sabnzbdplus (2.3.6+dfsg-1+deb10u2) buster; urgency=medium * Backport upstream security fix to prevent a directory escape in the renamer function via malicious par2 files. (CVE-2021-29488) -- Jeroen Ploemen Wed, 25 Aug 2021 12:09:55 +0000 sabnzbdplus (2.3.6+dfsg-1+deb10u1) buster; urgency=medium * Backport upstream security fixes to prevent code execution from the program's web interface through crafted settings. (CVE-2020-13124) -- JCF Ploemen (jcfp) Fri, 05 Mar 2021 16:05:53 +0000 sabnzbdplus (2.3.6+dfsg-1) unstable; urgency=medium * New upstream release. * Rules: increase desktop icon size to 64x64 pixels. * Desktop: add MimeType key. * Mime: add d/sabnzbdplus.sharedmimeinfo. * Patches: add 90_rss_feed_without_id_would_crash, backported from upstream commit 832b4fd7. * Bump Standards-Version to 4.3.0 (from 4.1.4; no further changes). * Control: remove build-dep on subversion, no longer needed by get-orig-source target; and add wget. -- JCF Ploemen (jcfp) Sat, 29 Dec 2018 09:44:43 +0000 sabnzbdplus (2.3.4+dfsg-1) unstable; urgency=medium [ JCF Ploemen (jcfp) ] * New upstream release: + accepts Cheetah versions newer than 2. (Closes: #900826) * Desktop: append %F field code to Exec key. * Manpage: + document option to add nzb files via cli. + remove obsolete options, add new --disable-file-log. * Rules: exclude example scripts from compression. * Patches: refresh 04, 09. * Copyright: bump upstream year to 2018. * Compat: bump level to 11 (from 10). * Bump Standards-Version to 4.1.4 (from 4.1.3; no further changes). * Lintian: override debian-rules-contains-unnecessary-get-orig-source- target. [ Ondřej Nový ] * d/control: Remove ancient X-Python-Version field. -- JCF Ploemen (jcfp) Tue, 05 Jun 2018 20:42:24 +0000 sabnzbdplus (2.3.2+dfsg-1) unstable; urgency=medium * New upstream release. * Control: remove recommend on unzip, replaced upstream by 7zip which is already a dependency. * Bump Standards-Version to 4.1.3 (from 4.1.1; no further changes). * Patches: refresh 08. * Links: correct link name for moment.js in glitter. * Copyright: + bump packaging year to 2018. + update info for six, moment.js, bootstrap3-typeahead. + add entries for jquery-qrcode, filesize.js. * Missing-sources: + bump moment.js, bootstrap3-typeahead to match upstream. + add sources for jquery-qrcode, filesize.js. -- JCF Ploemen (jcfp) Wed, 03 Jan 2018 14:09:35 +0000 sabnzbdplus (2.3.1+dfsg-1) unstable; urgency=medium * New upstream release. (Closes: #858852) * Manpage: add links to API docs, upstream Github project page. * Copyright: + remove entries for files no longer shipped upstream: wizard's jquery and related missing-sources, sabnzbd/utils/ssmtplib.py, sabnzbd/utils/ordered.py, cherrypy/_cpcompat_subprocess.py. + add entries for jquery-tablesorter, six, chartlist, and pathbrowser. + correct a few minor typos in filenames. + update years and contact info for rarfile, moment.js, jquery. + refresh website info for rateit, codeplex is gone. * Patches: + refresh all. + modify 06 to stop dealing with feedparser. * Control: + bump version of debhelper build-dep and d/compat to 10 (from 9). + drop recommend on python-openssl: upstream switched to Python's builtin ssl. + remove dependency on consolekit, sleep/hibernate/etc are now supported via systemd/logind. (Closes: #862673) + depend on libjs-jquery-tablesorter, used in the Config interface. + drop dependency on python-feedparser: upstream includes a modified file with support for indexer tags and speed optimizations. + replace recommend on python-yenc with a depend python-sabyenc. The latter is a fork optimized for use within SABnzbd, resulting in a significant performance increase. * Rules: exclude utils/subprocess_fix.py from install (windows-only). * Links: + match upstream version bump of jquery in Config to 3.2.1. + add links for jquery-tablesorter and jquery-ui in Config. + add missing bootstrap woff/woff2 links in Config and Glitter. * Lintian: + remove unused override for wizard's jquery.js. + override embedded-feedparser-library, included file has relevant upstream modifications. + override debian-rules-parses-dpkg-parsechangelog, the suggested alternative is too impractical with a