* SECURITY UPDATE: Out-of-bounds write
- debian/patches/CVE-2020-35738.patch: checks bounds
in order to avoid/fix integer overflows resulting in buffer
overruns in src/pack_utils.c.
- CVE-2020-35738
[ Ondřej Nový ]
* Bump Standards-Version to 4.4.1
[ Sebastian Ramacher ]
* New upstream version 5.2.0
* debian/rules: Override with new changelog path
* debian/patches: Remove all patches, all included upstream
* debian/control: Set RRR: no
* debian/patches: Cherry-pick upstream patches to fix use of uninitialized
values. (CVE-2019-1010317, CVE-2019-1010319) (Closes: #932060, #932061)
* debian/: Bump debhelper compat to 12.
* debian/control: Bump Standards-Version.
* debian/patches: Cherry-pick upstream patches to fix use of uninitialized
values. (CVE-2019-11498) (Closes: #927903)
* debian/control: Bump Standards-Version.
* debian/patches: Cherry-pick upstream patches for multiple CVEs
(CVE-2018-19840, CVE-2018-19841). (Closes: #915564, #915565)
* debian/control:
- Remove old Pre-Depends.
- Add myself to Uploaders.
- Bump Standards-Version.
* debian/copyright: Convert to CF-1.0.
* debian/:
- Convert to dh.
- Bump debhelper compat level to 11.
* debian/watch: Update to version 4.
* debian/rules: Build with all hardening options enabled.
* Team upload.
[ Ondřej Nový ]
* d/control: Set Vcs-* to salsa.debian.org
* d/rules: Remove trailing whitespaces
[ Felipe Sateler ]
* Change maintainer address to debian-multimedia@lists.debian.org
[ Sebastian Ramacher ]
* debian/control: Bump Standards-Version.
* debian/patches:
- Cherry-pick upstream patches for multiple CVEs (CVE-2018-7254,
CVE-2018-7253, CVE-2018-6767, CVE-2018-10540, CVE-2018-10539,
CVE-2018-10538, CVE-2018-10537, CVE-2018-10536). (Closes: #889274,
#889276, #889559, #897271, #890014)
- Fix a memory leak.
* Bump Standards-Version to 4.0.0.
* Drop myself from Uploaders.
* Team upload.
* New upstream release.
* debian/patches: Removed patches included upstream.
* debian/copyright: Update copyright years.
* Team upload.
* debian/patches: Apply upstream fix to fix some fuzz failures
(CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172). (Closes:
#853076)
* Team upload.
* New upstream release.
* debian/libwavpack1.symbols: Add new symbols.
* debian/copyright: Update copyright information.
* debian/control: Bump Standards-Version.
* Team upload.
* New upstream release.
* debian/patches/mark-stack-non-executable.patch: Removed, included
upstream.
* debian/control:
- Bump Standards-Version, no changes needed.
- Update Vcs-*.
* Team upload.
* debian/rules:
- No longer pass --enable-mmx on amd64. It was removed.
- Pass --disable-asm on armel and armhf to fix FTBFS.
* Team upload.
* New upstream release.
* debian/patches/mark-stack-non-executable.patch: Mark stack as
non-executable. Thanks to Russell Coker for the patch. (Closes: #793320)
* debian/control: Remove ${shlibs:Depends} from libwavpack-dev's Depends.
* Team upload.
* New upstream release:
- improved: reorganization for modularity and to improve linking
- added: assembler optimizations for encode/decode on x86 and x64
- added: assembler optimizations for decoding on ARMv7 (Linux)
- improved: several minor speed optimizations using intrinsics
- fixed: wavpack.pc.in not working correctly on some Linux distros
- fixed: memcpy() issue causing abort() on OpenBSD
* Touch Standards-Version
* New upstream release:
+ debian/patches/0001-pkgconfig.patch,
debian/patches/0002-largefile.patch:
- Drop patches that were merged upstream.
* Team upload.
* Check for large files support on 32-bit systems too.
Thanks to Frank Lübeck for the report. (Closes: #666340)
* Add dh-autoreconf to the build.
