 2.5.0 -- Michael Biebl Mon, 07 Jan 2019 00:02:56 +0100 exempi (2.4.5-2) unstable; urgency=medium * Team upload [ Steve Langasek ] * Add debian/patches/unaligned-access.patch: use alignment-safe copy on ARM on Linux, not just on iOS. -- Jeremy Bicha Sun, 18 Mar 2018 21:00:07 -0400 exempi (2.4.5-1) unstable; urgency=medium * New upstream version 2.4.5 with various CVE fixes. (Closes: #892782) - CVE-2018-7730: fix a buffer overflow in the PSD parser. - CVE-2018-7728: fix a buffer overflow in the TIFF parser. - CVE-2018-7729: fix a buffer overflow in PostScript parser. - CVE-2018-7731: fix a null dereference in WEBP parser. * Enable all hardening build flags -- Michael Biebl Wed, 14 Mar 2018 14:36:25 +0100 exempi (2.4.4-1) unstable; urgency=medium * New upstream version 2.4.4 -- Michael Biebl Mon, 05 Feb 2018 01:34:15 +0100 exempi (2.4.3-2) unstable; urgency=medium * Set Rules-Requires-Root to no * Update Vcs-* to point to salsa.debian.org (gitlab) * Bum Standards-Version to 4.1.3 * Bump debhelper compat level to 11 * Switch to dh_missing and abort on uninstalled files -- Michael Biebl Sun, 14 Jan 2018 19:32:53 +0100 exempi (2.4.3-1) unstable; urgency=medium * New upstream version 2.4.3 * Bump Standards-Version to 4.0.0 -- Michael Biebl Tue, 08 Aug 2017 20:22:26 +0200 exempi (2.4.2-1) unstable; urgency=medium * New upstream release. -- Michael Biebl Sat, 04 Feb 2017 01:07:11 +0100 exempi (2.4.1-1) unstable; urgency=medium * New upstream release * Update Vcs-* according to the latest recommendation -- Michael Biebl Mon, 23 Jan 2017 23:53:38 +0100 exempi (2.4.0-1) unstable; urgency=medium * New upstream release. * Bump debhelper compat level to 10 * Bump Standards-Version to 3.9.8 * Bump shlibs version to 2.4.0 -- Michael Biebl Mon, 09 Jan 2017 00:19:27 +0100 exempi (2.3.0-2) unstable; urgency=medium * Run wrap-and-sort -at. * Bump shlibs version to 2.3.0 for the new API that was added. -- Michael Biebl Sun, 20 Mar 2016 23:01:44 +0100 exempi (2.3.0-1) unstable; urgency=medium * New upstream release. * Rebase patches. * Drop libexempi3-dbg now that we have automatic dbgsym packages. * Ensure proper upgrade from libexempi3-dbg to new dbgsym packages by using dh_strip --dbgsym-migration. Bump Build-Depends on debhelper accordingly. * Bump Standards-Version to 3.9.7. * Use https:// for upstream homepage. -- Michael Biebl Fri, 18 Mar 2016 22:42:29 +0100 exempi (2.2.2-2) unstable; urgency=medium * Fix an out of bounds access when reading tag. Patch cherry-picked from upstream Git. (Closes: #784631) -- Michael Biebl Mon, 11 May 2015 03:34:01 +0200 exempi (2.2.2-1) unstable; urgency=medium * New upstream release. * Update watch file to also track .bz2 and .xz tarballs. * Add cryptographic signature verification for upstream tarball. * Bump Standards-Version to 3.9.6. No further changes. * Update Vcs-Browser URL to use cgit and https. -- Michael Biebl Fri, 08 May 2015 23:23:40 +0200 exempi (2.2.1-2) unstable; urgency=medium [ Wookey ] * Use dh-autoreconf during the build to support new architectures (Closes: #727296) [ Michael Biebl ] * Use canonical URIs for Vcs-* fields. * Bump Standards-Version to 3.9.5. No further changes. * Exclude libtool .la files from list-missing. -- Michael Biebl Mon, 23 Jun 2014 14:28:34 +0200 exempi (2.2.1-1) unstable; urgency=low * Remove Asheesh from Maintainer and move myself from Uploaders to Maintainer. Thanks Asheesh! * New upstream release. * Use --list-missing to show uninstalled files. * Bump Standards-Version to 3.9.4. No further changes. * Add a new binary package exempi, which contains the exempi command line utility. -- Michael Biebl Sun, 30 Jun 2013 08:02:39 +0200 exempi (2.2.0-1) unstable; urgency=low * New upstream release. * Switch to source format 3.0 (quilt) - Add debian/source/format. - Drop Build-Depends on quilt. - Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk include. - Remove debian/README.source. * Move from cdbs to dh - Drop Build-Depends on cdbs. - Bump Build-Depends on debhelper to (>= 7.0.50~) for override targets. - Convert debian/rules to use dh. * Bump Standards-Version to 3.9.2. No further changes. * Don't use brace expansion in .install files. * Bump shlibs due to API additions. * Bump debhelper compatibility level to 9, which enables hardening build flags and