freeimage (3.15.4-4.2+deb8u1) jessie-security; urgency=high * [f51f898] Fix CVE-2015-3885: integer overflow in the ljpeg_start function (Closes: #786790) * [b2e0c3f] Fix CVE-2016-5864: apply patch from wheezy-security. Thanks to Salvatore Bonaccorso, Balint Reczey and Chris Lamb (Closes: #839827) -- Anton Gladky Tue, 11 Oct 2016 21:00:24 +0200 freeimage (3.15.4-4.2) jessie-security; urgency=high * Non-maintainer upload. * Fix integer overflow CVE-2015-0852. (Closes: #797165) -- Anton Gladky Thu, 29 Oct 2015 19:06:00 +0100 freeimage (3.15.4-4.1) unstable; urgency=medium * Non-maintainer upload * Remove libjpeg8-dev from Build-Depends * Add compatibility transupp.c from src:libjpeg-turbo and use that to compile against libjpeg62 (Closes: #763255) * Make d/copyright machine readable and add jpeg/* and Source/LibJPEG/* license -- Ondřej Surý Mon, 06 Oct 2014 11:29:52 +0200 freeimage (3.15.4-4) unstable; urgency=medium * QA upload. * Build-depend on libjpeg8-dev. Patch by Dejan Latinovic . Closes: #763255. * Improve big endian detection. Add fix-big-endian-detection.patch. Patch by Dejan Latinovic . Closes: #763730. * Refresh patches -- Anibal Monsalve Salazar Thu, 02 Oct 2014 10:18:47 +0100 freeimage (3.15.4-3) unstable; urgency=low * QA upload. * disable_embedded_libraries.patch - Use system libtiff (Closes: #735249) Thanks to Sabayon from Gentoo for the hints * tag_truncation.patch - Cherry pick upstream fix for truncation of tags in TIFF files Thanks to Julian Taylor (Closes: #735847) -- Scott Howard Sun, 19 Jan 2014 21:44:52 -0500 freeimage (3.15.4-2) unstable; urgency=low * Fix FTBFS from declaring UINT64 twice - updated debian/patches/fixes_ftbfs_amd64.patch -- Scott Howard Tue, 14 Jan 2014 11:51:54 -0500 freeimage (3.15.4-1) unstable; urgency=low * QA Upload * New upstream minor release - Includes fix to build on !linux (Closes: #650485) * Refreshed patches (line endings had to change) - Remove document-mode.patch (accepted upstream) * Lintian fixes: S-V 3.9.5, DM-Upload-Allowed removed * Remove document-mode.patch (accepted upstream) -- Scott Howard Mon, 13 Jan 2014 21:57:45 -0500 freeimage (3.15.1-2) unstable; urgency=low * QA upload. * debian/patches/document-mode.patch: - Fix FTBFS with LibRaw 0.15 (Closes: #710133). -- Luca Falavigna Thu, 11 Jul 2013 11:22:37 +0200 freeimage (3.15.1-1) unstable; urgency=low [ Evan Broder ] * QA upload. * New upstream release (closes: 649541, LP: #898825, #898845) - Refreshed patches. + Abuse dh-autoreconf to generate Makefile.srcs and fipMakefile.srcs patches at build time - Update debian/freeimage-get-orig-source for the new version. - Add new build-dep libraw-dev. - Update patch to disable embedded libraries to deal with API changes in libpng, libmng, and libraw. - Make sure we install symlinks for libfreeimageplus. - Use (upstream-supported) CFLAGS instead of COMPILERFLAGS. * Switch to source format 3.0 (quilt) * Switch to dh(1) and debhelper compat 8 * Add missing misc:Depends. * Include the upstream changelog. * Update Debian standards version (no other changes needed). [ Stefano Rivera ] * Dropped README.source. * Updated freeimage (3.9.5) fixes CVE-2011-1167, CVE-2011-0192, CVE-2010-2595 * Override lintian's embedded-library error for libtiff. It wasn't extricable. -- Evan Broder Tue, 06 Dec 2011 14:31:21 +0200 freeimage (3.10.0-4) unstable; urgency=low * Fix copy-pasto in tif_config.h. -- Julien Cristau Fri, 29 Oct 2010 22:39:26 +0200 freeimage (3.10.0-3) unstable; urgency=low * Don't use embedded copies of various libraries, add build-deps on their packaged versions (closes: #595560): - libjpeg 6b - libmng 1.0.9 - libopenjpeg 1.2.0 - libpng 1.2.23 + CVE-2010-2249, CVE-2010-1205, CVE-2010-0205, CVE-2009-2042, CVE-2008-6218, CVE-2008-5907, CVE-2009-0040, CVE-2008-3964, CVE-2008-1382 - openexr 1.6.1 + CVE-2009-1720, CVE-2009-1721 - zlib 1.2.3 * The embedded libtiff copy is still used, because freeimage uses its internals and I couldn't figure out how to unentangle this. Update the tiff copy to 3.9.4-5, though: CVE-2010-3087, CVE-2010-2483, CVE-2010-2482, CVE-2010-2481, CVE-2010-2443, CVE-2010-2233, CVE-2010-2067, CVE-2010-2065, CVE-2010-1411, CVE-2009-2347, CVE-2008-2327. * Add tiff copyright and license to debian/copyright (closes: #601002) * Link with -lm (closes: #558857). * Try to avoid arch-specific values in our copy of tif_config.h and tiffconf.h (closes: #601762) * Set LFS CFLAGS in Makefile.gnu. * Orphan package (closes: #595559). -- Julien Cristau Fri, 29 Oct 2010 14:46:46 +0200 freeimage (3.10.0-2) unstable; urgency=low * Fixed typo in short description of libfreeimage3-dbg. (Closes: #518647) * Adjusted patched to not need -p0 (Closes: #485251). * Made package priority optional. * Moved libfreeimage3-dbg package into debug section. * Added debian/README.source. * Added watch file. * Added myself to Uploaders. * Updated Standards-Version. -- Michael Koch Tue, 15 Sep 2009 20:12:53 +0200 freeimage (3.10.0-1) unstable; urgency=low * New upstream release. Closes: #471242 * Added extra freeimage documentation in orig tarball. * Added get-orig-source target. * Added Homepage field in control file. * Removing some unnecessary stuff from rules file. * Adding some necessary build dependencies. * Adding some modifications to allow for configuring various compiler flags. * Fix FTBFS on amd64. * Adding debug package. * Added DM-Upload-Allowed: yes field. * Added Vcs entries. -- Andres Mejia Thu, 15 May 2008 03:18:00 -0400 freeimage (3.9.3-3) unstable; urgency=low * Removed the file FreeImage393.pdf for which sources are apparently not available. * Added copyright ownner to copyright file. -- Federico Di Gregorio Mon, 07 May 2007 15:35:21 +0200 freeimage (3.9.3-2) unstable; urgency=low * Now also build FreeImagePlus. * Changed C++ to C/C++ in debian/control. -- Federico Di Gregorio Sun, 22 Apr 2007 21:59:14 +0200 freeimage (3.9.3-1) unstable; urgency=low * Initial release (Closes: #419696) -- Federico Di Gregorio Sat, 21 Apr 2007 09:36:44 +0200