get-orig-source target. * README.Debian: refresh cherrypy rationale with current bugs/patches. * Missing-sources: + bump jquery and bootstrap versions in Config to match upstream. + handle missing jquery-ui in Config by adding a symlink to its equivalent in Glitter. + add sources for jquery-tablesorter and chartlist. + update moment.js to 2.18.1. + update Config jquery to 3.2.1. + remove all entries for the wizard interface: no longer needed. * Init: add support for the optional try-restart argument. * Bump Standards-Version to 4.1.1 (from 3.9.8; no further changes). * Docs: remove README.txt to prevent duplicate (already installed as changelog via d/rules). * Examples: add scripts/{Deobfuscate.py,Sample-PostProc.py}. -- JCF Ploemen (jcfp) Sun, 05 Nov 2017 15:04:14 +0000 sabnzbdplus (1.1.1+dfsg-1) unstable; urgency=medium * New upstream release. * Refresh all patches. * Rules: + use Config's logo-arrow.svg as new basis for menu icon. + no longer exclude Patch-for-CP-3.8.0.diff from install, file was removed upstream. * Control: + recommend python-cryptography, used for certificate generation and encrypted rarfile detection. + build-depend on librsvg2-bin to enable svg handling in imagemagick. + depend on python-six, needed by recent cherrypy releases. + bump X-Python-Version to 2.7 (from 2.6). * Links: update Glitter links, upstream now omits jquery version from filename. * Copyright: minor updates only, to match upstream javascript and cherrypy version bumps. * Man page: update links to upstream wiki, homepage. -- JCF Ploemen (jcfp) Fri, 11 Nov 2016 14:52:10 +0000 sabnzbdplus (1.0.3+dfsg-2) unstable; urgency=medium * Add dependency on lsb-base (>= 3.0-6), needed because the init script sources /lib/lsb/init-functions. * Remove the upper bound version restriction of the libjs-jquery dependency now that libjs-bootstrap was updated to 3.3.7, adding compatibility with jquery 3. (Closes: #841691) -- JCF Ploemen (jcfp) Mon, 24 Oct 2016 13:39:38 +0000 sabnzbdplus (1.0.3+dfsg-1) unstable; urgency=medium * New upstream release. -- JCF Ploemen (jcfp) Sat, 04 Jun 2016 13:53:50 +0000 sabnzbdplus (1.0.2+dfsg-1) unstable; urgency=medium * New upstream release. (Closes: #819896) * Patches: + refresh all. + expand patch 02 to also deal with the newly added systray icons. + make patch 08 also remove the version check option from the scheduler and the configuration interface. + rename and expand patch 09 to deal with more potential privacy breaches. * Merge the theme packages into the main package, and add Breaks and Replaces for all. With fewer interface themes and the reduced disk space requirements of a unified Config interface the case for splitting these up no longer exists. * Control: + bump required Python version to >= 2.6 (from >= 2.5). + recommend p7zip-full (7z support) and libavahi-compat-libdnssd1 (bonjour/zeroconf support), suggest python-gtk2 (tray icon). + depend on various javascript libraries (libjs-bootstrap, libjs-jquery, libjs-jquery-ui, libjs-moment) and provide the necessary symlinks within the Config and Glitter interfaces. Glitter requires a jquery version >= 1.11 for its multi-select dialog. Config requires a jquery release >= 1.9.1 (and << 3) to prevent problems with the folder select dialogs in the "Folders" and "Categories" sections. + remove obsolete versioning of par2, python-{openssl,yenc} deps. + use https for upstream homepage. * Rules: + remove dh_installinit override: no longer needed. + exclude sabtray.py (windows-only) and upstream cherrypy diff (not needed by end users) from install. + don't bother excluding files that get replaced by links anyway. + drop exclude for cherrypy/scaffold (removed upstream). + install README.txt as upstream changelog; the previously used CHANGELOG.txt was dropped upstream. * Watch: point to github (upstream is moving away from sf.net). * Examples: upstream moved the sample scripts into a subdir. * Desktop file, description: capitalize Usenet. * Manpage: update renamed command line option and changed default listening host; remove mention of a long defunct indexer. * Bump Standards-Version to 3.9.8 (from 3.9.6; no further changes). * README.Debian: expand cherrypy