libpodofo (0.9.8+dfsg-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Build-depend on libidn-dev instead of transitional libidn11-dev package.
Closes: #1086104
-- Andreas Metzler <ametzler@debian.org> Sun, 29 Dec 2024 11:47:04 +0100
libpodofo (0.9.8+dfsg-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Rename libraries for 64-bit time_t transition. Closes: #1062571
-- Benjamin Drung <bdrung@debian.org> Wed, 28 Feb 2024 16:17:29 +0000
libpodofo (0.9.8+dfsg-3) unstable; urgency=medium
[ YOKOTA Hiroshi ]
* Fix declaration of operator<< for PoDoFo::PdfString. Closes: #1012987
[ Mattia Rizzolo ]
* Bump Standards-Version to 4.6.1, no changes needed.
-- Mattia Rizzolo <mattia@debian.org> Sun, 21 Aug 2022 16:22:05 +0200
libpodofo (0.9.8+dfsg-2) unstable; urgency=medium
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Fri, 06 May 2022 14:32:34 +0200
libpodofo (0.9.8+dfsg-1) experimental; urgency=medium
* New upstream version 0.9.8+dfsg.
+ CVE-2018-12983 Closes: #916580
+ CVE-2019-10723 Closes: #926667
+ CVE-2019-20093 Closes: #977302
* Rename library package to match the SONAME.
-- Mattia Rizzolo <mattia@debian.org> Wed, 04 May 2022 15:48:58 +0200
libpodofo (0.9.7+dfsg-3) unstable; urgency=medium
[ Debian Janitor ]
* Remove constraints unnecessary since buster:
+ Build-Depends: Drop versioned constraint on libfreetype6-dev.
[ Vagrant Cascadian ]
* Build with -DCMAKE_BUILD_RPATH_USE_ORIGIN=ON to make the build
reproducible. Closes: #1001869
[ Mattia Rizzolo ]
* Bump Standards-Version to 4.6.0, no changes needed.
* Bump copyright year for debian/*.
-- Mattia Rizzolo <mattia@debian.org> Sun, 02 Jan 2022 18:57:57 +0100
libpodofo (0.9.7+dfsg-2) unstable; urgency=medium
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Tue, 12 Jan 2021 16:11:50 +0100
libpodofo (0.9.7+dfsg-1) experimental; urgency=medium
* New upstream version 0.9.7+dfsg.
+ CVE-2018-11255 Closes: #916584
* Drop all patches, applied upstream.
* Rename library package to match the SONAME.
* Update d/copyright.
* Bump debhelper compat level to 13:
+ Drop dh_missing --fail-missing, now the default.
* Bump Standards-Version to 4.5.1, no changes needed.
-- Mattia Rizzolo <mattia@debian.org> Sat, 09 Jan 2021 18:57:56 +0100
libpodofo (0.9.6+dfsg-5) unstable; urgency=medium
* Add upstream patches for security issues:
CVE-2019-9199 Closes: #923469
CVE-2019-9687 Closes: #924430
-- Mattia Rizzolo <mattia@debian.org> Sun, 21 Apr 2019 17:13:10 +0200
libpodofo (0.9.6+dfsg-4) unstable; urgency=medium
* Add upstream patches for security issues:
+ CVE-2018-5783; Closes: #916142
+ CVE-2018-11254; Closes: #916585
+ CVE-2018-11256; Closes: #916583
+ CVE-2018-12982; Closes: #916581
+ CVE-2018-14320; Closes: #916240
+ CVE-2018-19532; Closes: #916085
+ CVE-2018-20751
* d/control:
+ Bump Standards-Version to 4.3.0, no changes needed.
+ Bump debhelper compat level to 12.
* d/copyright:
+ Add a Comment field to explain the +dfsg repack, appeasing lintian.
+ Bump the year for debian/*.
-- Mattia Rizzolo <mattia@debian.org> Mon, 11 Feb 2019 18:49:43 +0100
libpodofo (0.9.6+dfsg-3) unstable; urgency=medium
[ Ondřej Nový ]
* d/watch: Use https protocol.
