freexl (1.0.0g-1+deb8u5) jessie-security; urgency=high * Add upstream patch to fix various heap-buffer-overflows. - heap-buffer-overflow in freexl::destroy_cell of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547879 - heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST https://bugzilla.redhat.com/show_bug.cgi?id=1547883 - heap-buffer-overflow in freexl.c:1866 parse_SST of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547885 - heap-buffer-overflow in freexl.c:383 parse_unicode_string of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547889 - heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547892 -- Bas Couwenberg Fri, 23 Feb 2018 11:03:17 +0100 freexl (1.0.0g-1+deb8u4) jessie-security; urgency=high * Add upstream patch to fix CVE-2017-2923 & CVE-2017-2924. (closes: #875690, #875691) -- Bas Couwenberg Sat, 16 Sep 2017 23:26:04 +0200 freexl (1.0.0g-1+deb8u3) jessie-security; urgency=high * Add patch to fix regression introduced by afl-vulnerabilitities.patch. -- Bas Couwenberg Fri, 13 Nov 2015 11:31:31 +0100 freexl (1.0.0g-1+deb8u2) jessie-security; urgency=high * Add patch to fix 32 bit multiplication overflow. -- Bas Couwenberg Wed, 15 Jul 2015 22:12:41 +0200 freexl (1.0.0g-1+deb8u1) unstable; urgency=high * Update my email to @debian.org address. * Specify jessie branch in Vcs-Git field. * Add patch to fix vulnerabilities identified by American Fuzzy Lop. (closes: #781228) -- Bas Couwenberg Thu, 26 Mar 2015 11:44:10 +0100 freexl (1.0.0g-1) unstable; urgency=low * New upstream release. * Bump Standards-Version to 3.9.5, no changes required. * Add lintian override for debian-watch-may-check-gpg-signature, upstream doesn't provide signatures for verification. -- Bas Couwenberg Tue, 14 Jan 2014 11:18:32 +0100 freexl (1.0.0f-2) unstable; urgency=low * Change Priority to optional, keep Priority extra for -dbg package. -- Bas Couwenberg Thu, 21 Nov 2013 23:08:31 +0100 freexl (1.0.0f-1) unstable; urgency=low * New upstream version. * Add myself to Uploaders. * Update watch file, handle common mistakes. * Use dh-autoreconf for retooling. * Update Homepage URL. * Use canonical URLs for Vcs-* fields. * Multi-Arch: same dev and dbg packages. * Add lintian overrides for no upstream changelog, link to upstream timeline. * Update copyright file. * Move maintenance from collab-maint to pkg-grass. -- Bas Couwenberg Wed, 02 Oct 2013 18:42:35 +0200 freexl (1.0.0d-1) unstable; urgency=low * New upstream version * Standards-Version bump to 3.9.4, no changes needed * debhelper Build-Dependency bumped to 9 * Manually export LDFLAGS in debian/rules to fix linking issue with the library * Updated debian/copyright * Enable hardening build-flags in debian/rules -- David Paleino Thu, 11 Oct 2012 10:37:33 +0200 freexl (1.0.0b-1) unstable; urgency=low * New upstream version (Closes: #650280) * Fixed debian/watch -- David Paleino Wed, 22 Feb 2012 19:47:55 +0100 freexl (0.0.2~beta20110817-1) unstable; urgency=low * Initial release (Closes: #644087) -- David Paleino Sun, 02 Oct 2011 21:11:42 +0200