1. 11 Sep, 2019 8 commits
  2. 20 Jan, 2010 1 commit
    • Bdale Garbee's avatar
      Import Debian changes 1.3.12-9 · 4aaab4ae
      Bdale Garbee authored
      gzip (1.3.12-9) unstable; urgency=high
        * fix applied for CVE-2010-0001 which identified an integer underflow when 
          decompressing files that are compressed using the LZW algorithm. This 
          could lead to the execution of arbitrary code when trying to decompress 
          a crafted LZW compressed gzip archive.
        * switch to using dh_lintian for override delivery
      gzip (1.3.12-8) unstable; urgency=low
        * Add Carl Worth as an uploader.
        * Fix "-f -" to work with zgrep, closes: #168606 
        * Avoid creating undersized hufts table, closes: #507263 
      gzip (1.3.12-7) unstable; urgency=low
        * improve package descriptions, remove ancient package relationship spec
          in control file, closes: #484547
      gzip (1.3.12-6) unstable; urgency=low
        * strip the win32 gzip.exe binary during install, closes: #464455
        * patch from Reuben Thomas for the zless.1 man page with pointers to 
          lessfile and lesspipe, which are a better solution than zless in most
          cases... closes: #46787, #51162
        * fix FTBFS when using gcc-4.3, closes: #476031
        * remove the preinst since the --assert-support-predepends check should
          no longer be necessary
      gzip (1.3.12-5) unstable; urgency=low
        * patch for zgrep.in from Daniel Kobras, closes: #434429
        * patch from upstream to fix compilation with mingw32, and patch from
          Robert Millan to build a win32 executable if mingw32 is available, all
          to fix a preseeding problem in the win32-loader for Debian Installer.
          closes: #457867
      gzip (1.3.12-4) unstable; urgency=low
        * incorporate diffs from NMUs, closes: #434275, #433845, #438675
        * define UNALIGNED_OK when building for amd64, closes: #386356
      gzip (1.3.12-3.2) unstable; urgency=low
        * Non-maintainer upload.
        * Stop zdiff from dropping cmp's output. Patch thanks to Jorg-Volker Peetz
          (Closes: Bug#434275)
      gzip (1.3.12-3.1) unstable; urgency=medium
        * Non-maintainer upload.
        * Rename futimens to gz_futimens, since glibc now defines an futimens
          function with a different prototype.  Closes: #433845.
        * Urgency medium for the RC bug fix.
      gzip (1.3.12-3) unstable; urgency=low
        * fix bindir so gunzip, et al, work again, closes: #429462
      gzip (1.3.12-2) unstable; urgency=low
        * fix typo in gzip fprintf, closes: #426965
        * revert my zgrep.in patch since upstream handles alternates differently now
      gzip (1.3.12-1) unstable; urgency=low
        * new upstream version, closes: #177942, #225864, #362786, #366660, #367400, 
          #383358, #402042, #404099, #404114, #419895
        * fix delivery of upstream ChangeLog, closes: #404062
      gzip (1.3.9-2) unstable; urgency=low
        * change direntry ordering in gzip.texi to work around bug in install-info,
          closes: #404048
      gzip (1.3.9-1) unstable; urgency=low
        * new upstream version, closes: #366660, #403308
        * clean up a few gratuitous differences from new upstream, leaving
          only the rsyncable patch and tweaks like zmore always using more
        * fix spelling error in documentation, closes: #395450
        * upstream patch for regression uncompressing null input, closes: #403970
      gzip (1.3.5-15) unstable; urgency=high
        * security update, covering the following alerts:
          CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338
      gzip (1.3.5-14) unstable; urgency=medium
        * update section to match override
        * patch from Matthew Chapman to avoid deleting input file before we're
          sure the output file has been written without errors, closes: #366660
        * patch from Reuben Thomas to fix zgrep return code, 
          closes: #292896, #192891, #190442
        * enable gzexe compressed files to work on systems where tempfile is not
          available while retaining preference for tempfile, closes: #334540
      gzip (1.3.5-13) unstable; urgency=low
        * patch from Reuben Thomas fixes problem passing zgrep filenames starting
          with dashes, closes: #342501
        * fix a spelling error in gzip man page, closes: #356011
        * document the fact that zless doesn't work with stdin, 
          closes: #320226, #345036
      gzip (1.3.5-12) unstable; urgency=low
        * merge patch from Matt Zimmerman for futex hang due to improper signal
          handling, closes: #310053, #315612
        * merge patch to add --rsyncable to the man page, closes: #289616, #295721
        * don't return failing result code on harmless warning, closes: #169669
      gzip (1.3.5-11) unstable; urgency=low
        * patch from Peter Samuelson for bashism in zgrep, 
          closes: #314342, #314211, #312380, #310329
      gzip (1.3.5-10) unstable; urgency=medium