[ Mattia Rizzolo ]
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Tue, 02 Oct 2018 16:58:57 +0200
libpodofo (0.9.6+dfsg-2) experimental; urgency=medium
* Add patch to fix FTBFS on !linux.
-- Mattia Rizzolo <mattia@debian.org> Sat, 22 Sep 2018 13:25:17 +0200
libpodofo (0.9.6+dfsg-1) experimental; urgency=medium
* New upstream version 0.9.6+dfsg:
+ CVE-2017-8053 Closes: #860994
+ CVE-2018-5296
* d/control:
+ Bump Standards-Version to 4.2.1, no changes needed.
+ Use the new notation debian-compat(=11), and drop d/compat.
* d/patches:
+ Drop all patches, applied upstream.
+ Add patch from Juhani Numminen <juhaninumminen0@gmail.com> to fix FTBFS
with cmake 3.12. Closes: #906781
+ Add patch to fix the build with -fvisibility=hidden.
-- Mattia Rizzolo <mattia@debian.org> Tue, 18 Sep 2018 15:53:46 +0200
libpodofo (0.9.6~rc1+dfsg-1) experimental; urgency=medium
* New upstream version 0.9.6~rc1:
+ Repacked to remove a non-free piece of code (see README.source).
+ Fix CVE-2018-5309
+ Fix CVE-2018-8001 Closes: #892556
* d/patches:
+ Remove all patches applied upstream.
+ Add patch to set the SOVERSION to 0.9.6 instead of 0.9.6-rc1.
+ Add a patch fixing a bunch of spelling errors.
+ Add patch from upstream to fix build on 32 bit archs.
* Drop our manpages, now that upstream have moved all (but one) of them out
of debian/, so we can install their copies.
* Rename the binaries after SONAME bump: libpodofo0.9.5 → libpodofo0.9.6.
* d/control:
+ Bump Standards-Version to 4.1.4, no changes needed.
+ Add new Build-Dependency on libunistring-dev.
* d/rules: explicitly enable symbols visibility.
-- Mattia Rizzolo <mattia@debian.org> Thu, 10 May 2018 10:49:49 +0200
libpodofo (0.9.5-11) unstable; urgency=medium
* Add patch to fix pkg-config file.
This will also rename the file to make more sense, but as it's currently
completely broken it doesn't really matter. Closes: #908134; LP: #1792407
-- Mattia Rizzolo <mattia@debian.org> Tue, 18 Sep 2018 15:40:47 +0200
libpodofo (0.9.5-10) unstable; urgency=medium
* Retroactively update CVEs information. Thanks to Matthew Brincke
* Add patch from Juhani Numminen <juhaninumminen0@gmail.com> to fix
FTBFS with cmake 3.12. Closes: #906781
-- Mattia Rizzolo <mattia@debian.org> Mon, 27 Aug 2018 16:53:29 +0200
libpodofo (0.9.5-9) unstable; urgency=medium
* Add upstream patches for security issues:
+ CVE-2017-6841 Closes: #861558
+ CVE-2017-6845 Closes: #861562
+ CVE-2017-8054 Closes: #860995
+ CVE-2017-8378 Closes: #861597
+ CVE-2018-5295 Closes: #889511
+ CVE-2018-5308/CVE-2017-5854 Closes: #854602
* d/control:
+ Move the packaging to salsa.debian.org.
+ Bump Standards-Version to 4.1.3, no changes needed.
+ Move libpodofo-utils to section utils.
* d/rules: Move from the deprecated dh_install --fail-missing to dh_missing.
* d/copyright: Bump copyright year for debian/*.
* Bump debhelper compat level to 11.
-- Mattia Rizzolo <mattia@debian.org> Sat, 24 Feb 2018 11:38:43 +0100
libpodofo (0.9.5-8) unstable; urgency=medium
* Bump shlibs version due to the added symbol in the previous upload.