multiarch support. * Mark libexempi3, libexempi3-dev and libexempi-dev as Multi-Arch: same. -- Michael Biebl Wed, 22 Feb 2012 14:57:56 +0100 exempi (2.1.1-1) unstable; urgency=low * New upstream release. * debian/control - Bump Standards-Version to 3.8.2. No further changes. - Change section of libexempi3-dbg to debug. * debian/rules - Remove DEB_DH_INSTALL_SOURCEDIR, no longer required with debhelper v7 compat mode. * debian/patches/01-gcc_4.4_missing_includes.patch - Removed, merged upstream. -- Michael Biebl Wed, 01 Jul 2009 15:28:19 +0200 exempi (2.1.0-3) unstable; urgency=low * Merge changes from experimental branch. * debian/compat - Bump to debhelper v7 compat mode. * debian/control - Bump Build-Depends on debhelper to (>= 7). -- Michael Biebl Mon, 16 Feb 2009 00:44:01 +0100 exempi (2.1.0-2) experimental; urgency=low * debian/control - Update Vcs-* headers. Package is now managed with Git on git.debian.org. -- Michael Biebl Wed, 28 Jan 2009 21:27:36 +0100 exempi (2.1.0-1) experimental; urgency=low * New upstream release. * debian/control - Add Build-Depends on zlib1g-dev. - Add ${misc:Depends} to all binary packages. * debian/patches/01-gcc_4.4_missing_includes.patch - Refreshed and updated to the latest code changes. * debian/libexempi3.shlibs - Add shlibs file and set it to (>= 2.1.0) due to API additions. -- Michael Biebl Sun, 28 Dec 2008 21:56:13 +0100 exempi (2.0.2-2) unstable; urgency=low * Switch patch management system to quilt. * debian/control - Add Build-Depends on quilt. * debian/rules - Include patchsys-quilt.mk cdbs rules file. * debian/README.source - Document the usage of quilt as patch management system and refer to the quilt documentation for further information. * debian/patches/01-gcc_4.4_missing_includes.patch - Add missing includes to fix FTBFS with GCC 4.4. (Closes: 504944) Thanks to Martin Michlmayr for the patch. -- Michael Biebl Sat, 08 Nov 2008 15:30:52 +0100 exempi (2.0.2-1) unstable; urgency=low * New upstream release. * debian/control - Bump Standards-Version to 3.8.0. No further changes. -- Michael Biebl Sun, 24 Aug 2008 01:27:18 +0200 exempi (2.0.1-1) unstable; urgency=low * New upstream release. * debian/libexempi-dev.install - No longer install the libtool *.la file. -- Michael Biebl Tue, 29 Apr 2008 03:50:56 +0200 exempi (2.0.0-1) unstable; urgency=low * New upstream release. -- Michael Biebl Wed, 02 Apr 2008 06:21:58 +0200 exempi (1.99.9-1) unstable; urgency=low * New upstream release. * debian/control - Remove leading article from short package description. -- Michael Biebl Sat, 02 Feb 2008 04:54:26 +0100 exempi (1.99.8-1) unstable; urgency=low * New upstream release. * debian/patches/01-configure_unittest.patch - Removed, merged upstream. * debian/patches/02-buffer_overflow_gif_header.patch - Removed, merged upstream. -- Michael Biebl Sat, 26 Jan 2008 21:45:01 +0100 exempi (1.99.7-1) unstable; urgency=medium * New upstream release. - Adds missing #includes which fixes FTBFS with GCC 4.3. (Closes: #456087) * debian/control - Bump Standards-Version to 3.7.3. No further changes required. - Drop Build-Depends on libboost-dev. - Make the -dbg package be Priority: extra. * debian/rules - Disable compilation of the unit tests. * debian/patches/01-configure_unittest.patch - Make compilation of the unit tests (which require boost) optional. Patch is pulled from upstream git. * debian/patches/02-buffer_overflow_gif_header.patch - Fix a buffer overflow in the ReadHeader() function when reading GIF images. This poses a security risk as it allows arbitrary code execution. Upload with urgency medium. (Closes: #454297) Thanks to Sjoerd Simons for the help tracking this bug down. -- Michael Biebl Thu, 24 Jan 2008 01:39:45 +0100 exempi (1.99.5-1) unstable; urgency=low * New upstream release. * debian/control - Use the new "Homepage:" field to specify the upstream URL. - The Vcs-* fields are now officially supported, so remove the XS- prefix. * SONAME bump as ABI has changed. Rename package libexempi2 to libexempi3. -- Michael Biebl Wed, 07 Nov 2007 15:29:59 +0100 exempi (1.99.4-1) unstable; urgency=low * New upstream release. -- Michael Biebl Sun, 26 Aug 2007 00:18:41 +0200 exempi (1.99.3-1) unstable; urgency=low * Initial release. (Closes: #438166) -- Asheesh Laroia Wed, 15 Aug 2007 05:20:40 +0200