Change log for libxslt package in Debian
| 1 → 51 of 51 results | First • Previous • Next • Last |
| Published in experimental-release |
libxslt (1.1.39-0exp1) experimental; urgency=medium * New upstream version 1.1.39 * Drop patch merged upstream, update other ones * Update std-ver to 3.6.2, no change required * Override source-is-missing lintian warning * d/rules: install README.md * d/rules: remove override_dh_installchangelogs * Update documentation files and doc-base registration * d/control: replace pkg-config with pkgconf -- Aron Xu <email address hidden> Wed, 28 Feb 2024 15:26:07 +0800
Available diffs
- diff from 1.1.35-1 to 1.1.39-0exp1 (1.5 MiB)
| Published in bullseye-release |
libxslt (1.1.34-4+deb11u1) bullseye-security; urgency=high * Non-maintainer upload by the Security Team. * Fix use-after-free in xsltApplyTemplates (CVE-2021-30560) -- Salvatore Bonaccorso <email address hidden> Mon, 22 Aug 2022 21:15:10 +0200
libxslt (1.1.35-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.1.35.
* Refresh patches.
* Update Homepage and d/watch to point to the new GNOME-based home
* d/*.doc-base: rename the document name, it shouldn't match the binary
package name.
* Install the new gtk-doc documentation.
* Do not install the .cmake file that come with the new version.
-- Mattia Rizzolo <email address hidden> Fri, 15 Jul 2022 15:29:07 +0200
Available diffs
libxslt (1.1.34-4) unstable; urgency=medium
* Team upload.
* Add patch to make the xslt-config script compatible with multi-arch.
Closes: #952768
-- Mattia Rizzolo <email address hidden> Wed, 04 Mar 2020 14:02:32 +0100
Available diffs
- diff from 1.1.34-3 to 1.1.34-4 (1.6 KiB)
libxslt (1.1.34-3) unstable; urgency=medium
* Team upload.
* Add a patch to fix FTBFS when built twice in a row. Closes: #947914
(Add build-dependency on docbook-xsl for this.)
-- Mattia Rizzolo <email address hidden> Sat, 22 Feb 2020 15:28:46 +0100
Available diffs
libxslt (1.1.34-2) unstable; urgency=medium * Team upload. * Re-add the xslt-config script for now. * d/control: Bump Standards-Version to 4.5.0, no changes needed. * Upload to unstable. -- Mattia Rizzolo <email address hidden> Fri, 21 Feb 2020 14:24:17 +0100
| Published in stretch-release |
libxslt (1.1.29-2.1+deb9u2) stretch; urgency=medium * Non-maintainer upload. * Fix dangling pointer in xsltCopyText (CVE-2019-18197) (Closes: #942646) -- Salvatore Bonaccorso <email address hidden> Wed, 04 Dec 2019 15:41:16 +0100
| Deleted in experimental-release (Reason: None provided.) |
libxslt (1.1.34-1) experimental; urgency=medium
* Team upload.
* New upstream version 1.1.34.
* Refresh patches
* d/libxslt1.1.symbols: Add new symbols.
* d/control:
+ Bump debhelper compat level to 12.
+ Bump Standards-Version to 4.4.1, no changes needed.
* Stop building and installing the static library.
* Stop installing xslt-config, please use pkg-config.
* Drop Python2 packages. (Closes: #936942)
* Make use of dh_missing --fail-missing:
+ Leave the docs files where the upstream build system put them, and just
move them into the right package. All the documentation was this way
moved into an extra html/ directory.
+ Installs files in a way that lets dh_missing detect them as installed.
+ d/not-installed: list xslt-config.
-- Mattia Rizzolo <email address hidden> Mon, 25 Nov 2019 19:22:08 +0100
Available diffs
| Published in buster-release |
libxslt (1.1.32-2.2~deb10u1) buster; urgency=medium * Rebuild for buster -- Salvatore Bonaccorso <email address hidden> Sun, 03 Nov 2019 17:11:47 +0100
| Superseded in sid-release |
libxslt (1.1.32-2.2) unstable; urgency=medium * Non-maintainer upload. * Fix dangling pointer in xsltCopyText (CVE-2019-18197) (Closes: #942646) -- Salvatore Bonaccorso <email address hidden> Sat, 19 Oct 2019 21:21:23 +0200
| Superseded in stretch-release |
libxslt (1.1.29-2.1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <email address hidden> Sat, 24 Aug 2019 14:04:13 +0200
| Superseded in buster-release |
libxslt (1.1.32-2.1~deb10u1) buster; urgency=medium * Rebuild for buster -- Salvatore Bonaccorso <email address hidden> Fri, 09 Aug 2019 21:49:31 +0200
| Superseded in sid-release |
libxslt (1.1.32-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <email address hidden> Sun, 04 Aug 2019 08:14:05 +0200
Available diffs
libxslt (1.1.32-2) unstable; urgency=medium * Team upload. * Add missing Build-Depends on pkg-config. -- Mattia Rizzolo <email address hidden> Sat, 26 May 2018 23:12:37 +0200
Available diffs
- diff from 1.1.29-5 to 1.1.32-2 (127.4 KiB)
- diff from 1.1.32-1 to 1.1.32-2 (414 bytes)
libxslt (1.1.32-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.1.32.
