* Patch from Andrej Shadura <email address hidden> to mark one
more STL symbol as optional (Closes: #923743).
pcre3 (2:8.39-11) unstable; urgency=medium
[ Matthias Klose ]
* Mark 2 STL symbols as optional (Closes: #904008)
[ Matthew Vernon ]
* Bump debian/compat to 11 (Closes: #646973)
* Fixes to debian/rules so package builds with dh compat 11
pcre3 (2:8.39-10) unstable; urgency=high
* Update symbols file (Closes: #897834
pcre3 (2:8.39-9) unstable; urgency=medium
* Update symbols file (Closes: #888921)
pcre3 (2:8.39-8) unstable; urgency=medium
* drive ulimit correctly (Closes: #876299)
pcre3 (2:8.39-7) unstable; urgency=low
* increase stack limit before running tests (Closes: #876299)
pcre3 (2:8.39-6) unstable; urgency=medium
* patch from Sergei from MariaDB (via Ondřej Surý) to fix stack frame
size detection (Closes: #878107, #876299)
pcre3 (2:8.39-5) unstable; urgency=medium
* patch from Katsuhiko Nishimra to symbols file to fix FTBFS with gcc7
(Closes: #876046, #853606)
pcre3 (2:8.39-4) unstable; urgency=low
* Remove now-deprecated Pre-Depends on multiarch-support (not needed
since jessie) (Closes: #865987)
pcre3 (2:8.39-3) unstable; urgency=high
* CVE-2017-7186: invalid Unicode property lookup may cause denial of
service (Closes: #858238)
pcre3 (2:8.39-2.1) unstable; urgency=high
* Non-maintainer upload.
* CVE-2017-6004: crafted regular expression may cause denial of service
(Closes: #855405)
pcre3 (2:8.39-2) unstable; urgency=low
* Update symbols file to reflect compilation with gcc6 (Closes: #811969)
pcre3 (2:8.39-1) unstable; urgency=medium
[ Ian Jackson ]
* New upstream version (Closes: #832354).
- Drop CVE-2016-1283.patch (now in upstream).
- Adjusted sonames: bumped each minor number where upstream
bumped theirs.
[ Matthew Vernon ]
* Add notes encouraging people to move to pcre2
pcre3 (2:8.38-3.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2016-1283: heap buffer overflow in handling of duplicate named
groups (Closes: #809706)
pcre3 (2:8.38-3) unstable; urgency=low
* Apply Ubuntu patch from Iain Lane (modified by Graham Inggs) to add
symbols files (Closes: #767374)
pcre3 (2:8.38-2) unstable; urgency=low
* Apply upstream patch to fix workspace overflow for (*ACCEPT) with
deeply nested parentheses (Closes: #815921)
pcre3 (2:8.38-1) unstable; urgency=low
* New upstream version
pcre3 (2:8.35-8) unstable; urgency=low
* Remove conflicts with long-vanished pcre{1,2}-dev packages (so new PCRE2 packages can co-exist)
pcre3 (2:8.35-7.4) unstable; urgency=medium
* Non-maintainer upload.
* Fix copy-and-paste error in Disable_JIT_on_sparc64.patch.
pcre3 (2:8.35-7.3) unstable; urgency=medium
* Non-maintainer upload.
* Add Disable_JIT_on_sparc64.patch to disable JIT on sparc64. The patch
no_jit_x32_powerpcspe.patch to disable JIT on powerpcspe was already
added in 2:8.35-6 (Closes: #765079).
pcre3 (2:8.35-7.2) unstable; urgency=low
* Non-maintainer upload (with maintainer's permission).
* Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch.
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-time-loop-for-recursive-reference-within.patch.
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-information-disclosure.patch.
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-compile-for-groups-like-2-0-1999.patch.
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch.
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-overflow-for-named-recursive-back-referen.patch.