-- Mattia Rizzolo <mattia@debian.org> Sun, 12 Nov 2017 16:13:05 +0100
libpodofo (0.9.5-7) unstable; urgency=medium
* Add upstream patches for security issues:
+ CVE-2017-5852 Closes: #854600
+ CVE-2017-7994 Closes: #860930
+ CVE-2017-8787 Closes: #861738
* debian/control:
+ Bump Standards-Version to 4.1.1:
- Move from priority extra (deprecated) to optional.
+ Declare that libpodofo can be built without root: R³:no.
-- Mattia Rizzolo <mattia@debian.org> Sun, 12 Nov 2017 15:36:06 +0100
libpodofo (0.9.5-6) unstable; urgency=medium
* Add patch removing -stdc++98 from the compiler flags.
This fixes an FTBFS with cppunit 1.14. Closes: #868911
-- Mattia Rizzolo <mattia@debian.org> Mon, 31 Jul 2017 17:54:12 +0200
libpodofo (0.9.5-5) unstable; urgency=medium
* Add dependency on libssl-dev and libboost-dev to libpodofo-dev.
* Bump Standards-Version to 4.0.0, no changes needed.
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Wed, 21 Jun 2017 21:46:25 +0200
libpodofo (0.9.5-4) experimental; urgency=medium
* d/copyright: correct xyz's email address.
* Merge branch Debian uploads 0.9.4-5 and 0.9.4-6 into experimental, to get
the security fixes here too.
* Refresh patches.
-- Mattia Rizzolo <mattia@debian.org> Tue, 23 May 2017 23:11:01 +0200
libpodofo (0.9.5-3) experimental; urgency=medium
* Drop symbols file, symbols changes across all architectures, so it's too
painful to track, and useless for this library.
* Override lintian tag no-symbols-control-file.
-- Mattia Rizzolo <mattia@debian.org> Wed, 15 Feb 2017 23:27:29 +0100
libpodofo (0.9.5-2) experimental; urgency=medium
* d/copyright: update
* d/patches:
+ fix_test_on_32bit.patch: add to fix FTBFS on 32 bit architectures.
+ spelling_fixes.patch: add to fix some spelling errors.
* d/man/*:
+ Update manpages from upstream.
+ Fix a spelling error.
* d/*.doc-base: Register doc-base to libpodofo-dev and libpodofo-utils.
* d/libpodofo0.9.5.symbols: add for proper symbol version tracking (despite
this library changing SONAME with every single upstream release, so a tad
pointless, but doesn't harm…).
-- Mattia Rizzolo <mattia@debian.org> Wed, 15 Feb 2017 21:36:20 +0100
libpodofo (0.9.5-1) experimental; urgency=medium
* New upstream version 0.9.5.
* d/p/OpenSSL_1.1.0.patch: drop, applied upstream.
* d/p/FindZLIB.cmake: drop, not really needed, and better have fewer patches.
* d/libpodofo-dev.install: Install the new pkgconfig file.
* Rename binary package after SONAME bump: libpodofo0.9.4 → libpodofo0.9.5.
* d/control:
+ Add build-dependency on libcppunit-dev to build the tests.
+ Add build-dependency on libboost-dev to actually enable boost support.
-- Mattia Rizzolo <mattia@debian.org> Wed, 08 Feb 2017 18:11:53 +0100
libpodofo (0.9.4-6) unstable; urgency=high
* Add upstream patches for security issues:
+ CVE-2017-5855 Closes: #854603
+ CVE-2017-6840 Closes: #861557
+ CVE-2017-6842 Closes: #861559
+ CVE-2017-6843 Closes: #861560
+ CVE-2017-6847 Closes: #861564
+ CVE-2017-6848 Closes: #861565
+ CVE-2017-7378 Closes: #859330
+ CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
-- Mattia Rizzolo <mattia@debian.org> Wed, 17 May 2017 14:54:40 +0200
libpodofo (0.9.4-5) unstable; urgency=high
* Add upstream patches for security issues:
+ CVE-2017-5853 Closes: #854601
+ CVE-2017-6844 Closes: #861561
+ CVE-2017-5886 Closes: #854604
+ CVE-2017-7379 Closes: #859331
+ Fix NULL pointer dereference in pdfinfo. Closes: #854605
-- Mattia Rizzolo <mattia@debian.org> Wed, 03 May 2017 11:41:19 +0200
libpodofo (0.9.4-4) unstable; urgency=medium
* d/watch: fixup.