* d/patches:
+ Remove patches applied upstream.
+ Rebase the remaining patches.
* Drop old debian/TODO file.
* d/rules: include workaround that should make the package build on kfreebsd.
Closes: #840096
* d/control:
+ Bump Standards-Version to 4.1.4, no changes needed.
+ Move Vcs-* to salsa.debian.org.
* d/libxslt1.1.symbols:
+ Add new symbols added in this release.
+ Remove symbols that were accidentally exported in previous releases.
* Bump debhelper compat level to 11.
* Drop the libxslt1-dbg package in favour of automatic dbgsym packages.
-- Mattia Rizzolo <email address hidden> Sat, 26 May 2018 14:47:56 +0200
libxslt (1.1.29-5) unstable; urgency=medium * Team upload. * Refresh patches using Gbp Pq. * Add patch from upstream to fix FTBFS in ia64. Closes: #881818 * Declare that libxslt can be built without root, R³:no. -- Mattia Rizzolo <email address hidden> Wed, 15 Nov 2017 16:27:00 +0100
Available diffs
- diff from 1.1.29-4 to 1.1.29-5 (6.5 KiB)
libxslt (1.1.29-4) unstable; urgency=medium * Team upload. * Upload to unstable. * Add patch from upstream to fix FTBFS with glibc 2.26. Closes: #880038 -- Mattia Rizzolo <email address hidden> Sun, 05 Nov 2017 13:36:40 +0100
Available diffs
| Deleted in experimental-release (Reason: None provided.) |
libxslt (1.1.29-3) experimental; urgency=medium
* Team upload.
* d/upstream/signing-key.asc: add Daniel Veillard's gpg key to allow
cryptographic verification of the upstream tarballs.
* d/patches/0003-fix-typo.patch: forward to upstream.
* d/control: Bump Standards-Version to 4.1.1:
+ Move packages from the deprecated section:extra to section:optional.
* d/rules:
+ Use /usr/share/dpkg/architecture.mk instead of calling dpkg-architecture.
+ Let dh_auto_configure deal with buildflags from the environment, and
use dpkg-buildflags to set -Wl,--as-needed.
+ Move xsltconfig.h to a multi-arch location. Closes: #834714
Thanks to Hugh McMaster <email address hidden> for the initial patch.
-- Mattia Rizzolo <email address hidden> Sat, 28 Oct 2017 15:04:16 +0200
libxslt (1.1.29-2.2) unstable; urgency=medium
* Non-maintainer upload.
* Build-Depends on rename, fixes FTBFS, thanks Adrian Bunk (Closes: #876601)
* Build-Depends on libgcrypt20-dev instead of transitional libgcrypt11-dev,
thanks Andreas Metzler (Closes: #864120)
[ Helmut Grohne ]
* Fix FTCBFS: (Closes: #841384)
+ Drop unsatisfiable binutils dependency: Always satisfied natively even
in wheezy.
+ Use cross-compatible python Build-Depends.
+ Annotate Build-Depends: perl with :any.
+ Do not pass CC=cc to configure.
-- Manuel A. Fernandez Montecelo <email address hidden> Fri, 13 Oct 2017 01:03:29 +0200
| Published in jessie-release |
libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
* Non-maintainer upload.
* Check for integer overflow in xsltAddTextString (CVE-2017-5029)
(Closes: #858546)
-- Salvatore Bonaccorso <email address hidden> Fri, 14 Apr 2017 08:28:09 +0200
libxslt (1.1.29-2.1) unstable; urgency=high
* Non-maintainer upload.
