libyaml (0.1.7-2) unstable; urgency=medium * Clean doxygen-generated documentation with dh_doxygen. * Mark libyaml-doc Multi-Arch: foreign. * Add libyaml-0-2.symbols file. -- Anders Kaseorg Fri, 30 Sep 2016 22:06:09 -0400 libyaml (0.1.7-1) unstable; urgency=medium * New upstream version 0.1.7. + Fix segfault in yaml_string_write_handler. + Fix invalid simple key assertion. * Drop upstreamed patches. * Migrate packaging from CDBS to dh. * Drop libyaml-0-2-dbg in favor of automatically generated libyaml-0-2-dbgsym package. -- Anders Kaseorg Sat, 03 Sep 2016 06:48:38 -0400 libyaml (0.1.6-3) unstable; urgency=high * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion failure caused by wrapped strings. (Closes: #771366) * Bump Standards-Version to 3.9.6 (no changes needed). -- Anders Kaseorg Fri, 28 Nov 2014 22:05:10 -0500 libyaml (0.1.6-2) unstable; urgency=medium * Move doxygen from Build-Depends to Build-Depends-Indep. -- Anders Kaseorg Tue, 19 Aug 2014 21:56:25 -0400 libyaml (0.1.6-1) unstable; urgency=medium * New upstream version 0.1.6. + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. + Fix CVE-2014-2525: heap-based buffer overflow in yaml_parser_scan_uri_escapes. * Drop upstreamed patches. * Run tests at build time. * Bump Standards-Version to 3.9.5 (no changes needed). * Use dh-autoreconf. (Closes: #745078) * Use dh-buildinfo. * Add libyaml-doc package for Doxygen-generated API documentation and examples. (Closes: #696821) * Acknowledge NMUs. -- Anders Kaseorg Tue, 19 Aug 2014 00:03:53 -0400 libyaml (0.1.4-3.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2014-2525.patch patch. CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. The heap overflow is caused by not properly expanding a string before writing to it in function yaml_parser_scan_uri_escapes in scanner.c. (Closes: #742732) -- Salvatore Bonaccorso Thu, 27 Mar 2014 06:22:25 +0100 libyaml (0.1.4-3.1) unstable; urgency=medium * Non-maintainer upload. * Drop libyaml-indent-column-overflow-v2.patch patch. This patch causes additional regressions on simple YAML files. * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. Add upstream's patch to guard against overflows in indent and flow_level. (Closes: #738587) -- Salvatore Bonaccorso Thu, 13 Feb 2014 07:51:58 +0100 libyaml (0.1.4-3) unstable; urgency=high * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. (Closes: #737076) -- Anders Kaseorg Wed, 29 Jan 2014 20:11:48 -0500 libyaml (0.1.4-2) unstable; urgency=low * Remove extra libyaml-0.so symlink from libyaml-dev. * Bump Debhelper compat level to 9. * Support multiarch. (Closes: #653748) (LP: #905630) * Use 3.0 (quilt) source format. -- Anders Kaseorg Fri, 30 Dec 2011 17:14:52 -0500 libyaml (0.1.4-1) unstable; urgency=low * New upstream version 0.1.4. + Fixed a bug that prevented an empty mapping being used as a simple key. + Fixed pointer overflow when calculating the position of a potential simple key. + Added pkg-config support. (Closes: #537834) * Remove unneded libyaml.la file. (Closes: #622452) * Add libyaml-0-2-dbg package with debugging symbols. (Closes: #592747) * Bumped standards version to 3.9.2 without further change -- Anders Kaseorg Mon, 30 May 2011 22:27:27 -0400 libyaml (0.1.3-1) unstable; urgency=low * New upstream version 0.1.3. + This release fixes non-standard structure initialization and a streaming-related issue. * Bump priority from extra to optional. -- Anders Kaseorg Sun, 04 Oct 2009 14:07:18 -0400 libyaml (0.1.2-1) unstable; urgency=low * New upstream version 0.1.2. + Fixed grammar in error messages (from YAML::XS::LibYAML). + Rewritten whitespace detection in the scalar analyzer and block scalar writers (ported from PyYAML). + Fixed emitting folded scalars with trailing breaks; Forced emitting of a document end indicator when there is a possibility of ambiguous parsing. -- Anders Kaseorg Mon, 29 Dec 2008 21:10:48 -0500 libyaml (0.1.1-1) unstable; urgency=low * Initial release (Closes: #484381). -- Anders Kaseorg Tue, 10 Jun 2008 02:37:34 -0400