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_regex(). (Closes: #787433)
pcre3 (2:8.35-7.1) unstable; urgency=medium
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
pcre3 (2:8.35-7) unstable; urgency=medium
* Apply upstream patch to fix buffer overflow for forward reference
within backward assertion with excess closing parenthesis
(Closes: #790000)
pcre3 (2:8.35-6) unstable; urgency=low
[ Thorsten Glaser ]
* Re-add patch disabling JIT on powerpcspe and x32 (Closes: #760327)
* Add back missing debian/changelog entries for 1:8.35-3.2 and 1:8.36-1
pcre3 (2:8.35-5) unstable; urgency=low
* re-enable jit on ppc64el (by dropping the patch that disables it)
(Closes: #786530)
* patch from Frederic Bonnard to fix the watch file (Closes: #785726)
pcre3 (2:8.35-4) experimental; urgency=medium
[ Mattia Rizzolo ]
* Add a libpcre16-3 package with the 16 bit pcre16 library (Closes: 748781).
* Add a libpcre32-3 package with the 32 bit pcre32 library.
[ Matthew Vernon ]
* Adopt this package (Closes: #772994)
pcre3 (2:8.35-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Upstream patch for heap buffer overflow, CVE-2014-8964, taken from
1:8.36-1 (Closes: #770478)
Thanks to Salvatore Bonaccorso for the reminder.
pcre3 (2:8.35-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Update shlibs dependency to 1:8.35 for new symbol introduced in upstream
version 8.35 (Closes: #767907)
* Revert upload of upstream version 8.36 to allow this upload to migrate to
jessie.
pcre3 (1:8.36-1) unstable; urgency=medium
* New upstream release
* Upped shlibs dependency to 8.35 (Closes: #767903)
* Upstream patch for heap buffer overflow, CVE-2014-8964 (Closes: #770478)
pcre3 (1:8.35-3.2) unstable; urgency=low
* Non-maintainer upload with maintainer permission.
* Disable JIT on x32 and powerpcspe (Closes: #760327).
Thanks to Simon McVittie for all of the work on this:
* Run tests with VERBOSE=1 so we can see the logs for failing tests
(Closes: #755052)
* Apply part of upstream r1472 to fix undefined behaviour when parsing
{n} or {m,n} quantifiers, which causes mis-parsing and test failures
under gcc 4.9 (Closes: #751828)
pcre3 (1:8.35-2) unstable; urgency=medium
* Build-depends on auto-reconf (Closes: 754540)
pcre3 (1:8.35-1) unstable; urgency=medium
* New upstream release
* Use dh-autoreconf
* Disable JIT on ppc64el (Closes: 751390) (Thanks Erwan Prioul)
pcre3 (1:8.31-5) unstable; urgency=medium
* Previous attempt at detecting JIT support didn't work when cross
compiling. Now runs the host compiler, and doesn't try to run the
output (Closes: 745222)
pcre3 (1:8.31-4) unstable; urgency=medium
* Enable JIT compilation only on architectures where it is supported -
fixes FTBFS on ones where it isn't (Closes: 745114)
* Verbose build logs (Closes: 745069)
pcre3 (1:8.31-3) unstable; urgency=medium
* Enable JIT regex compilation (http://sljit.sourceforge.net/pcre).
Note that this has no effect by default so should not break anything;
to use it you need to pass a flag to pcre_compile_regex()
(Closes: 740954)
* Changed shlibs:Depends to 8.20 as pcre_free_study() is not in older
versions (Closes: 743164)
pcre3 (1:8.31-2) unstable; urgency=low
* Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu
for the patch (Closes: 696217)
pcre3 (1:8.31-1) unstable; urgency=low
* New upstream release
* Applied patch from upstream bugzilla #1287 to fix bug where wrong
value is in re_nsub in some cases (Closes: #686495)
pcre3 (1:8.30-5) unstable; urgency=low
* There is no use in including debug information for the libraries from
the udeb in the debug package; more importantly, because the
installation system isn't multiarch, if they are included they result
in arch specific files in arch independent paths (debug package is
Multi-arch:same). Removed. (Closes: #670018)
pcre3 (1:8.30-4) unstable; urgency=low
* Reluctantly using an epoch, as it seems the funny version number with
extra dots causes problems
* Bumped standard version to 3.9.3. No changes needed
* Converted to use new source format / quilt
* Put back obsolete pcre_info() API that up
* Don't include pcregrep binary in debug package
Thanks to Elimar Riesebieter for the conversion to the new source format.