* Check for integer overflow in xsltAddTextString (CVE-2017-5029)
(Closes: #858546)
-- Salvatore Bonaccorso <email address hidden> Sun, 26 Mar 2017 19:44:01 +0200
Available diffs
- diff from 1.1.29-2 to 1.1.29-2.1 (1.5 KiB)
| Superseded in jessie-release |
libxslt (1.1.28-2+deb8u2) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix heap overread in xsltFormatNumberConversion (CVE-2016-4738)
(Closes: #842570)
-- Salvatore Bonaccorso <email address hidden> Sun, 06 Nov 2016 21:43:39 +0100
libxslt (1.1.29-2) unstable; urgency=high
* Team upload.
* Bump debhelper compat level to 10.
+ --parallel is now default
+ --with autoreconf is now default
* Add patch from upstream to fix a heap overread which could cause remote
arbitrary code execution or denial of service.
Closes: #842570 — CVE-2016-4738
-- Mattia Rizzolo <email address hidden> Sun, 30 Oct 2016 14:01:00 +0000
Available diffs
- diff from 1.1.29-1 to 1.1.29-2 (1.3 KiB)
| Superseded in jessie-release |
libxslt (1.1.28-2+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix for type confusion in preprocessing attributes (CVE-2015-7995)
(Closes: #802971)
* Always initialize EXSLT month and day to 1
* Fix use-after-free in xsltDocumentFunctionLoadDocument
* Fix xsltNumberFormatGetMultipleLevel (CVE-2016-1683)
* Round xsl:number values to nearest integer
* Handle negative xsl:number values
* Lower bound for format token "a"
* Lower and upper bound for format token "i" (CVE-2016-1684)
* Fix double free in libexslt hash functions
* Fix buffer overflow in exsltDateFormat
* Fix OOB heap read in xsltExtModuleRegisterDynamic
-- Salvatore Bonaccorso <email address hidden> Sat, 18 Jun 2016 19:27:31 +0200
libxslt (1.1.29-1) unstable; urgency=medium * Imported Upstream version 1.1.29 (Closes: #826446) * Remove patches which have been merged upstream * Remove plugin option in xslt-config as it has arch-dep string * Link libxslt with libm (Closes: #801989, #721602) * Add --parallel in debian/rules. -- YunQiang Su <email address hidden> Wed, 17 Aug 2016 15:30:11 +0800
Available diffs
- diff from 1.1.28-4 to 1.1.29-1 (329.1 KiB)
libxslt (1.1.28-4) unstable; urgency=medium * Team upload. * Replace the SOURCE_DATE_EPOCH patch with the one actually committed upstream -- Mattia Rizzolo <email address hidden> Fri, 20 May 2016 09:33:00 +0000
Available diffs
- diff from 1.1.28-3 to 1.1.28-4 (1.9 KiB)
libxslt (1.1.28-3) unstable; urgency=medium
[ Gianfranco Costamagna ]
* Team upload.
* Upload to unstable.
* Bump std-version to 3.9.8.
* Acknowledge previous NMU, thanks carnil!
* Add dh-python to build-depends
[ Jérémy Bobbio ]
* Add a patch from upstream to make generate-id() provide stable IDs.
Thanks to Daniel Veillard. Closes: #823857
[ Dhole ]
* Honour SOURCE_DATE_EPOCH when embedding timestamps in docs. Closes: #791815
[ Mattia Rizzolo ]
* Run wrap-and-sort.
* Use HTTPS in Vcs-* fields.
-- Mattia Rizzolo <email address hidden> Mon, 09 May 2016 20:18:36 +0000
Available diffs
- diff from 1.1.28-2.1 to 1.1.28-3 (4.4 KiB)
libxslt (1.1.28-2.1) unstable; urgency=high
* Non-maintainer upload.
* Add 0009-Fix-for-type-confusion-in-preprocessing-attributes.patch patch.
CVE-2015-7995: Type confusion in preprocessing attributes leading to
denial of service. (Closes: #802971)
-- Salvatore Bonaccorso <email address hidden> Fri, 30 Oct 2015 08:46:43 +0100
Available diffs
| Published in squeeze-release |
libxslt (1.1.26-6+squeeze3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add patches to fix denial of service vulnerability (CVE-2012-6139)
(Closes: #703933)
-- Salvatore Bonaccorso <email address hidden> Tue, 26 Mar 2013 21:48:42 +0100
libxslt (1.1.28-2) unstable; urgency=low
* debian/patches/000[4-8].patch:
Upstream post release patches.
