diff -u libgd2-2.0.36~rc1~dfsg/debian/control libgd2-2.0.36~rc1~dfsg/debian/control --- libgd2-2.0.36~rc1~dfsg/debian/control +++ libgd2-2.0.36~rc1~dfsg/debian/control @@ -1,9 +1,10 @@ Source: libgd2 Section: graphics Priority: optional -Maintainer: GD team +Maintainer: Ubuntu Core Developers +XSBC-Original-Maintainer: GD team Uploaders: Jonas Smedegaard , Sean Finney -Build-Depends: cdbs (>= 0.4.39), autotools-dev, gnulib (>= 0.0.20041014-2), devscripts (>= 2.10.7), quilt, patchutils (>= 0.2.25), cdbs (>= 0.4.27), dh-buildinfo, debhelper (>= 5.0.44), libpng12-dev, libz-dev, libjpeg-dev, libfreetype6-dev, libxpm-dev, libx11-dev, libxt-dev, libfontconfig-dev, d-shlibs (>= 0.30), html2text +Build-Depends: cdbs (>= 0.4.39), autotools-dev, devscripts (>= 2.10.7), quilt, patchutils (>= 0.2.25), cdbs (>= 0.4.27), dh-buildinfo, debhelper (>= 5.0.44), libpng12-dev, libz-dev, libjpeg-dev, libfreetype6-dev, libxpm-dev, libx11-dev, libxt-dev, libfontconfig-dev, d-shlibs (>= 0.30), html2text Vcs-Svn: svn://svn.debian.org/svn/pkg-gd/libgd2/trunk Vcs-Browser: http://svn.debian.org/wsvn/pkg-gd/libgd2/trunk Standards-Version: 3.7.3 diff -u libgd2-2.0.36~rc1~dfsg/debian/changelog libgd2-2.0.36~rc1~dfsg/debian/changelog --- libgd2-2.0.36~rc1~dfsg/debian/changelog +++ libgd2-2.0.36~rc1~dfsg/debian/changelog @@ -1,3 +1,10 @@ +libgd2 (2.0.36~rc1~dfsg-3.2ubuntu1) maverick; urgency=low + + * Merge from debian testing (LP: #606384). Remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + + -- Angel Abad Wed, 05 May 2010 02:32:35 +0100 + libgd2 (2.0.36~rc1~dfsg-3.2) unstable; urgency=low * Non-maintainer upload. @@ -5,6 +12,13 @@ -- Robert Lemmen Tue, 23 Mar 2010 17:06:39 +0000 +libgd2 (2.0.36~rc1~dfsg-3.1ubuntu1) lucid; urgency=low + + * Merge from debian testing. Remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + + -- Kees Cook Tue, 08 Dec 2009 16:59:29 -0800 + libgd2 (2.0.36~rc1~dfsg-3.1) unstable; urgency=high * Non-maintainer upload by the Security Team. @@ -13,6 +27,13 @@ -- Giuseppe Iuculano Mon, 09 Nov 2009 21:19:11 +0100 +libgd2 (2.0.36~rc1~dfsg-3ubuntu1) intrepid; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + + -- Kees Cook Sun, 03 Aug 2008 19:21:21 -0700 + libgd2 (2.0.36~rc1~dfsg-3) unstable; urgency=medium * Drop bogus "-Wl,--disable-rpath" ld flags. Closes: bug#478534, @@ -103,6 +124,23 @@ -- Jonas Smedegaard Thu, 03 Jan 2008 16:14:46 +0100 +libgd2 (2.0.35.dfsg-3ubuntu2) hardy; urgency=low + + * debian/rules: Remove -Wl,--disable-rpath from CFLAGS, as this is not + a valid linker option. LP: #194518. + * debian/rules: export the CFLAGS, so they're consistently used even + when not called via dpkg-buildpackage. + + -- Steve Langasek Sun, 24 Feb 2008 07:10:48 +0000 + +libgd2 (2.0.35.dfsg-3ubuntu1) hardy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - maintainer field updates + + -- Kees Cook