paragraph with current status, links to upstream patches and relevant bug reports. * Copyright and missing-sources: update it all. * Lintian: + simplify override for source-is-missing to a single line. + override insane-line-length-in-source-file: effectively duplicates already overridden source-contains-prebuilt-javascript-object. -- JCF Ploemen (jcfp) Mon, 09 May 2016 21:58:40 +0000 sabnzbdplus (0.7.20+dfsg-1) unstable; urgency=medium * Upload to unstable. * Lintian: + override source-contains-prebuilt-javascript-object: their inclusion by upstream is intentional. + override source-is-missing for assorted maintainer-added sources: all of these lintian hits are false positives. * Add missing source files for Plotkit.js. * Create a get-orig-source target to copy missing sources into the upstream tarball instead of keeping them in d/missing-sources. * Add build-deps on devscripts, dpkg-dev, and subversion: needed by get-orig-source. * Watch file: add dversionmangle to handle +dfsg suffix. * Copyright: adjust paths for missing-sources files. * Remove Debian menu support as per #741573. * Use https for Vcs-Browser. -- JCF Ploemen (jcfp) Fri, 23 Oct 2015 12:14:34 +0000 sabnzbdplus (0.7.20-1) experimental; urgency=medium * New upstream release. * Copyright: add license info for newly included util/pystone.py. -- JCF Ploemen (jcfp) Sat, 03 Jan 2015 23:39:40 +0000 sabnzbdplus (0.7.18-1) unstable; urgency=medium * New upstream release: + adds (basic) support for rar5 format. (LP: #1330146) * Init script: + rework to use new upstream --pidfile option. + set system locale in a bid to prevent encoding issues. * Update man page for new --pidfile option. * Add debian/missing-sources for various minified javascripts. * Copyright: + add RateIt jquery rating plugin, OrderedDict backport. + bump years for both upstream and packaging. + include copyright info for d/missing-sources. + correct jquery tooltip license info. + stop referring to symlink licenses. * Add patch 09_remove_external_resource_from_wizard.diff: prevent loading an external resource, replace with a plain text link. * Switch debian/rules to dh sequencer. * Set compat level to 9. * Build-depends: + add dh-python, now a separate package. + dump version requirement for python (no longer needed). + bump debhelper version to >= 9. * Recommend consolekit and promote python-dbus to recommended (from suggested), to ensure support for end-of-queue actions is available. (Closes: #706402) * Lintian: + Append an asteriks to the existing override to compensate for the description added to the embedded-javascript-library tag. + Override init.d-script-sourcing-without-test (false positive). * Bump Standards-Version to 3.9.6 (no changes needed). -- JCF Ploemen (jcfp) Tue, 07 Oct 2014 10:53:34 +0000 sabnzbdplus (0.7.16-1) unstable; urgency=low * New upstream release. * Init: remove redundant check. -- JCF Ploemen (jcfp) Tue, 03 Sep 2013 12:44:30 +0200 sabnzbdplus (0.7.13-1) unstable; urgency=low [ JCF Ploemen (jcfp) ] * New upstream release. * Desktop file: add keywords. * Init script: + improve dependency based booting params. + base external filenames on the script's name. * Tweak version of python build-dep (append tilde). [ Jakub Wilk ] * Use canonical URIs for Vcs-* fields. -- JCF Ploemen (jcfp) Fri, 14 Jun 2013 22:56:37 +0200 sabnzbdplus (0.7.11-1) experimental; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Thu, 07 Feb 2013 22:46:46 +0100 sabnzbdplus (0.7.9-1) experimental; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Sun, 06 Jan 2013 21:49:04 +0100 sabnzbdplus (0.7.8-1) experimental; urgency=low * New upstream release. * Remove defunct indexers from description. * Fulfill lintian's desire for a canonical vcs field. * Update copyright years. -- JCF Ploemen (jcfp) Fri, 04 Jan 2013 22:38:50 +0100 sabnzbdplus (0.7.6-1) experimental; urgency=low * New upstream release. * Bumped Standards-Version to 3.9.4 (no changes needed). -- JCF Ploemen (jcfp) Wed, 14 Nov 2012 15:04:34 +0100 sabnzbdplus (0.7.5-1) experimental; urgency=low * New upstream release. * Init script: adjust regexp to handle the space inserted by dh_python2's shebang rewriting. (Closes: #691312) -- JCF Ploemen (jcfp) Thu, 01 Nov 2012 14:04:59 +0100 sabnzbdplus (0.7.4-1) experimental; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Mon, 24 Sep 2012 21:24:49 +0200 sabnzbdplus (0.7.3-1) experimental; urgency=low * New upstream release. * Add missing epoch to dependencies on (un)rar. -- JCF Ploemen (jcfp) Mon, 13 Aug 2012 22:00:30 +0200 sabnzbdplus (0.7.2-1) experimental; urgency=low * New upstream release: + Refresh patches, update patch 02. + Add suggested dependency on python-notify. + Install the new unified configuration interface as part of the main package. + Minor man page update. + Update debian/copyright. * Bumped Standards-Version to 3.9.3 (no changes needed). * Changed my email address. -- JCF Ploemen (jcfp) Thu, 19 Jul 2012 14:35:05 +0200 sabnzbdplus (0.6.15-1) unstable; urgency=low * New upstream release. * Update copyright years. -- JCF Ploemen (jcfp) Wed, 08 Feb 2012 17:13:37 +0100 sabnzbdplus (0.6.14-1) unstable; urgency=low * New upstream release. * Correct section/priority of transitional package to oldlibs/extra. * Init script: add long LSB description. -- JCF Ploemen (jcfp) Sat, 10 Dec 2011 11:56:39 +0100 sabnzbdplus (0.6.10-1) unstable; urgency=low * New upstream release: + Install gntp as a private module. + Updated copyright to include the new gntp files. -- JCF Ploemen (jcfp) Wed, 12 Oct 2011 21:59:40 +0200 sabnzbdplus (0.6.9-1) unstable; urgency=low * New upstream release. * Switch to source format 3.0 (quilt). -- JCF Ploemen (jcfp) Thu, 01 Sep 2011 22:11:54 +0200 sabnzbdplus (0.6.8-1) unstable; urgency=low * New upstream release. * debian/rules: + Added build-{arch,indep} targets. + Clean up generated icons. -- JCF Ploemen (jcfp) Thu, 25 Aug 2011 21:58:35 +0200 sabnzbdplus (0.6.7-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Thu, 04 Aug 2011 21:16:37 +0200 sabnzbdplus (0.6.6-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Wed, 20 Jul 2011 22:55:51 +0200 sabnzbdplus (0.6.4-1) unstable; urgency=low * New upstream release: + Updated patch 02 to match. * Added new command line option to the man page. -- JCF Ploemen (jcfp) Wed, 08 Jun 2011 18:58:44 +0200 sabnzbdplus (0.6.2-1) unstable; urgency=low * New upstream release: + Updated copyright, man page, and patches 02, 06, and 08 to match. * Switching from dh_pysupport to dh_python2. * Added desktop menu entries. * Init script: + Permit setting a group too (chown syntax, USER=u:g). * debian/rules: + Replace dh_clean -k with dh_prep. + Generate translations on build. + Install menu entries. * debian/control: + Allow all Python 2.x versions >= 2.5. + Build-depend on imagemagick, for converting icons. + Downgrade smpl dependency to recommended, and make plush a hard dependency (plush is the default and fallback theme in >= 0.6.0). + Require debhelper 7.0.0 (for dh_prep). * Bumped Standards-Version to 3.9.2 (no changes needed). -- JCF Ploemen (jcfp) Tue, 24 May 2011 19:05:45 +0200 sabnzbdplus (0.5.6-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Thu, 18 Nov 2010 19:08:52 +0100 sabnzbdplus (0.5.5-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Sat, 23 Oct 2010 22:30:32 +0200 sabnzbdplus (0.5.4-1) unstable; urgency=low * New upstream release (Closes: #593829). * Bumped Standards-Version to 3.9.1 (no changes needed). * Init script: moved start and stop procedures into functions. * Updated man page. -- JCF Ploemen (jcfp) Sun, 22 Aug 2010 21:10:15 +0200 sabnzbdplus (0.5.3-1) unstable; urgency=low * New upstream release. * Added status action to the init script. * Minor update of man page and package description. * Bumped Standards-Version to 3.9.0 (no changes needed). -- JCF Ploemen (jcfp) Mon, 19 Jul 2010 18:10:28 +0200 sabnzbdplus (0.5.2-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Thu, 15 Apr 2010 22:55:13 +0200 sabnzbdplus (0.5.0-2) unstable; urgency=low * In case of the default/fallback theme, have the main package rather than the theme enforce matching their source versions to prevent a circular hard dependency (Closes: #575480). -- JCF Ploemen (jcfp) Fri, 26 Mar 2010 14:50:35 +0100 sabnzbdplus (0.5.0-1) unstable; urgency=low * New upstream release (Closes: #568208). * Updated debian/copyright to match. * Program now works