Skip to content
  • Bdale Garbee's avatar
    Import Debian changes 1.3.12-9 · 4aaab4ae
    Bdale Garbee authored
    gzip (1.3.12-9) unstable; urgency=high
    
      * fix applied for CVE-2010-0001 which identified an integer underflow when 
        decompressing files that are compressed using the LZW algorithm. This 
        could lead to the execution of arbitrary code when trying to decompress 
        a crafted LZW compressed gzip archive.
      * switch to using dh_lintian for override delivery
    
    gzip (1.3.12-8) unstable; urgency=low
    
      * Add Carl Worth as an uploader.
      * Fix "-f -" to work with zgrep, closes: #168606 
      * Avoid creating undersized hufts table, closes: #507263 
    
    gzip (1.3.12-7) unstable; urgency=low
    
      * improve package descriptions, remove ancient package relationship spec
        in control file, closes: #484547
    
    gzip (1.3.12-6) unstable; urgency=low
    
      * strip the win32 gzip.exe binary during install, closes: #464455
      * patch from Reuben Thomas for the zless.1 man page with pointers to 
        lessfile and lesspipe, which are a better solution than zless in most
        cases... closes: #46787, #51162
      * fix FTBFS when using gcc-4.3, closes: #476031
      * remove the preinst since the --assert-support-predepends check should
        no longer be necessary
    
    gzip (1.3.12-5) unstable; urgency=low
    
      * patch for zgrep.in from Daniel Kobras, closes: #434429
      * patch from upstream to fix compilation with mingw32, and patch from
        Robert Millan to build a win32 executable if mingw32 is available, all
        to fix a preseeding problem in the win32-loader for Debian Installer.
        closes: #457867
    
    gzip (1.3.12-4) unstable; urgency=low
    
      * incorporate diffs from NMUs, closes: #434275, #433845, #438675
      * define UNALIGNED_OK when building for amd64, closes: #386356
    
    gzip (1.3.12-3.2) unstable; urgency=low
    
      * Non-maintainer upload.
      * Stop zdiff from dropping cmp's output. Patch thanks to Jorg-Volker Peetz
        (Closes: Bug#434275)
    
    gzip (1.3.12-3.1) unstable; urgency=medium
    
      * Non-maintainer upload.
      * Rename futimens to gz_futimens, since glibc now defines an futimens
        function with a different prototype.  Closes: #433845.
      * Urgency medium for the RC bug fix.
    
    gzip (1.3.12-3) unstable; urgency=low
    
      * fix bindir so gunzip, et al, work again, closes: #429462
    
    gzip (1.3.12-2) unstable; urgency=low
    
      * fix typo in gzip fprintf, closes: #426965
      * revert my zgrep.in patch since upstream handles alternates differently now
    
    gzip (1.3.12-1) unstable; urgency=low
    
      * new upstream version, closes: #177942, #225864, #362786, #366660, #367400, 
        #383358, #402042, #404099, #404114, #419895
      * fix delivery of upstream ChangeLog, closes: #404062
    
    gzip (1.3.9-2) unstable; urgency=low
    
      * change direntry ordering in gzip.texi to work around bug in install-info,
        closes: #404048
    
    gzip (1.3.9-1) unstable; urgency=low
    
      * new upstream version, closes: #366660, #403308
      * clean up a few gratuitous differences from new upstream, leaving
        only the rsyncable patch and tweaks like zmore always using more
      * fix spelling error in documentation, closes: #395450
      * upstream patch for regression uncompressing null input, closes: #403970
    
    gzip (1.3.5-15) unstable; urgency=high
    
      * security update, covering the following alerts:
        CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338
    
    gzip (1.3.5-14) unstable; urgency=medium
    
      * update section to match override
      * patch from Matthew Chapman to avoid deleting input file before we're
        sure the output file has been written without errors, closes: #366660
      * patch from Reuben Thomas to fix zgrep return code, 
        closes: #292896, #192891, #190442
      * enable gzexe compressed files to work on systems where tempfile is not
        available while retaining preference for tempfile, closes: #334540
    
    gzip (1.3.5-13) unstable; urgency=low
    
      * patch from Reuben Thomas fixes problem passing zgrep filenames starting
        with dashes, closes: #342501
      * fix a spelling error in gzip man page, closes: #356011
      * document the fact that zless doesn't work with stdin, 
        closes: #320226, #345036
    
    gzip (1.3.5-12) unstable; urgency=low
    
      * merge patch from Matt Zimmerman for futex hang due to improper signal
        handling, closes: #310053, #315612
      * merge patch to add --rsyncable to the man page, closes: #289616, #295721
      * don't return failing result code on harmless warning, closes: #169669
    
    gzip (1.3.5-11) unstable; urgency=low
    
      * patch from Peter Samuelson for bashism in zgrep, 
        closes: #314342, #314211, #312380, #310329
    
