libyaml (0.2.5-1) unstable; urgency=medium [ Debian Janitor ] * Use secure copyright file specification URI. * Set debhelper-compat version in Build-Depends. * Set upstream metadata fields: Bug-Database, Bug-Submit (from ./configure), Repository, Repository-Browse. * Drop transition for old debug package migration. * Update standards version to 4.6.0, no changes needed. [ Florian Ernst ] * [de63dcd] debian/watch: update as per latest uscan recommendations. This allows detecting new upstream releases again and also migrates to the actual upstream source tarballs not containing any pre-built stuff like documentation, saving a bunch of lintian errors/warnings. * [1b08058] New upstream version 0.2.5 (Closes: #987895) * [dfbe297] debian/copyright: update years according to most recent changes * [183f9d4] upgrade to recommended debhelper-compat (= 13) But ignore libtool library during installation and simplify debian/rules * [982974f] debian/rules: enable hardening=+all * [1f7cabe] debian/libyaml-0-2.symbols: add Build-Depends-Package meta-information * [1104826] debian/control: declare Rules-Requires-Root: no * [8f2e2e6] debian/tests/: add upstream tests as autopkgtest * [f5e5378] Add Salsa pipeline via debian/salsa-ci.yml file * [88cfa12] salvaging the package and moving to Debian group on Salsa (Closes: #1012344) * [da1b78b] debian/control: Standards-Version: 4.6.1.0 (no further changes required) -- Florian Ernst Wed, 06 Jul 2022 16:45:09 +0200 libyaml (0.2.2-1) unstable; urgency=medium * New upstream version 0.2.2. * Bump Standards-Version to 4.4.0 and Debhelper compat to 12. -- Anders Kaseorg Sat, 14 Sep 2019 19:50:18 -0700 libyaml (0.2.1-1) unstable; urgency=medium * New upstream version 0.2.1. + Moved canonical repo to GitHub. (Closes: #865709) * Bump Standards-Version to 4.1.4 and debian/compat to 11. + Moved documentation in libyaml-doc from /usr/share/doc/libyaml-doc to /usr/share/doc/libyaml-dev. -- Anders Kaseorg Tue, 26 Jun 2018 20:25:08 -0400 libyaml (0.1.7-2) unstable; urgency=medium * Clean doxygen-generated documentation with dh_doxygen. * Mark libyaml-doc Multi-Arch: foreign. * Add libyaml-0-2.symbols file. -- Anders Kaseorg Fri, 30 Sep 2016 22:06:09 -0400 libyaml (0.1.7-1) unstable; urgency=medium * New upstream version 0.1.7. + Fix segfault in yaml_string_write_handler. + Fix invalid simple key assertion. * Drop upstreamed patches. * Migrate packaging from CDBS to dh. * Drop libyaml-0-2-dbg in favor of automatically generated libyaml-0-2-dbgsym package. -- Anders Kaseorg Sat, 03 Sep 2016 06:48:38 -0400 libyaml (0.1.6-3) unstable; urgency=high * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion failure caused by wrapped strings. (Closes: #771366) * Bump Standards-Version to 3.9.6 (no changes needed). -- Anders Kaseorg Fri, 28 Nov 2014 22:05:10 -0500 libyaml (0.1.6-2) unstable; urgency=medium * Move doxygen from Build-Depends to Build-Depends-Indep. -- Anders Kaseorg Tue, 19 Aug 2014 21:56:25 -0400 libyaml (0.1.6-1) unstable; urgency=medium * New upstream version 0.1.6. + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. + Fix CVE-2014-2525: heap-based buffer overflow in yaml_parser_scan_uri_escapes. * Drop upstreamed patches. * Run tests at build time. * Bump Standards-Version to 3.9.5 (no changes needed). * Use dh-autoreconf. (Closes: #745078) * Use dh-buildinfo. * Add libyaml-doc package for Doxygen-generated API documentation and examples. (Closes: #696821) * Acknowledge NMUs. -- Anders Kaseorg Tue, 19 Aug 2014 00:03:53 -0400 libyaml (0.1.4-3.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2014-2525.patch patch. CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. The heap overflow is caused by not properly expanding a string before writing to it in function yaml_parser_scan_uri_escapes in scanner.c. (Closes: #742732) -- Salvatore Bonaccorso Thu, 27 Mar 2014 06:22:25 +0100 libyaml (0.1.4-3.1) unstable; urgency=medium * Non-maintainer upload. * Drop libyaml-indent-column-overflow-v2.patch patch. This patch causes additional regressions on simple YAML files. * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. Add upstream's patch to guard against overflows in indent and flow_level. (Closes: #738587) -- Salvatore Bonaccorso Thu, 13 Feb 2014 07:51:58 +0100 libyaml (0.1.4-3) unstable; urgency=high * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. (Closes: #737076) -- Anders Kaseorg Wed, 29 Jan 2014 20:11:48 -0500 libyaml (0.1.4-2) unstable; urgency=low * Remove extra libyaml-0.so symlink from libyaml-dev. * Bump Debhelper compat level to 9. * Support multiarch. (Closes: #653748) (LP: #905630) * Use 3.0 (quilt) source format. -- Anders Kaseorg Fri, 30 Dec 2011 17:14:52 -0500 libyaml (0.1.4-1) unstable; urgency=low * New upstream version 0.1.4. + Fixed a bug that prevented an empty mapping being used as a simple key. + Fixed pointer overflow when calculating the position of a potential simple key. + Added pkg-config support. (Closes: #537834) * Remove unneded libyaml.la file. (Closes: #622452) * Add libyaml-0-2-dbg package with debugging symbols. (Closes: #592747) * Bumped standards version to 3.9.2 without further change -- Anders Kaseorg Mon, 30 May 2011 22:27:27 -0400 libyaml (0.1.3-1) unstable; urgency=low * New upstream version 0.1.3. + This release fixes non-standard structure initialization and a streaming-related issue. * Bump priority from extra to optional. -- Anders Kaseorg Sun, 04 Oct 2009 14:07:18 -0400 libyaml (0.1.2-1) unstable; urgency=low * New upstream version 0.1.2. + Fixed grammar in error messages (from YAML::XS::LibYAML). + Rewritten whitespace detection in the scalar analyzer and block scalar writers (ported from PyYAML). + Fixed emitting folded scalars with trailing breaks; Forced emitting of a document end indicator when there is a possibility of ambiguous parsing. -- Anders Kaseorg Mon, 29 Dec 2008 21:10:48 -0500 libyaml (0.1.1-1) unstable; urgency=low * Initial release (Closes: #484381). -- Anders Kaseorg Tue, 10 Jun 2008 02:37:34 -0400