zziplib (0.13.72+dfsg.1-1.1) unstable; urgency=medium * Non-Maintainer Upload. * Fix (i386) cross-compilation. -- Lukas Märdian <luk@slyon.de> Mon, 21 Jun 2021 14:42:07 +0200 zziplib (0.13.72+dfsg.1-1) unstable; urgency=medium * New upstream release. (Closes: #938924) + switch to CMake + drop .la libtool files + refresh d/p/zziplib-unzipcat-NULL-name.patch + drop d/p/Avoid-memory-leak-from-__zzip_parse_root_directory-1.patch and d/p/Avoid-memory-leak-from-__zzip_parse_root_directory-2.patch and d/p/One-more-free-to-avoid-memory-leak.patch: applied upstream in 0e1dadb, d2e5d5c and 9411bde + drop patches applied upstream: debian/patches/merge-CVE-2018-6381.patch-from-jmoellers-12.patch debian/patches/zziplib-CVE-2017-5974.patch debian/patches/zziplib-CVE-2017-5975.patch debian/patches/zziplib-CVE-2017-5976.patch debian/patches/zziplib-CVE-2017-5978.patch debian/patches/zziplib-CVE-2017-5979.patch debian/patches/zziplib-CVE-2017-5981.patch debian/patches/need-to-check-on-endbuf-for-stored-files-15.patch debian/patches/Reject-the-ZIP-file-and-report-it-as-corrupt-if-the-.patch debian/patches/check-rootseek-after-correction-41.patch debian/patches/check-rootseek-and-rootsize-to-be-positive-27.patch debian/patches/check-zlib-space-to-be-within-buffer-39.patch debian/patches/fix-for-zz_rootsize-41.patch debian/patches/need-to-check-on-endbuf-for-stored-files-15.patch -- Lukas Märdian <luk@slyon.de> Fri, 18 Jun 2021 15:57:44 +0200 zziplib (0.13.62-3.3) unstable; urgency=medium * Non-maintainer upload. * Build using python2. Closes: #856566, #967237. * Update home page. Closes: #863892. * Update watch file. -- Matthias Klose <doko@debian.org> Thu, 04 Mar 2021 09:54:37 +0100 zziplib (0.13.62-3.2) unstable; urgency=medium * Non-maintainer upload. * Invalid memory access in zzip_disk_fread (CVE-2018-6381) (Closes: #889096) * Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file (CVE-2018-6484, CVE-2018-6541, CVE-2018-6869) (Closes: #889089) * bus error in zzip_disk_findfirst function in zzip/mmapped.c (CVE-2018-6540) (Closes: #923659) * out of bound read in mmapped.c:zzip_disk_fread() causes crash (CVE-2018-7725) (Closes: #913165) * Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file (CVE-2018-7726) (Closes: #913165) * Memory leak triggered in the function __zzip_parse_root_directory in zip.c (CVE-2018-16548) (Closes: #910335) -- Salvatore Bonaccorso <carnil@debian.org> Mon, 04 Mar 2019 22:43:14 +0100 zziplib (0.13.62-3.1) unstable; urgency=medium * Non-maintainer upload. * Fix multiple security issues (Closes: #854727). Thanks to Josef Moellers of SuSE for the patches! -- Moritz Muehlenhoff <jmm@debian.org> Sun, 04 Jun 2017 09:03:20 +0200 zziplib (0.13.62-3) unstable; urgency=medium * debian/rules: Lintian error cleaning pkg-config-bad-directive -- Scott Howard <showard@debian.org> Sun, 24 Aug 2014 22:20:40 -0400 zziplib (0.13.62-2) unstable; urgency=low * Merge in Ubuntu changes to use dh-autoreconf to ensure package remains buildable across future ports. Thanks to Steve Langasek. (Closes: #736810) -- Scott Howard <showard@debian.org> Sun, 26 Jan 2014 18:54:39 -0500 zziplib (0.13.62-1) unstable; urgency=low * New upstream release (Closes: #709437) * Updated symbols file. * export-dynamic.patch dropped, accepted upstream -- Scott Howard <showard@debian.org> Mon, 20 Jan 2014 17:12:51 -0500 zziplib (0.13.56-2) unstable; urgency=low * Adopting package (Closes: #733144) * use source/format 3.0 (quilt), and separate debian changes into patch "export-dynamic.patch" * simple dh rules - multiarch enabled - use --with autotools-dev (Closes: #717837) * build depend on zip so build checks run * added symbols file * No longer conflict with zziplib-0-12 (no reason to conflict) (Closes: #565982) * Removed unneeded -lz from .pc file (Closes: #471065) - debian/patches/remove_extra_z_linking.patch -- Scott Howard <showard@debian.org> Tue, 07 Jan 2014 13:57:57 -0500 zziplib (0.13.56-1.1) unstable; urgency=low * Non-maintainer upload. * Fix "FTBFS: x86_64-linux-gnu-gcc: error: unrecognized option '--export-dynamic'": apply patch from Ubuntu / Matthias Klose: - Pass correct linker option. LP: #832895. Closes: #625064. * Fix "Emptying dependency_libs in .la files": use recipe provided by Neil Williams in the bug report. Closes: #633335 -- gregor herrmann <gregoa@debian.org> Thu, 06 Oct 2011 20:07:37 +0200 zziplib (0.13.56-1) unstable; urgency=low * New Upstream Version - update debian/man3.patch - remove