    gzip (1.3.5-10) unstable; urgency=medium
    
      * remove PAGER reference from zmore.1, closes: #263792
      * patch to improve zgrep argument sanitizing (CAN-2005-0758),
        closes: #308379
      * patch isolated by Petter Reinholdtsen for CAN-2005-0988, closes: #303927
      * patch for dir traversal bug (CAN-2005-1228), closes: #305255
      * up the priority a click because of the security fixes
      * patch to support cross building, closes: #283730
    
    gzip (1.3.5-9) unstable; urgency=low
    
      * eliminate the autoconf and automake build dependencies, since they are
        no longer needed, closes: #250766
      * improve temp file usage in gzexe, closes: #257314, #259043
      * have zmore use 'more' instead of honoring $PAGER, to avoid violating 
        the principle of least astonishment, closes: #234212
      * fix zgrep choke on filenames including a pipe character, closes: #216211
      * incorporate watch file, closes: #248722
      * suggest less, since we provide zless, closes: #217925
      * use signames instead of signumbers for trap calls, closes: #259284
    
    gzip (1.3.5-8) unstable; urgency=low
    
      * run autoreconf -i to address problem reported with dir.old.gz being
        included on rebuilds, closes: #249519
      * change automake build dependency from automake1.7 to automaken
      * add lintian overrides to squelch the hardlink warnings
      * fix typo in inflate.c comments, closes: #201881
    
    gzip (1.3.5-7) unstable; urgency=low
    
      * patch from David Mosberger to incorporate work done by Sverre Jarp on
        an ia64 version of match.c content.
    
    gzip (1.3.5-6) unstable; urgency=medium
    
      * patch for insecure temp file usage in znew, closes: #193375
    
    gzip (1.3.5-5) unstable; urgency=low
    
      * apply patch from Anthony Towns that fixes seg faults on alpha during
        build of Xfree86 at the expense of slightly decreasing the effectiveness
        of the deflate implementation.  closes: #184057, #187417
    
    gzip (1.3.5-4) unstable; urgency=low
    
      * merge patch from Rusty Russell that adds --rsyncable option to gzip.  
        This modifies the output stream to allow rsync to transfer updated .gz 
        files much more effectively.  The resulting .gz files should be compatible
        with the existing gunzip.  The plan is that if this works out well for 
        Debian, the functionality will be included in a future upstream gzip 
        release.  Closes: #116183, #118118, #134741
    
    gzip (1.3.5-3) unstable; urgency=low
    
      * upload a fresh version so m68k, et al, will rebuild, closes: #167790
    
    gzip (1.3.5-2) unstable; urgency=low
    
      * fix gzexe.in again as per what I did for 1.3.2-3 that accidentally got
        lost when I merged 1.3.5 from upstream... sigh.  Closes: #167150
      * hack on gzip.texi a little harder to squelch warning at install time from
        Debian's install-info, closes: #164106
    
    gzip (1.3.5-1) unstable; urgency=low
    
      * new upstream version
      * fixes a bug in the incorrect-suffix diagnostic, which can lead to a 
        core dump, closes: #152579
      * removes dangling output symlinks properly, closes: #144759
      * zless no longer thinks it is zmore in usage message, closes: #121810
      * zless replaced with a much simpler script, closes: #124097
      * uses shell pattern matching instead of 'expr', closes: #123295
      * man page suggests how to use gunzip on zip files, closes: #146019
      * uses "trap -" to avoid bashism, closes: #140972, #157111
      * accepts __i386 and __i386__ as synonyms for i386, closes: #152694
      * fixes printing values greater than 10 * 2**32 bytes, closes: #141189
      * includes fix for zforce needing -v, closes: #123294
      * hack gzip.texi so that the Debian install-info doesn't choke on it (grrr),
        and add texinfo as a build dependency
      * eliminate things hard-coded in postinst and prerm now handled by debhelper
    
    gzip (1.3.2-3) unstable; urgency=low
    
      * modify gzexe.in to hard-code /bin/gzip instead of trying to use BINDIR
        which yields /usr/bin/gzip.  Don't use PATH since we have no idea what it
        might be when the gzexe'd executable gets run.  Closes: #119641
    
    gzip (1.3.2-2) unstable; urgency=low
    
      * fix silly mistake made when moving man pages from hard to soft links, so
        man pages for zegrep, zfgrep, and uncompress work again, closes: #118325
    
    gzip (1.3.2-1) unstable; urgency=low
    
      * new upstream release, incorporating my diffs to 1.3.1
    
    gzip (1.3.1-2) unstable; urgency=low
    
      * add build dependencies on autoconf and automake
      * fix infodir spec so we install in the build tree, not the system directory
    
