gnome-autoar (0.2.3-2ubuntu0.4) focal-security; urgency=medium * SECURITY REGRESSION: Fix extracting one-file archives (LP: #1929304) - debian/patches/fix_one_file_archives.patch: don't create en empty folder when extracting with nautilus in gnome-autoar/autoar-extractor.c. - debian/patches/fix_one_file_archives2.patch: prevent redundant path name handling for equal prefixes in gnome-autoar/autoar-extractor.c. -- Marc Deslauriers Fri, 04 Jun 2021 07:03:08 -0400 gnome-autoar (0.2.3-2ubuntu0.3) focal-security; urgency=medium * SECURITY UPDATE: more directory traversal issues - debian/patches/CVE-2021-28650-*.patch: apply multiple commits from 0.3.1 to fix issues in gnome-autoar/autoar-extractor.c. - debian/patches/CVE-2020-36241.patch: removed, no longer needed. - debian/patches/CVE-2020-36241-2.patch: removed, no longer needed. - CVE-2021-28650 -- Marc Deslauriers Wed, 05 May 2021 12:57:41 -0400 gnome-autoar (0.2.3-2ubuntu0.2) focal-security; urgency=medium * SECURITY REGRESSION: missing subfolder creation (LP: #1917812) - debian/patches/CVE-2020-36241-2.patch: do not fail if parent folders don't exist in gnome-autoar/autoar-extractor.c. -- Marc Deslauriers Mon, 08 Mar 2021 07:27:13 -0500 gnome-autoar (0.2.3-2ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: directory traversal issue (LP: #1901240) - debian/patches/CVE-2020-36241.patch: do not extract files outside the destination dir in gnome-autoar/autoar-extractor.c. - CVE-2020-36241 -- Marc Deslauriers Wed, 10 Feb 2021 13:59:00 -0500 gnome-autoar (0.2.3-2) unstable; urgency=medium * Restore -Wl,-O1 to our LDFLAGS * Bump Standards-Version to 4.3.0 -- Jeremy Bicha Sun, 23 Dec 2018 09:39:18 -0500 gnome-autoar (0.2.3-1) unstable; urgency=medium * New upstream release -- Jeremy Bicha Sun, 25 Feb 2018 09:31:28 -0500 gnome-autoar (0.2.2-3) unstable; urgency=medium * Update Vcs fields for migration to https://salsa.debian.org/ * Bump debhelper compat to 11 -- Jeremy Bicha Sat, 03 Feb 2018 21:57:41 -0500 gnome-autoar (0.2.2-2) unstable; urgency=medium * Update Vcs fields for conversion to git * Add debian/gbp.conf * Bump Standards-Version to 4.1.2 -- Jeremy Bicha Thu, 14 Dec 2017 12:40:15 -0500 gnome-autoar (0.2.2-1) unstable; urgency=medium * New upstream release * debian/control.in: Build-depend on valac * debian/libgnome-autoar-0-dev.install: - Install vala bindings * Drop libgnome-autoar-common package since the new version does not install the currently unused gsettings schemas * Bump Standards-Version to 4.1.0 -- Jeremy Bicha Wed, 30 Aug 2017 08:21:03 -0400 gnome-autoar (0.1.1-4) unstable; urgency=medium * Add Build-Depends on gnome-common, required for autoreconf. * Use dh_gnome --no-gnome-versions as the package does not (yet) follow the typical GNOME versioning scheme. -- Michael Biebl Mon, 12 Sep 2016 19:26:31 +0200 gnome-autoar (0.1.1-3) unstable; urgency=medium * Fix the typo in debian/control.in, not debian/control. -- Michael Biebl Mon, 05 Sep 2016 19:16:38 +0200 gnome-autoar (0.1.1-2) unstable; urgency=medium * Fix typo in libgnome-autoar-gtk-0-dev dependencies. -- Michael Biebl Mon, 05 Sep 2016 19:08:35 +0200 gnome-autoar (0.1.1-1) unstable; urgency=medium * Initial release. (Closes: #836703) -- Michael Biebl Sun, 04 Sep 2016 23:09:37 +0200