* Bump debhelper requirement to match debian/compat.
* Bump Standards.
* Team upload.
* Enable Multi-Arch support (Closes: #651017):
- debian/{*.install,control,rules}: Update references and enable
Multi-Arch: same; patch from Becka Morgan.
- debian/patches/0001-pkgconfig.patch: Avoid wavpack.pc to be
broken after switching to Multi-Arch.
* Fix lintian's warnings:
- binary-control-field-duplicates-source
- copyright-refers-to-deprecated-bsd-license-file
- description-synopsis-starts-with-article
* Enable MMX extensions on amd64.
* Correct maintainer's name, add VCS fields.
* Bump debian/compat.
* Bump Standards version.
* Add gbp config file.
* New upstream release:
+ debian/rules:
- Some cleanup.
+ debian/*.1.xml,
debian/wavpack.manpages,
debian/control:
- Manpages are upstream now.
* debian/source/format:
+ Switch to 3.0 (quilt) and use upstream's tar.bz2.
* New upstream release:
+ debian/libwavpack1.symbols,
debian/libwavpack1.shlibs:
- Updated for the API additions.
* debian/control:
+ Updated Standards-Version to 3.8.3.
+ Add ${shlibs:Depends} to the -dev package.
* debian/control,
debian/compat:
+ Updated to debhelper compat level 6.
* New upstream bugfix release.
* New upstream release:
+ debian/patches/01_memory-alignment.patch:
- Dropped, fixed different upstream.
+ debian/libwavpack1.shlibs:
- Updated to >= 4.50.0 because of new flags for some functions.
* debian/control:
+ Set maintainer to pkg-multimedia.
+ Wrap control fields.
+ Move homepage to the Homepage field.
+ Update Standards-Version to 3.8.0, no additional changes needed.
* debian/libwavpack1.symbols,
debian/control:
+ Add a symbol file for WavPack and build depend on new enough dpkg-dev
for this.
* debian/control:
+ Update Standards-Version to 3.7.3, no additional changes needed.
+ Use ${binary:Version} instead of ${Source-Version}.
* debian/patches/01_memory-alignment.patch:
+ Fix alignment issues which result in a SIGBUS on sparc (Closes: #476234).
* New upstream release without API changes.
* debian/patches/01_fix-undefined-extern.diff:
+ Dropped, not necessary anymore.
* Upload to unstable
* debian/control:
+ Update to use my debian.org mail address
[ Sebastian Dröge ]
* New upstream release
* debian/control:
+ Update package name for new soname and remove now unnecessary conflicts
+ Drop unnecessary libncurses (build) dependency
* debian/rules:
+ Adjust for new package name
* debian/libwavpack1.shlibs:
+ Set shlibs minimal version from here
* debian/patches/01_fix-undefined-extern.diff:
+ Updated for new file locations
* debian/compat:
+ Update to 5
[ Loic Minier ]
* Add year 2006 to copyright.
* Make sure that dh_makeshlibs of libwavpack0 is called before dh_shlibdeps
of wavpack to generate correct dependencies.
* New upstream release:
+ New wvgain utility for calculating and adding ReplayGain informations
to files
+ Fix a crasher on big-endian systems
+ Some usuability improvements to the commandline utilities
* No need to use -fsigned-char anymore
* debian/wvgain.1.xml: added manpage for the new wvgain utility
* List files which are not in any package after build
* Add a Conflict with gstreamer0.8-misc (<< 0.8.12-2) on libwavpack0 as this
update breaks ABI and gst-plugins0.8 has to be rebuild against the new
version. I didn't invent a .debian soname as upstream promises to use a
correct soname in the future when breaking ABI and gstreamer0.8-misc is
the only rdepend.
* Use -fsigned-char to solve problems with decoding/encoding on different
archs where chars are unsigned by default (including powerpc)
* Install the README only in the -dev package
* Initial Revision (Closes: #333087)
* 01_fix-undefined-extern.diff:
+ Fix from Gnome BTS #321212 for setting an extern variable. Fixes
gstreamer plugin and maybe more