    gzip (1.3.1-1) unstable; urgency=low
    
      * new upstream version!  From alpha.gnu.org, on the explicit advice of the 
        current upstream maintainers, who are working with Debian to prepare a new
        stable release that addresses many of the open issues in our BTS.  
        .
        large file support handled in configure, closes: #108612, #83061, #113000
        it appears the subtle problem with concatenation is fixed, closes: #114591
        various segfault problems appear fixed, closes: #46312
        gzip -r issues fixed, closes: #53645, #106186
        problem with --no-filename option fixed, closes: #59067
        zgrep -r disallowed - "I did not use the patch as it was not a complete 
        . fix for the problem and I thought it would cause more problems than
        . it would cure.  Instead, I simply disallowed zgrep -r", closes: #81288
        error message reworded, closes: #76238
        compression factor output fixed, closes: #80362
        zgrep -H fixed, closes: #84371
        permission issue when forced to compress linked file fixed, closes: #88918
        manpage hardlinks fixed, closes: #94733
        gzip --help now goes to stdout, closes: #97020
        zless no longer runs less if file doesn't exist, closes: #109097
        problem with -best fixed, closes: #17650
        zgrep now understands --, closes: #28475
        file size output by gzip fixed for large files, closes: #40721
      * fix location referenced for GPL on Debian systems, closes: #112095
      * move install-info remove call from from postrm to prerm
    
    gzip (1.2.4-33) unstable; urgency=low
    
      * update to current policy
    
    gzip (1.2.4-32) unstable; urgency=low
    
      * update prototype for and definition of basename function for compatibility
        with glibc2.0, still in use on m68k.  Closes: #45058
    
    gzip (1.2.4-31) unstable; urgency=medium
    
      * fix problems I induced while merging the upstream patch in the last upload,
        most notably omitting zless from the package. 
        Closes: #44883, #44885, #44890, #44882, #44887, #44895, #44896
    
    gzip (1.2.4-30) unstable; urgency=low
    
      * upstream patch, closes: #28872
          1998-11-18  Paul Eggert  <eggert@twinsun.com>
          gzip.c (get_method): Don't complain about trailing zeros at
          the end of a gzipped file, as they're commonly appended to fill
          out a block (e.g. by GNU tar).
      * update to FHS compliance
    
    gzip (1.2.4-29) unstable; urgency=low
    
      * apply patch from Vincent Renardias that improves behavior when trying to
        decompress a corrupted .gz file.  Closes 7472, 16385
    
    gzip (1.2.4-28) frozen unstable; urgency=medium
    
      * patch zforce to make it work at all, closes 22760
      * patch to fix decompression of concatenated gzip files, closes 30537
    
    gzip (1.2.4-27) frozen unstable; urgency=low
    
      * patch from Jean-loup (upstream maintainer) for zgrep.in to fix the
        problems with -A and -B successfully passing to grep.  Closes 21209.
    
    gzip (1.2.4-26) frozen unstable; urgency=low
    
      * fix FSF address in copyright file, lintian now reports no errors
      * minor tweak to Makefile to fix warnings during dh_installmanpages run
    
    gzip (1.2.4-25) frozen unstable; urgency=low
    
      * update znew.in and zdiff.in to do save tempfile handling, closes 19794
    
    gzip (1.2.4-24) unstable; urgency=low
    
      * minor fix for complaints about short files, closes 19159
    
    gzip (1.2.4-23) unstable; urgency=high
    
      * respond to security advisory from Alan Cox via Christian Hudon, fixes
        an obscure possibility to get gzip to execute code
    
    gzip (1.2.4-22) unstable; urgency=high
    
      * gzexe modified to use tempfile in response to security advisory
    
    gzip (1.2.4-21) unstable; urgency=low
    
      * fix from the upstream maintainer for voluminous "Broken Pipe" messages
        when using 'zgrep -l' or equivalent.  Closes bug 15178.
    
    gzip (1.2.4-20) unstable; urgency=low
    
      * freshen rules file to match current debhelper
      * improve handling of undocumented executables.  Closes bug 13578.
    
    gzip (1.2.4-19) unstable; urgency=low
    
      * change dependency to Pre-Depends, to keep dpkg from getting hosed during
        libc6 upgrades.  Closes 15091.
      * switch from debmake to debhelper.  In the process, closes 15412.
    
    gzip (1.2.4-18) unstable; urgency=low
    
      * don't install INSTALL in the doc directory, closes bug 13224.
    
    gzip (1.2.4-17) unstable; urgency=low
    
      * fix distribution problem in changelog file
    
    gzip (1.2.4-16) stable frozen unstable; urgency=low
    
      * libc6
      * tweaks to rules file to install Changelog, closes bug 12488
    
    gzip (1.2.4-15) stable frozen unstable; urgency=low
    
      * fix minor security issue - race condition reported on bugtraq list
      * rework debian/rules to build with debugging then strip
    
    gzip (1.2.4-14) stable frozen unstable; urgency=medium
    
      * The -13 upload was built against a libc5 too new for 'stable'.  
    
    gzip (1.2.4-13) stable frozen unstable; urgency=medium
    
      * Fix missing "essential" flag on package, lost during standards update.
      * Push this version back into stable to solve the 'compress' link problem.
    
    gzip (1.2.4-12) unstable; urgency=low
    
      * New packag format.
    4aaab4ae