This bug was fixed in the package pcre3 - 2:8.39-12~18.10
---------------
pcre3 (2:8.39-12~18.10) cosmic-proposed; urgency=medium
* SRU: LP: #1823667.
pcre3 (2:8.39-12) unstable; urgency=medium
* Patch from Andrej Shadura <email address hidden> to mark one
more STL symbol as optional (Closes: #923743).
pcre3 (2:8.39-11) unstable; urgency=medium
[ Matthias Klose ]
* Mark 2 STL symbols as optional (Closes: #904008)
[ Matthew Vernon ]
* Bump debian/compat to 11 (Closes: #646973)
* Fixes to debian/rules so package builds with dh compat 11
pcre3 (2:8.39-10) unstable; urgency=high
* Update symbols file (Closes: #897834
pcre3 (2:8.39-9) unstable; urgency=medium
* Update symbols file (Closes: #888921)
pcre3 (2:8.39-8) unstable; urgency=medium
* drive ulimit correctly (Closes: #876299)
pcre3 (2:8.39-7) unstable; urgency=low
* increase stack limit before running tests (Closes: #876299)
pcre3 (2:8.39-6) unstable; urgency=medium
* patch from Sergei from MariaDB (via Ondřej Surý) to fix stack frame
size detection (Closes: #878107, #876299)
pcre3 (2:8.39-5) unstable; urgency=medium
* patch from Katsuhiko Nishimra to symbols file to fix FTBFS with gcc7
(Closes: #876046, #853606)
pcre3 (2:8.39-4) unstable; urgency=low
* Remove now-deprecated Pre-Depends on multiarch-support (not needed
since jessie) (Closes: #865987)
pcre3 (2:8.39-3) unstable; urgency=high
* CVE-2017-7186: invalid Unicode property lookup may cause denial of
service (Closes: #858238)
pcre3 (2:8.39-2.1) unstable; urgency=high
* Non-maintainer upload.
* CVE-2017-6004: crafted regular expression may cause denial of service
(Closes: #855405)
pcre3 (2:8.39-2) unstable; urgency=low
* Update symbols file to reflect compilation with gcc6 (Closes: #811969)
pcre3 (2:8.39-1) unstable; urgency=medium
[ Ian Jackson ]
* New upstream version (Closes: #832354).
- Drop CVE-2016-1283.patch (now in upstream).
- Adjusted sonames: bumped each minor number where upstream
bumped theirs.
[ Matthew Vernon ]
* Add notes encouraging people to move to pcre2
pcre3 (2:8.38-3.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2016-1283: heap buffer overflow in handling of duplicate named
groups (Closes: #809706)
pcre3 (2:8.38-3) unstable; urgency=low
* Apply Ubuntu patch from Iain Lane (modified by Graham Inggs) to add
symbols files (Closes: #767374)
pcre3 (2:8.38-2) unstable; urgency=low
* Apply upstream patch to fix workspace overflow for (*ACCEPT) with
deeply nested parentheses (Closes: #815921)
pcre3 (2:8.38-1) unstable; urgency=low
* New upstream version
pcre3 (2:8.35-8) unstable; urgency=low
* Remove conflicts with long-vanished pcre{1,2}-dev packages (so new PCRE2 packages can co-exist)
pcre3 (2:8.35-7.4) unstable; urgency=medium
* Non-maintainer upload. JIT_on_ sparc64. patch.
* Fix copy-and-paste error in Disable_
pcre3 (2:8.35-7.3) unstable; urgency=medium
* Non-maintainer upload. JIT_on_ sparc64. patch to disable JIT on sparc64. The patch jit_x32_ powerpcspe. patch to disable JIT on powerpcspe was already
* Add Disable_
no_
added in 2:8.35-6 (Closes: #765079).
pcre3 (2:8.35-7.2) unstable; urgency=low
* Non-maintainer upload (with maintainer's permission). crash-misbehavi our-for- zero-repeated- gr.patch. time-loop- for-recursive- reference- within. patch. information- disclosure. patch. compile- for-groups- like-2- 0-1999. patch. compilation- for-patterns- like-1- 1-with- forwa.patch. overflow- for-named- recursive- back-referen. patch. regex() . (Closes: #787433)
* Add Fix-compiler-
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_
pcre3 (2:8.35-7.1) unstable; urgency=medium
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
pcre3 (2:8.35-7) unstable; urgency=medium
* Apply upstream patch to fix buffer overflow for forward reference
within backward assertion with excess closing parenthesis
(Closes: #790000)
pcre3 (2:8.35-6) unstable; urgency=low
[ Thorsten Glaser ]
* Re-add patch disabling JIT on powerpcspe and x32 (Closes: #760327)
* Add back missing debian/changelog entries for 1:8.35-3.2 and 1:8.36-1
pcre3 (2:8.35-5) unstable; urgency=low
* re-enable jit on ppc64el (by dropping the patch that disables it)
(Closes: #786530)
* patch from Frederic Bonnard to fix the watch file (Closes: #785726)
pcre3 (2:8.35-4) experimental; urgency=medium
[ Mattia Rizzolo ]
* Add a libpcre16-3 package with the 16 bit pcre16 library (Closes: 748781).