msvc8/zip.exe and msvc7/pkzip.exe * Upgrade the standard version to 3.8.2 * Add the vcs information to debian/control -- LIU Qi <liuqi82@gmail.com> Sun, 12 Jul 2009 14:37:46 +0800 zziplib (0.13.54-1) unstable; urgency=low * New Maintainer. Closes: #529561 * New Upstream Version. Closes: #530850 * Fixed the lintian warnings of manpages. * 01-fetch.patch: dropped as it was merged upstream -- LIU Qi <liuqi82@gmail.com> Sun, 31 May 2009 00:08:56 +0800 zziplib (0.13.50-1) unstable; urgency=low * New upstream version - Update 01-fetch.patch * debhelper compat version is 7 * Standards version is 3.8.1 * Run dh_prep instead of dh_clean -k * Add debian/watch -- Anibal Monsalve Salazar <anibal@debian.org> Mon, 23 Mar 2009 21:13:57 +1100 zziplib (0.13.49-4) unstable; urgency=low * NMU acknowledgement. Closes: #443880 * Fixed the following lintian issues: - zziplib source: out-of-date-standards-version 3.7.2 (current is 3.7.3) - zziplib: description-contains-homepage -- Anibal Monsalve Salazar <anibal@debian.org> Sun, 06 Apr 2008 08:13:02 +1000 zziplib (0.13.49-3.1) unstable; urgency=low * NMU from the Cambridge BSP * Fixed SIGBUS due to alignment problems, closes: #443880. Patch: 01-fetch.patch -- Steve McIntyre <93sam@debian.org> Sat, 05 Apr 2008 17:54:27 +0100 zziplib (0.13.49-3) unstable; urgency=low * Fixed SIGSEGV on hppa, ia64, sparc, closes: #443880. Patch by brian m. carlson <sandals@crustytoothpaste.ath.cx> Patch: 01-zip.c.patch * Fixed FTBFS if build twice in a row, closes: #442779. * Build-depends on quilt -- Anibal Monsalve Salazar <anibal@debian.org> Wed, 07 Nov 2007 17:43:35 +1100 zziplib (0.13.49-2) unstable; urgency=low * debian/rules: added configure option --datadir, closes: #439395. -- Anibal Monsalve Salazar <anibal@debian.org> Sat, 25 Aug 2007 10:29:31 +1000 zziplib (0.13.49-1) unstable; urgency=low * libzzip-0-13 Replaces & Conflicts: libzzip-0-12 -- Anibal Monsalve Salazar <anibal@debian.org> Fri, 24 Aug 2007 08:41:46 +1000 zziplib (0.13.49-0) unstable; urgency=low * New upstream version. Closes: #399617. - zzip-config was removed by upstream maintainer. - htmpages.ar was not shipped by upstream maintainer. - new build dependency: python. * Fixed: CVE-2007-1614 DoS and execution of arbitrary code. Closes: #436701. * Fixed the following lintian messages: - W: zziplib source: substvar-source-version-is-deprecated libzzip-dev - W: zziplib source: debian-rules-ignores-make-clean-error line 62 -- Anibal Monsalve Salazar <anibal@debian.org> Thu, 09 Aug 2007 18:47:38 +1000 zziplib (0.12.83-8) unstable; urgency=low * New maintainer. * Fixed "libzzip-dev: Override says libdevel - optional, .deb says devel - optional". -- Anibal Monsalve Salazar <anibal@debian.org> Tue, 03 Oct 2006 11:08:37 +1000 zziplib (0.12.83-7) unstable; urgency=low * Orphaning this package, setting maintainer field to packages@qa.debian.org. -- Aurelien Jarno <aurel32@debian.org> Mon, 2 Oct 2006 11:03:22 +0200 zziplib (0.12.83-6) unstable; urgency=low * bins/zziptest.c: fixed a cast to pointer from integer of different size. * Bumped Standards-Version to 3.7.2 (nochanges). -- Aurelien Jarno <aurel32@debian.org> Wed, 7 Jun 2006 14:31:12 +0200 zziplib (0.12.83-5) unstable; urgency=low * zzip/zzip.h: include sys/types.h instead of stddef.h, so that zziplib could be built on GNU/Hurd and GNU/kFreeBSD. -- Aurelien Jarno <aurel32@debian.org> Sun, 3 Jul 2005 11:42:08 +0200 zziplib (0.12.83-4) unstable; urgency=low * Libtool update for kfreebsd-gnu in zziplib/ directory (closes: bug#294730). -- Aurelien Jarno <aurel32@debian.org> Fri, 18 Feb 2005 12:45:00 +0100 zziplib (0.12.83-3) unstable; urgency=low * Added GCC 4.0 fixes from Andreas Jochens (closes: bug#295055). -- Aurelien Jarno <aurel32@debian.org> Sun, 13 Feb 2005 16:10:27 +0100 zziplib (0.12.83-2) unstable; urgency=low * Libtool update for kfreebsd-gnu (closes: bug#294730). -- Aurelien Jarno <aurel32@debian.org> Fri, 11 Feb 2005 17:32:04 +0100 zziplib (0.12.83-1) unstable; urgency=low * New upstream version. -- Aurelien Jarno <aurel32@debian.org> Sun, 26 Sep 2004 21:48:52 +0200 zziplib (0.12.82-1) unstable; urgency=low * New upstream version. * Added manpages for zziplib-bin and included tools. Thanks to Ricardo Mones (closes: bug#256186). -- Aurelien Jarno <aurel32@debian.org> Sat, 26 Jun 2004 16:33:10 +0200 zziplib (0.10.82-1) unstable; urgency=low * Initial Release (closes: bug#173511, bug#222397). -- Aurelien Jarno <aurel32@debian.org> Mon, 29 Mar 2004 12:41:28 +0200