libsdl2-image (2.0.4+dfsg1-1+deb10u1) buster; urgency=medium * Non-maintainer upload. * Multiple security issues (Closes: #932754): - CVE-2019-5058: buffer overflow in do_layer_surface (IMG_xcf.c). - CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. - CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). - CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). -- Hugo Lefeuvre Fri, 26 Jul 2019 17:01:14 -0300 libsdl2-image (2.0.4+dfsg1-1) unstable; urgency=medium * New upstream version. * Drop CVE-2018-3977.patch, applied upstream. * Verify signature of upstream tarball. -- Felix Geyer Sun, 03 Feb 2019 11:59:26 +0100 libsdl2-image (2.0.3+dfsg1-3) unstable; urgency=high * Non-maintainer upload with permission of maintainers. * CVE-2018-3977: Prevent a potential buffer overflow on a corrupt or maliciously-crafted XCF file. (Closes: #912617) -- Chris Lamb Sun, 04 Nov 2018 23:34:39 +0000 libsdl2-image (2.0.3+dfsg1-2) unstable; urgency=medium [ Manuel A. Fernandez Montecelo ] * Bump Policy Standards-Version to 4.2.1 (no changes needed) * d/watch: - Set to version=4 - Update +dsfg mangling to correctly detect upstream version * Switch to debhelper compat level v11 * d/copyright: use https in format URL * d/control: Set "Rules-Requires-Root: no" -- Chris Lamb Sun, 04 Nov 2018 23:34:37 +0000 libsdl2-image (2.0.3+dfsg1-1) unstable; urgency=medium * New upstream release, fixing various security issues: - CVE-2017-12122 - CVE-2017-14440 - CVE-2017-14441 - CVE-2017-14442 - CVE-2017-14448 - CVE-2017-14449 - CVE-2017-14450 * Requires libsdl2 >= 2.0.8 -- Felix Geyer Sun, 04 Mar 2018 15:50:05 +0100 libsdl2-image (2.0.2+dfsg1-1) unstable; urgency=medium * Team upload. * New upstream version 2.0.2+dfsg1. * Bump SHLIBVER, as INTERFACE_AGE has been reset in configure.in. * Remove patches backported from upstream. * Fix shlib symlink. * Move the dbgsym-migration parameter to the dh_strip call. -- Fabian Greffrath Fri, 10 Nov 2017 13:46:09 +0100 libsdl2-image (2.0.1+dfsg-4) unstable; urgency=medium [ Manuel A. Fernandez Montecelo ] * d/copyright: Fix missing "General" in LGPL license [ Felix Geyer ] * Fix CVE-2017-2887: buffer overflow in the XCF property handling. (Closes: #878266) -- Felix Geyer Wed, 18 Oct 2017 22:09:02 +0200 libsdl2-image (2.0.1+dfsg-3) unstable; urgency=medium * Bump Policy Standards-Version to 4.0.0 (no changes needed) * Update Vcs-* URLs * Switch to debhelper compat level v10 - dh flags --parallel are not needed - autoreconf is invoked by default * Use automatic dbgsym packages, drop -dbg -- Manuel A. Fernandez Montecelo Mon, 31 Jul 2017 23:43:58 +0200 libsdl2-image (2.0.1+dfsg-2) unstable; urgency=low * Team upload. * d/rules: Update shlib and .so symlink to the current version -- Gianfranco Costamagna Wed, 27 Jan 2016 09:34:58 +0100 libsdl2-image (2.0.1+dfsg-1) unstable; urgency=low * Team upload. [ Manuel A. Fernandez Montecelo ] * Build-Depends on pkg-config * Bump Policy Standards-Version to 3.9.6 (no changes needed) [ Gianfranco Costamagna ] * New upstream release (Closes: #812620). * Use Files-Excluded copyright keyword to exclude autogenerated files from tarball. * Remove patch about big endian build fix, it should be fixed upstream. -- Gianfranco Costamagna Mon, 25 Jan 2016 10:12:59 +0100 libsdl2-image (2.0.0+dfsg-3) unstable; urgency=low * Really regenerate autoconf files. The upstream autogen.sh doesn't work properly. Thanks to Pino Toscano for the patch. - Fixes FTBFS on hurd. -- Felix Geyer Sun, 08 Sep 2013 11:16:14 +0200 libsdl2-image (2.0.0+dfsg-2) unstable; urgency=low * Tighten libsdl2-dev dependency to 2.0.0 and bump the shlibver to 2.0.0, thanks to Gianfranco Costamagna for the patch. * Fix FTBFS on big endian architectures. - Add fix_ftbfs_big_endian.patch -- Felix Geyer Sun, 25 Aug 2013 11:26:16 +0200 libsdl2-image (2.0.0+dfsg-1) unstable; urgency=low * New upstream release. * Add a watch file. * Remove external/ from upstream tarball. * Document miniz.h license in debian/copyright. -- Felix Geyer Wed, 21 Aug 2013 09:44:44 +0200 libsdl2-image (2.0.0~rc1+dfsg-1) unstable; urgency=low * Initial release. (Closes: #710698) * Filter upstream tarball to remove precompiled binaries that don't ship with the corresponding source code. -- Felix Geyer Fri, 12 Jul 2013 17:38:44 +0200