* Add a libpcre32-3 package with the 32 bit pcre32 library.
[ Matthew Vernon ]
* Adopt this package (Closes: #772994)
pcre3 (2:8.35-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Upstream patch for heap buffer overflow, CVE-2014-8964, taken from
1:8.36-1 (Closes: #770478)
Thanks to Salvatore Bonaccorso for the reminder.
pcre3 (2:8.35-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Update shlibs dependency to 1:8.35 for new symbol introduced in upstream
version 8.35 (Closes: #767907)
* Revert upload of upstream version 8.36 to allow this upload to migrate to
jessie.
pcre3 (1:8.36-1) unstable; urgency=medium
* New upstream release
* Upped shlibs dependency to 8.35 (Closes: #767903)
* Upstream patch for heap buffer overflow, CVE-2014-8964 (Closes: #770478)
pcre3 (1:8.35-3.2) unstable; urgency=low
* Non-maintainer upload with maintainer permission.
* Disable JIT on x32 and powerpcspe (Closes: #760327).
pcre3 (1:8.35-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Enable build hardening flags (closes: #656008).
pcre3 (1:8.35-3) unstable; urgency=medium
Thanks to Simon McVittie for all of the work on this:
* Run tests with VERBOSE=1 so we can see the logs for failing tests
(Closes: #755052)
* Apply part of upstream r1472 to fix undefined behaviour when parsing
{n} or {m,n} quantifiers, which causes mis-parsing and test failures
under gcc 4.9 (Closes: #751828)
pcre3 (1:8.35-2) unstable; urgency=medium
* Build-depends on auto-reconf (Closes: 754540)
pcre3 (1:8.35-1) unstable; urgency=medium
* New upstream release
* Use dh-autoreconf
* Disable JIT on ppc64el (Closes: 751390) (Thanks Erwan Prioul)
pcre3 (1:8.31-5) unstable; urgency=medium
* Previous attempt at detecting JIT support didn't work when cross
compiling. Now runs the host compiler, and doesn't try to run the
output (Closes: 745222)
pcre3 (1:8.31-4) unstable; urgency=medium
* Enable JIT compilation only on architectures where it is supported -
fixes FTBFS on ones where it isn't (Closes: 745114)
* Verbose build logs (Closes: 745069)
pcre3 (1:8.31-3) unstable; urgency=medium
* Enable JIT regex compilation (http:// sljit.sourcefor ge.net/ pcre). regex()
Note that this has no effect by default so should not break anything;
to use it you need to pass a flag to pcre_compile_
(Closes: 740954)
* Changed shlibs:Depends to 8.20 as pcre_free_study() is not in older
versions (Closes: 743164)
pcre3 (1:8.31-2) unstable; urgency=low
* Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu
for the patch (Closes: 696217)
pcre3 (1:8.31-1) unstable; urgency=low
* New upstream release
* Applied patch from upstream bugzilla #1287 to fix bug where wrong
value is in re_nsub in some cases (Closes: #686495)
pcre3 (1:8.30-5) unstable; urgency=low
* There is no use in including debug information for the libraries from arch:same) . Removed. (Closes: #670018)
the udeb in the debug package; more importantly, because the
installation system isn't multiarch, if they are included they result
in arch specific files in arch independent paths (debug package is
Multi-
pcre3 (1:8.30-4) unstable; urgency=low
* Reluctantly using an epoch, as it seems the funny version number with
extra dots causes problems
* Bumped standard version to 3.9.3. No changes needed
* Converted to use new source format / quilt
* Put back obsolete pcre_info() API that up
* Don't include pcregrep binary in debug package
Thanks to Elimar Riesebieter for the conversion to the new source format.
-- Matthias Klose <email address hidden> Mon, 08 Apr 2019 14:41:46 +0200