-- Mattia Rizzolo <mattia@debian.org> Thu, 08 Dec 2016 15:10:41 +0100
libpodofo (0.9.4-3) unstable; urgency=medium
* Bump debhelper compat level to 10.
Drop explicit --parallel option, now default.
* Add patch to make the PoDoFo compatible with OpenSSL 1.1.0 API.
Thanks to Reiner Herrmann <reiner@reiner-h.de> for the patch.
Closes: #828407
* Install the docs also in libpodofo-utils.
* d/watch: bump to version 4 and use of new substitutions patterns to catch
eventual non-gzip releases.
-- Mattia Rizzolo <mattia@debian.org> Wed, 26 Oct 2016 23:32:42 +0000
libpodofo (0.9.4-2) unstable; urgency=medium
* Upload to unstable.
* Update copyright.
-- Mattia Rizzolo <mattia@debian.org> Mon, 20 Jun 2016 10:57:17 +0000
libpodofo (0.9.4-1) experimental; urgency=medium
* Imported Upstream version 0.9.4.
* debian/control: Bump Standards-Version to 3.9.8, no changes needed.
* debian/copyright: update.
* Refresh patches.
* debian/watch: be more clever about rc releases.
* Change package name after SONAME change.
* d/man/podofocolor.1: fix syntax error.
* d/man/podofoxmp: fix typos.
-- Mattia Rizzolo <mattia@debian.org> Tue, 14 Jun 2016 09:45:43 +0000
libpodofo (0.9.3-4) unstable; urgency=medium
* debian/control:
+ [2191c2f] add Vcs-{Git,Browser} fields.
+ [6045525] bump Standards-Version to 3.9.7, no changes needed.
-- Mattia Rizzolo <mattia@debian.org> Sat, 12 Mar 2016 00:47:22 +0000
libpodofo (0.9.3-3) unstable; urgency=medium
* Upload to unstable.
-- Mattia Rizzolo <mattia@debian.org> Wed, 20 Jan 2016 23:02:04 +0000
libpodofo (0.9.3-2) experimental; urgency=medium
* [5c9520e] debian/copyright: add src/base/PdfEncrypt.cpp with its own
different copyright and license.
* [9c11ffe] debian/control: remove libcppunit-dev from Build-Depends.
-- Mattia Rizzolo <mattia@debian.org> Wed, 20 Jan 2016 02:13:52 +0000
libpodofo (0.9.3-1) experimental; urgency=medium
* [3c58af8] Imported Upstream version 0.9.3. Closes: #660163, #806578
+ [400586e] debian/patches: drop freetype_multiarch and
freetype_strikes_back as not needed anymore.
* [6df14da] debian/{control,copyright}: take over the maintenance from malex.
* [623244e] debian/{control,compat}: use compat level 9
* debian/rules:
+ [ceea6ac] Rewrite using dh short format.
- [dc7c312] debian/*.dirs: remove as useless now.
+ [f6a73cc] Remove some useless config flags.
+ [d000e53] Use dh_install --fail-missing.
+ [720ef58] Don't compress .pdf and .plan files.
+ [eb47012] Enable hardening.
* debian/control:
+ [cf61ecb] Run wrap-and-sort.
+ [bc815bf] Bump Standards-Version to 3.9.6, no changes needed.
+ [2f0654e] Add some build-depends to enable optional features.
+ [8d64c36] Remove useless build-dependency on quilt.
+ [e5d72fa] Remove old and nowadays useless Replaces/Conflicts/Provides.