        * remove PAGER reference from zmore.1, closes: #263792
        * patch to improve zgrep argument sanitizing (CAN-2005-0758),
          closes: #308379
        * patch isolated by Petter Reinholdtsen for CAN-2005-0988, closes: #303927
        * patch for dir traversal bug (CAN-2005-1228), closes: #305255
        * up the priority a click because of the security fixes
        * patch to support cross building, closes: #283730
      gzip (1.3.5-9) unstable; urgency=low
        * eliminate the autoconf and automake build dependencies, since they are
          no longer needed, closes: #250766
        * improve temp file usage in gzexe, closes: #257314, #259043
        * have zmore use 'more' instead of honoring $PAGER, to avoid violating 
          the principle of least astonishment, closes: #234212
        * fix zgrep choke on filenames including a pipe character, closes: #216211
        * incorporate watch file, closes: #248722
        * suggest less, since we provide zless, closes: #217925
        * use signames instead of signumbers for trap calls, closes: #259284
      gzip (1.3.5-8) unstable; urgency=low
        * run autoreconf -i to address problem reported with dir.old.gz being
          included on rebuilds, closes: #249519
        * change automake build dependency from automake1.7 to automaken
        * add lintian overrides to squelch the hardlink warnings
        * fix typo in inflate.c comments, closes: #201881
      gzip (1.3.5-7) unstable; urgency=low
        * patch from David Mosberger to incorporate work done by Sverre Jarp on
          an ia64 version of match.c content.
      gzip (1.3.5-6) unstable; urgency=medium
        * patch for insecure temp file usage in znew, closes: #193375
      gzip (1.3.5-5) unstable; urgency=low
        * apply patch from Anthony Towns that fixes seg faults on alpha during
          build of Xfree86 at the expense of slightly decreasing the effectiveness
          of the deflate implementation.  closes: #184057, #187417
      gzip (1.3.5-4) unstable; urgency=low
        * merge patch from Rusty Russell that adds --rsyncable option to gzip.  
          This modifies the output stream to allow rsync to transfer updated .gz 
          files much more effectively.  The resulting .gz files should be compatible
          with the existing gunzip.  The plan is that if this works out well for 
          Debian, the functionality will be included in a future upstream gzip 
          release.  Closes: #116183, #118118, #134741
      gzip (1.3.5-3) unstable; urgency=low
        * upload a fresh version so m68k, et al, will rebuild, closes: #167790
      gzip (1.3.5-2) unstable; urgency=low
        * fix gzexe.in again as per what I did for 1.3.2-3 that accidentally got
          lost when I merged 1.3.5 from upstream... sigh.  Closes: #167150
        * hack on gzip.texi a little harder to squelch warning at install time from
          Debian's install-info, closes: #164106
      gzip (1.3.5-1) unstable; urgency=low
        * new upstream version
        * fixes a bug in the incorrect-suffix diagnostic, which can lead to a 
          core dump, closes: #152579
        * removes dangling output symlinks properly, closes: #144759
        * zless no longer thinks it is zmore in usage message, closes: #121810
        * zless replaced with a much simpler script, closes: #124097
        * uses shell pattern matching instead of 'expr', closes: #123295
        * man page suggests how to use gunzip on zip files, closes: #146019
        * uses "trap -" to avoid bashism, closes: #140972, #157111
        * accepts __i386 and __i386__ as synonyms for i386, closes: #152694
        * fixes printing values greater than 10 * 2**32 bytes, closes: #141189
        * includes fix for zforce needing -v, closes: #123294
        * hack gzip.texi so that the Debian install-info doesn't choke on it (grrr),
          and add texinfo as a build dependency
        * eliminate things hard-coded in postinst and prerm now handled by debhelper
      gzip (1.3.2-3) unstable; urgency=low
        * modify gzexe.in to hard-code /bin/gzip instead of trying to use BINDIR
          which yields /usr/bin/gzip.  Don't use PATH since we have no idea what it
          might be when the gzexe'd executable gets run.  Closes: #119641
      gzip (1.3.2-2) unstable; urgency=low
        * fix silly mistake made when moving man pages from hard to soft links, so
          man pages for zegrep, zfgrep, and uncompress work again, closes: #118325
      gzip (1.3.2-1) unstable; urgency=low
        * new upstream release, incorporating my diffs to 1.3.1
      gzip (1.3.1-2) unstable; urgency=low
        * add build dependencies on autoconf and automake
        * fix infodir spec so we install in the build tree, not the system directory
      gzip (1.3.1-1) unstable; urgency=low
        * new upstream version!  From alpha.gnu.org, on the explicit advice of the 
          current upstream maintainers, who are working with Debian to prepare a new
          stable release that addresses many of the open issues in our BTS.  
