-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 09 May 2018 21:53:53 +1000 Source: unixodbc Binary: unixodbc libodbc1 unixodbc-dev odbcinst1debian2 odbcinst Architecture: source Version: 2.3.6-0.1 Distribution: unstable Urgency: medium Maintainer: Steve Langasek <vorlon@debian.org> Changed-By: Hugh McMaster <hugh.mcmaster@outlook.com> Description: libodbc1 - ODBC library for Unix odbcinst - Helper program for accessing odbc ini files odbcinst1debian2 - Support library for accessing odbc ini files unixodbc - Basic ODBC tools unixodbc-dev - ODBC libraries for UNIX (development files) Closes: 422207 675058 888968 891596 893891 Changes: unixodbc (2.3.6-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream release (Closes: #888968). - Fix buffer overflow when calling unicode_to_ansi_copy() in DriverManager/SQLDriverConnectW.c (CVE-2018-7409) (Closes: #891596). - Package upstream manpages instead of Debian versions (Closes: #893891). - Fix potential buffer overflow vulnerabilities in SQLDriverConnect functions (CVE-2012-2657 and CVE-2012-2658) (Closes: #675058). - Install pkg-config files (Closes: #422207). * Switch to dpkg-source 3.0 (quilt) format. * Update debhelper package compatibility to level 11. * debian/changelog: Remove trailing whitespace. * debian/control: - Build-Depend on debhelper version 11. - Remove dh-autoreconf from the Build-Depends list. - Raise Standards-Version to 4.1.4 from 3.9.8 (no changes needed). - Remove the Vcs-fields until the package repository moves to Salsa. - Remove the deprecated Priority: extra field from unixodbc-dev. - Use the inherited Section field for libodbc1 and odbcinst1debian2. - Update package descriptions for odbcinst1debian2 and odbcinst. - Drop un-needed Conflicts field from unixodbc. * debian/copyright: - Use secure HTTP in the Format field. - Update Copyright information for unixODBC 2.3.6. * debian/docs: - Rename to unixodbc.docs. * debian/patches: - Convert unixodbc_2.3.4-1.1.diff into patches. - Add a patch to prevent __post_inernal_error() from being exported. - Add a patch to fix spelling errors in DRVConfig/txt/drvcfg.c. - Add a patch to fix spelling and formatting in odbcinst.ini.5. - Forward some patches upstream. * debian/rules: - Add 'hardening=+all' to DEB_BUILD_MAINT_OPTIONS. - Remove '--with autoreconf' (now handled by debhelper >= level 10). - Remove dh_auto_clean override. - Compile with the default CXXFLAGS options. * Add debian/watch file. * Remove a lintian override (symbols-file-contains-debian-revision). * Remove debian/clean (no longer needed). * Remove debian/odbcinst.postinst (no longer needed). * Remove debian/dirs: /usr/lib/odbc has been replaced by multi-arch paths. Checksums-Sha1: edd5db2ec1b372ca6f2601ef2dd7913db07c815c 2002 unixodbc_2.3.6-0.1.dsc 5d530fce155e78f6990b3c3063582c841e39b000 2083106 unixodbc_2.3.6.orig.tar.gz 813e3c36c3b1319464b9b80531b93ae29e119647 17932 unixodbc_2.3.6-0.1.debian.tar.xz acf05ba957ac6c390bdbd2ff58d4266941529811 7842 unixodbc_2.3.6-0.1_amd64.buildinfo Checksums-Sha256: fd2eab8f404d0fff154ded1c7b3608ee2f3a7016a2459ee9a72415018c03423c 2002 unixodbc_2.3.6-0.1.dsc c7a1327a756653088f1f2c8566cd25689703eeb904728d1d971c9b31ed1a94db 2083106 unixodbc_2.3.6.orig.tar.gz eb191a58b750e7ab3a8f0eca353fc90c4f82cdfefd99988623947b4120eda3e5 17932 unixodbc_2.3.6-0.1.debian.tar.xz 1d9af568e5145a228414ab6d45205ee5635f43380ea40f676f42d4eea35f0094 7842 unixodbc_2.3.6-0.1_amd64.buildinfo Files: 08467be19e73a5ffd4efdc62ce1e6aac 2002 libs optional unixodbc_2.3.6-0.1.dsc 7ea02b54c9134bd3611606c062787445 2083106 libs optional unixodbc_2.3.6.orig.tar.gz 70519563095a0e58d59fae910511d77e 17932 libs optional unixodbc_2.3.6-0.1.debian.tar.xz 377a883a27205ee725cd47c4b9cdd356 7842 libs optional unixodbc_2.3.6-0.1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlry+qQACgkQCBa54Yx2 K61PmxAArKfHYlRkEKiGT0atvTI6I159LGiof490HsxTTziFpXiL3wrVx13LdXvc SEEsdWM95p580EW40VO4ksXqio2Fe/7dHVNerfp4cE9tt8Ukufy147TU7KFgGMIE p+Zmj0Oftv61kJX67k62+1PdMT/D1cJ7avISkX5GefRAzmV5RLNbQm7Yyr3XkF3y NX+A3VyGE2+j+UtfS79DexVlvB2g/zR7t6ETm20OllOXqdyYCn/AwFHBtWn0yKjX 3br6jhP4o3Xnk7pDNVuh4Zn1pR/NOitVasNJG1kdkVYQk+nvhEWpHxaIqbPXHuWi ZUqCnD50CHCyzcloLEobHJp6Oz91SCItzGb5wPioWv5CujYri+JKAjjwcvvCPxtM AuLUpkzSM2I0zmHpLtps6s8N7zBV6kkX1GV2onCSdrEvqtMXtXo4EjxEgYifbbHG KllyyfYN1vNdaii9LfSd6SBBMyMyI2RMPwRhUUzPEh9zFODIyhuX3MV1RmilQNzQ bfvdDL1wXOrsQk2EHNSyWmPSyTksHFGBiuOIUgc4xElvWvke4dxRcMW8+bMx57eo XVGhNGK5oxBGhTGZXkonZd3OIFyR+3wRL8EYLvEuc3o9CD/m2u/NTHE/pStld5QQ 7Yks/G3qopPw8yMfBv0kYooOSh9q2l1bDn4JI+DTDpOs1M24XGo= =Qq04 -----END PGP SIGNATURE-----