* [4c0c7f1] Install the manpages using upstream's cmake rules, instead of
listing all of them in debian/*.manpages.
* [693131f] new SONAME, change library package name.
* [c0a13c7] debian/libpodofo-utils.install: install some examples files for
podofoimpose. Closes: #639869
* [d0c2ae6,128b998] debian/copyright: update.
* [a8b91e6] debian/patches/FindZLIB.cmake: add a small description header.
* [0a6b248] debian/watch: remove pointless comments.
-- Mattia Rizzolo <mattia@debian.org> Sun, 17 Jan 2016 18:30:58 +0000
libpodofo (0.9.0-1.3) unstable; urgency=medium
* Non-maintainer upload.
* Import libstdc++ transition changes from Ubuntu (Closes: #791156)
[ Steve Langasek ]
* Rename library packages for g++5 ABI transition
-- Simon McVittie <smcv@debian.org> Thu, 27 Aug 2015 08:12:00 +0100
libpodofo (0.9.0-1.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix another freetype path issue with version >= 2.5 (Closes: #730889).
* Build-Depends against libtiff-dev, not libtiff4-dev.
-- David Prévot <taffit@debian.org> Thu, 26 Dec 2013 22:49:14 -0400
libpodofo (0.9.0-1.1) unstable; urgency=low
* Non-maintainer upload.
[ Didier Raboud ]
* Build-Depends against libjpeg-dev, not libjpeg62-dev (Closes: #639051).
* Import Ubuntu patch to fix build against the multiarch'ed libfreetype.
[ Ubuntu: Philip Muskovac & Daniel T Chen ]
* debian/rules: export DEB_HOST_MULTIARCH for the freetype patch.
* debian/patches/freetype_multiarch: Add multiarch directory to cmake search
path for freetype (LP: #778410, #831277).
-- Didier Raboud <odyx@debian.org> Wed, 09 Nov 2011 16:02:17 +0100
libpodofo (0.9.0-1) unstable; urgency=low
* New upstream release. The packaging is based on 0.8.4 that has been
accepted into Debian.
* debian/rules:
- Removed boost from cmake options and updated library version.
- Rewrote rules for clarity.
* debian/source/format: changed to v3.0 (quilt).
* debian/control:
- Added a build depends on quilt.
- Changed package names to 0.9.0 from 0.8.4.
* debian/patches/CMakeLists.txt.top: Removed the debian dir from cmake path.
* debian/patches/FindZLIB.cmake: Removed a duplicate cmake find file.
* debian/*: renamed 0.8.4 to 0.9.0 in file names.
-- Oleksandr Moskalenko <malex@debian.org> Mon, 14 Mar 2011 16:58:26 -0500
libpodofo (0.8.4-1) unstable; urgency=low
* New upstream release. There is a soname change, so this package supersedes
libpodofo0.8.0 for building PoDoFo enabled packages (Closes: #590823).
* man/*.1: Wrote man pages for all provided utils.
* debian/libpodofo-utils.manpages: Added a control file for dh_installman to
install man pages.
* debian/rules: Added a dh_installman rule to install man pages.
* debian/control: Unified short descriptions.
* debian/copyright:
- Changed to DEP5 format.
- Added copyright and license information for PdfEncrypt.cpp and
cmake/modules/* per ftpmaster request.
-- Oleksandr Moskalenko <malex@debian.org> Wed, 01 Dec 2010 20:56:22 -0600
libpodofo0.8.0 (0.8.0+svn20100512-2) unstable; urgency=low
* Added a build-depends on libboost-graph-dev to make podofo use improved
graphics facilities provided by boost.
-- Oleksandr Moskalenko <malex@debian.org> Mon, 17 May 2010 09:09:32 -0500
libpodofo0.8.0 (0.8.0+svn20100512-1) unstable; urgency=low
* Initial release (Closes: #431809).
-- Oleksandr Moskalenko <malex@debian.org> Wed, 12 May 2010 17:37:56 -0500