with Python 2.6, no longer force 2.5: + Updated debian/pyversions. + Removed '-V2.5' option from dh_pysupport call. + Removed notice from README.source. + Dropped patch 05. * Dropping patch 01: no longer needed. * Updated remaining patches: + Updated 02, 04 and 08 to work with new release. + Added 06_use_packaged_modules.dpatch: point to system python modules rather than included copies. + Merged 07_use_system_configobj.dpatch into patch 06. * Dependencies: + Removed python-cherrypy, application was ported to cherrypy3. + Removed dep. on python-2.4 specific python-(c)elementtree. + Require rather than recommend python-feedparser. + Require sabnzbdplus-theme-smpl: it is now the default and fallback interface. + Recommend rather than suggest sabnzbdplus-theme-{plush,classic} since those are in the newly introduced configuration wizard. + Drop libjs-jquery from -theme-plush: now combined with a number of other javascripts into a single file, making it impossible to use the packaged jquery. + Add libjs-excanvas dependency to -theme-smpl. + Allow rar as an alternative for unrar. + Suggest python-dbus to support the end-of-queue actions. + Version (un)rar dependencies due to the programs use of command line options only available in more recent versions of unrar. * Overriding lintian warning about jquery: + Adding debian/sabnzbdplus.lintian-overrides. + Adding dh_lintian call in debian/rules. + Bumpimg debhelper version to >= 6.0.7 (needed for dh_lintian). + Setting debian/compat to 6. * Priority is back to optional (no more python-cherrypy). * Changed sabnzbdplus-theme-iphone to a transitional package: no longer included upstream, replaced by "Mobile". * New binary packages: + sabnzbdplus-theme-mobile, new theme replacing -theme-iphone. + sabnzbdplus-theme-classic: formerly "Default" and included in the main package. * Updated various docs: man page, README.source. * Modified the init script: + Account for the side effects of the program's builtin restart function. + Assorted minor improvements. * Using debian/sabnzbdplus.examples rather than sabnzbdplus.docs for the sample post-processing script. * Bumped Standards-Version to 3.8.4 (no changes needed). * Install included patched copy of cherrypy3: both 3.1.x and 3.2.0rc1 suffer from crippling bugs in the https implementation. -- JCF Ploemen (jcfp) Sun, 21 Feb 2010 21:32:58 +0100 sabnzbdplus (0.4.12-1) unstable; urgency=low * New upstream release. * Bumped Standards-Version to 3.8.3 (no changes needed). * Adding patches: + debian/patches/08_disable_new_version_check.dpatch: disable the builtin check for new versions. (Closes: #530628) + debian/patches/05_force_python_version.dpatch: program doesn't support Python 2.6 yet: force use of Python 2.5. * Minor changes in debian/pyversions and debian/rules regarding the exclusive use of Python 2.5. * Documenting Python 2.6 compatibility issue in debian/README.source. * Updated man page. * Init.d script: + run later, so all networking is already configured at startup, and add NetworkManager as a Should-Start,Stop. dependency to the LSB Init Info. (LP: #402045) + assorted minor tweaks. * Changed Priority to extra, following dependency python-cherrypy that was demoted from optional to extra in 2.3.0-3. * Drop versioning of dependencies on unzip, unrar. -- JCF Ploemen (jcfp) Mon, 05 Oct 2009 22:44:55 +0200 sabnzbdplus (0.4.11-1) unstable; urgency=low * New upstream release. -- JCF Ploemen (jcfp) Thu, 21 May 2009 12:11:43 +0200 sabnzbdplus (0.4.9-1) unstable; urgency=low * Initial release. (Closes: #514156) * Adding patches: + debian/patches/01_remove_script_headers.dpatch: prevent lintian from complaining about non-executable scripts. + debian/patches/02_find_parts_in_usr_share.dpatch: make the program find parts (interface templates, python modules) under /usr/share. + debian/patches/04_use_config_when_daemon.dpatch: use the normal configuration when run as a daemon to prevent the program from trying to store its configuration and internal accounting files in /usr/bin. + debian/patches/07_use_system_configobj.dpatch: use the system configobj rather than the included stock copy. -- JCF Ploemen (jcfp) Fri, 27 Mar 2009 20:19:16 +0100