Debian Package Tracker

From: Jörg Frings-Fürst <debian@jff.email>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libonig 6.9.4-1 (source) into unstable
Date: Sun, 22 Dec 2019 19:19:14 +0000
Signed by: Adam Borowski <kilobyte@angband.pl>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 22 Dec 2019 16:00:46 +0100
Source: libonig
Architecture: source
Version: 6.9.4-1
Distribution: unstable
Urgency: medium
Maintainer: Jörg Frings-Fürst <debian@jff.email>
Changed-By: Jörg Frings-Fürst <debian@jff.email>
Closes: 939988 944959 945312 945313
Changes:
 libonig (6.9.4-1) unstable; urgency=medium
 .
   * Neu upstream release.
     - Refresh symbols file and add Build-Depends-Package field.
     - Remove upstream applied patches:
       + 0105-CVE-2019-13224.patch
       + 0110-CVE-2019-13225.patch
     - Refresh debain/copyright.
     - Fixes CVE-2019-19204: heap-buffer-overflow in fetch_interval_quantifier
         due to double PFETCH (Closes: #945313).
     - Fixes CVE-2019-19203: heap-buffer-overflow in gb18030_mbc_enc_len
         (Closes: #945312).
     - Fixes CVE-2019-19012: Out of bounds read in mbc_to_code()
         (Closes: #944959).
     - Fixes CVE-2019-16163: Stack Exhaustion Problem (Closes: #939988).
     - Fixes CVE-2019-19246: heap-based buffer over-read in str_lower_case_match.
   * debian/watch:_Correct typo.
   * Declare compliance with Debian Policy 4.4.1.1 (No changes needed).
   * Switch to debhelper-compat:
     - debian/control: change to debhelper-compat (=12)
     - remove debian/compat
   * debian/control:
     - Add Rules-Requires-Root: no.
   * Remove outdated debian/NEWS.Debian.
Checksums-Sha1:
 53a3c4f640be1f82cdee2f729d89c8870ccfe4ec 1862 libonig_6.9.4-1.dsc
 4e91bc2f373a64788a2d2350ee34a1b424a1706d 582597 libonig_6.9.4.orig.tar.gz
 4de35cbdf9258e95feb01c552fb4989edde2d063 9376 libonig_6.9.4-1.debian.tar.xz
 b6ca94a337cda8671d3c75b4bab0d0740aa006a6 5758 libonig_6.9.4-1_source.buildinfo
Checksums-Sha256:
 77366a368d2427a81024f9237f88e503feaf566d23d6e84e078593ffb0ed6bea 1862 libonig_6.9.4-1.dsc
 aea68e5843b627f5fe6d3d6b598845b7f3622910e0568408e7cc2fa6b3690b87 582597 libonig_6.9.4.orig.tar.gz
 f458d7fd6cfb3676ebf8a8eada5020eecc940ad6ef9ce18fbfde224e765d37df 9376 libonig_6.9.4-1.debian.tar.xz
 bce2aabe56a5b4ed3d3a34e4b48ef1c277849ea00d29c4c7908a9e42a99ec17e 5758 libonig_6.9.4-1_source.buildinfo
Files:
 4a1ee87710f88e568babc2b9b189781d 1862 libs extra libonig_6.9.4-1.dsc
 b8054311a0747f7ae96b63531a3f93a0 582597 libs extra libonig_6.9.4.orig.tar.gz
 9ea0519aae3e59e55949d3100f6adba5 9376 libs extra libonig_6.9.4-1.debian.tar.xz
 170cc9440417402335000757decc43fd 5758 libs extra libonig_6.9.4-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAl3/vzAACgkQweDZLphv
fH5H4RAAgCGOm1WXmWaXquMTdC/4Gke/cLgEzPWdHeZbnxQJdDN3yGDjEr6l9JnA
IWMu/g4Av0xF/ekzoD7dlosu01RRdh1AqqY6BZBq+G/EkmPtXJ47GckPzQ22GPHk
bhYBd/6IF0i0G6KCS7b9zIsbl6vV0CE9DXnZ1OMD72eZ+RMpl39ufW2YckORfy3f
2WzTMsgeadnslltMMdoca7rF0Y9g6TKmgKPq4VzLNVJySY9JS+iLlpQ/HnnLi8KW
ttb6ZzbbvVHdnEloA4ZMAOobQBUyx33SJXmsqkiUe+M2XeKZP1c8HxVyhi8mj1Ke
JV9fSPV6Ukxw8oPOmHBO/QElCCtf1CcZ3fwckN7ylX/MjHGrWlHNtlPy1bQX4Ad2
X0z4y/Fj+7kw7hAuqoG+zsX27l/3b7Mx17QHCF6GPnEuJKP5sdhN1GkVf1pKkm5m
SqJtVlDnlsQsGAaKRRalD8ZK2zfUzmB2DbvUmKG98GYKeFISL5WmmcuQtyFvymNa
Ewl7maYxhmcTKTu/k28IFtWgsdONPcAjckpojuh5ZgEc4uADn0qfhR1SfVwaAsqO
z1QbHS8keEX/AC6tRSQnbyAU2E4jyxjwerqASIuDRx12lVbXmbXf1Vk9dUnqCF/D
NM6ZXIgVJPgFc/ZzV5478i1KW2/ftP0y71zqejrIdctJGgX5hPA=
=eVb1
-----END PGP SIGNATURE-----
News for package libonig