Thu, 06 Dec 2007 17:02:21 -0800 + libgd2 (2.0.35.dfsg-3) unstable; urgency=high * Add patch hand-picked from upstream CVS: @@ -153,6 +191,18 @@ -- Jonas Smedegaard Sun, 12 Aug 2007 13:40:55 +0200 +libgd2 (2.0.34-1ubuntu1) gutsy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - maintainer field updates + * gd_png.c: apply upstream fixes for endless loop bug. + * References + http://bugs.libgd.org/?do=details&task_id=86 + CVE-2007-2756 + + -- Kees Cook Mon, 11 Jun 2007 14:24:51 -0700 + libgd2 (2.0.34-1) unstable; urgency=low * New upstream release. @@ -172,6 +222,25 @@ -- Jonas Smedegaard Thu, 17 May 2007 12:29:12 +0200 +libgd2 (2.0.34~rc1-2ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + + -- Kees Cook Tue, 6 Feb 2007 21:15:32 -0800 + +libgd2 (2.0.34~rc1-2) unstable; urgency=high + + * Use CDBS-calculated DEB_UPSTREAM_VERSION for package dependencies + (and locally-calculated version string only for soname). Fixes + unsatisfiable dependenices with the current odd version number and + thus closes: bug#409213 (thanks to Aaron M. Ucko). + * Move inclusion of copyright-check cdbs snippet below cleanup, to + avoid possible FTBFS. + * Invoke ldconfig in postinst/postrm. + + -- Jonas Smedegaard Thu, 1 Feb 2007 17:52:57 +0100 + libgd2 (2.0.34~rc1-1) unstable; urgency=high * New upstream prerelease. @@ -217,6 +286,14 @@ -- Jonas Smedegaard Mon, 1 Jan 2007 20:18:13 +0100 +libgd2 (2.0.33-5.2ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - debian/rules: Don't use copyright-check.mk, it breaks cleaning. + + -- Martin Pitt Tue, 19 Dec 2006 16:14:39 +0100 + libgd2 (2.0.33-5.2) unstable; urgency=high * Non-maintainer upload. @@ -227,6 +304,14 @@ -- Andreas Barth Wed, 29 Nov 2006 16:34:54 +0000 +libgd2 (2.0.33-5.1ubuntu1) feisty; urgency=low + + * Synchronize to Debian, remaining Ubuntu changes: + - debian/control: Drop unnecessary build dependency 'gnulib'. + - debian/rules: Don't use copyright-check.mk, it breaks cleaning. + + -- Martin Pitt Mon, 30 Oct 2006 11:18:06 +0100 + libgd2 (2.0.33-5.1) unstable; urgency=medium * Non-maintainer upload. @@ -255,6 +340,24 @@ -- Jonas Smedegaard Mon, 17 Jul 2006 02:15:53 +0200 +libgd2 (2.0.33-4ubuntu2) edgy; urgency=low + + * SECURITY UPDATE: DoS due to infinite loop. + * Add debian/patches/1006_infinite_loop.patch: + - Cut off loops in GIF reading functions after 1024 iterations to prevent + infinite loops. + - Patch provided from upstream (Xavier Roche). + - CVE-2006-2906 + + -- Martin Pitt Wed, 11 Oct 2006 14:46:59 +0200 + +libgd2 (2.0.33-4ubuntu1) edgy; urgency=low + + * Drop seemingly unnecessary build-dep on gnulib. + * Drop annoying copyright check that breaks the clean target. + + -- Scott James Remnant Tue, 3 Oct 2006 14:28:36 +0100 + libgd2 (2.0.33-4) unstable; urgency=low * Have libgd-noxpm-dev provide libgd2-dev (a virtual package since @@ -835,0 +939 @@ +