          large file support handled in configure, closes: #108612, #83061, #113000
          it appears the subtle problem with concatenation is fixed, closes: #114591
          various segfault problems appear fixed, closes: #46312
          gzip -r issues fixed, closes: #53645, #106186
          problem with --no-filename option fixed, closes: #59067
          zgrep -r disallowed - "I did not use the patch as it was not a complete 
          . fix for the problem and I thought it would cause more problems than
          . it would cure.  Instead, I simply disallowed zgrep -r", closes: #81288
          error message reworded, closes: #76238
          compression factor output fixed, closes: #80362
          zgrep -H fixed, closes: #84371
          permission issue when forced to compress linked file fixed, closes: #88918
          manpage hardlinks fixed, closes: #94733
          gzip --help now goes to stdout, closes: #97020
          zless no longer runs less if file doesn't exist, closes: #109097
          problem with -best fixed, closes: #17650
          zgrep now understands --, closes: #28475
          file size output by gzip fixed for large files, closes: #40721
        * fix location referenced for GPL on Debian systems, closes: #112095
        * move install-info remove call from from postrm to prerm
      gzip (1.2.4-33) unstable; urgency=low
        * update to current policy
      gzip (1.2.4-32) unstable; urgency=low
        * update prototype for and definition of basename function for compatibility
          with glibc2.0, still in use on m68k.  Closes: #45058
      gzip (1.2.4-31) unstable; urgency=medium
        * fix problems I induced while merging the upstream patch in the last upload,
          most notably omitting zless from the package. 
          Closes: #44883, #44885, #44890, #44882, #44887, #44895, #44896
      gzip (1.2.4-30) unstable; urgency=low
        * upstream patch, closes: #28872
            1998-11-18  Paul Eggert  <eggert@twinsun.com>
            gzip.c (get_method): Don't complain about trailing zeros at
            the end of a gzipped file, as they're commonly appended to fill
            out a block (e.g. by GNU tar).
        * update to FHS compliance
      gzip (1.2.4-29) unstable; urgency=low
        * apply patch from Vincent Renardias that improves behavior when trying to
          decompress a corrupted .gz file.  Closes 7472, 16385
      gzip (1.2.4-28) frozen unstable; urgency=medium
        * patch zforce to make it work at all, closes 22760
        * patch to fix decompression of concatenated gzip files, closes 30537
      gzip (1.2.4-27) frozen unstable; urgency=low
        * patch from Jean-loup (upstream maintainer) for zgrep.in to fix the
          problems with -A and -B successfully passing to grep.  Closes 21209.
      gzip (1.2.4-26) frozen unstable; urgency=low
        * fix FSF address in copyright file, lintian now reports no errors
        * minor tweak to Makefile to fix warnings during dh_installmanpages run
      gzip (1.2.4-25) frozen unstable; urgency=low
        * update znew.in and zdiff.in to do save tempfile handling, closes 19794
      gzip (1.2.4-24) unstable; urgency=low
        * minor fix for complaints about short files, closes 19159
      gzip (1.2.4-23) unstable; urgency=high
        * respond to security advisory from Alan Cox via Christian Hudon, fixes
          an obscure possibility to get gzip to execute code
      gzip (1.2.4-22) unstable; urgency=high
        * gzexe modified to use tempfile in response to security advisory
      gzip (1.2.4-21) unstable; urgency=low
        * fix from the upstream maintainer for voluminous "Broken Pipe" messages
          when using 'zgrep -l' or equivalent.  Closes bug 15178.
      gzip (1.2.4-20) unstable; urgency=low
        * freshen rules file to match current debhelper
        * improve handling of undocumented executables.  Closes bug 13578.
      gzip (1.2.4-19) unstable; urgency=low
        * change dependency to Pre-Depends, to keep dpkg from getting hosed during
          libc6 upgrades.  Closes 15091.
        * switch from debmake to debhelper.  In the process, closes 15412.
      gzip (1.2.4-18) unstable; urgency=low
        * don't install INSTALL in the doc directory, closes bug 13224.
      gzip (1.2.4-17) unstable; urgency=low
        * fix distribution problem in changelog file
      gzip (1.2.4-16) stable frozen unstable; urgency=low
        * libc6
        * tweaks to rules file to install Changelog, closes bug 12488
      gzip (1.2.4-15) stable frozen unstable; urgency=low
        * fix minor security issue - race condition reported on bugtraq list
        * rework debian/rules to build with debugging then strip
      gzip (1.2.4-14) stable frozen unstable; urgency=medium
        * The -13 upload was built against a libc5 too new for 'stable'.  
      gzip (1.2.4-13) stable frozen unstable; urgency=medium
        * Fix missing "essential" flag on package, lost during standards update.
        * Push this version back into stable to solve the 'compress' link problem.
      gzip (1.2.4-12) unstable; urgency=low
        * New packag format.
  3. 11 Sep, 2019 1 commit