-- Aron Xu <email address hidden> Thu, 01 Aug 2013 13:55:48 +0800
Available diffs
| Deleted in experimental-release (Reason: None provided.) |
libxslt (1.1.28-1) experimental; urgency=low [ YunQiang Su ] * Imported Upstream version 1.1.28 * Workaround xsltMaxVars version number (Closes: #698955) * Refresh patches * Correct email address of YunQiang Su * Mark libxslt1-dev as Multi-Arch: same (Closes: #689091) [ Aron Xu ] * Use canonical VCS-* fields. * Remove unused override: python-libxslt1-dbg: hardening-no-relro -- Aron Xu <email address hidden> Wed, 01 May 2013 02:05:28 +0800
libxslt (1.1.26-14.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Upload as NMU acknowledged by Aron Xu.
* Add patches to fix denial of service vulnerability (CVE-2012-6139)
(Closes: #703933)
-- Salvatore Bonaccorso <email address hidden> Tue, 26 Mar 2013 20:31:18 +0100
| Superseded in squeeze-release |
libxslt (1.1.26-6+squeeze2) stable-security; urgency=high
* Patch to fix three CVEs (Closes: #689422):
- CVE-2012-2870 by Daniel Veillard and Chris Evans
- CVE-2012-2871 by Daniel Veillard
- CVE-2012-2893 by Chris Evans
-- Aron Xu <email address hidden> Wed, 03 Oct 2012 00:02:59 +0800
| Superseded in experimental-release |
libxslt (1.1.27-1) experimental; urgency=low
* New upstream release (Closes: #448205, #683353)
* debian/rules:
+ Add hardening flags for dbg package in LDFLAGS (Closes: #681163)
* debian/control:
- std-ver: 3.9.3 -> 3.9.4, no change required.
-- Aron Xu <email address hidden> Wed, 03 Oct 2012 00:22:53 +0800
libxslt (1.1.26-14) unstable; urgency=low
* Patch to fix three CVEs (Closes: #689422):
- CVE-2012-2870 by Daniel Veillard and Chris Evans
- CVE-2012-2871 by Daniel Veillard
- CVE-2012-2893 by Chris Evans
-- Aron Xu <email address hidden> Tue, 02 Oct 2012 23:53:39 +0800
Available diffs
- diff from 1.1.26-13 to 1.1.26-14 (7.8 KiB)
| Superseded in squeeze-release |
libxslt (1.1.26-6+squeeze1) stable; urgency=low
[ Daniel Veillard ]
* Fix generate-id() to not expose object addresses
CVE-2011-1202, Closes: #617413.
[ Abhishek Arya ]
* Fix some case of pattern parsing errors
CVE-2011-3970, Closes: #660650.
[ Chris Evans ]
* [PATCH] Fix crash with unexpected DTD nodes in XSLT.
CVE-2012-2825, Closes: #679283.
-- Aron Xu <email address hidden> Thu, 05 Jul 2012 11:31:18 +0800
libxslt (1.1.26-13) unstable; urgency=low * Patch to fix CVE-2012-2825 (Closes: #679283). -- Aron Xu <email address hidden> Thu, 05 Jul 2012 11:09:19 +0800
Available diffs
libxslt (1.1.26-12+rebuild1) unstable; urgency=low
* Rebuild against new libxml2 to make xslt-config identical across
architectures.
-- Aron Xu <email address hidden> Fri, 15 Jun 2012 18:55:36 +0800
Available diffs
- diff from 1.1.26-12 to 1.1.26-12+rebuild1 (561 bytes)
libxslt (1.1.26-12) unstable; urgency=low [ Aron Xu ] * New maintainer (Closes: #654177) * debian/rules: small improvements, stop shipping .la files. * debian/control: mark libxslt1-dev as not M-A (Closes: #671902). [ YunQiang Su ] * Convert to 3.0 source format. * Byte-compile Python modules again (Closes: #671901). -- Aron Xu <email address hidden> Tue, 29 May 2012 00:31:36 +0800
Available diffs
libxslt (1.1.26-11) unstable; urgency=low
* QA upload.
* Bump standards version to 3.9.3.
* Apply Steve Langasek's patch to enable multiarch (closes: 643034).
* Fix cve-2011-3970: out-of-bounds array access issue (closes: #660650).
* Bump debian/compat to 9 and enable hardened build flags (closes: #655601).
* Eliminate system config.sub and config.guess from the debian diff
(closes: #670799).
-- Michael Gilbert <email address hidden> Sun, 06 May 2012 20:35:38 -0400
libxslt (1.1.26-10) unstable; urgency=low
* QA upload.
* Fix building for real: (Closes: #666333)
- make(1) targets accumulate, they do not replace
- You absolutely must not have a build-% (wildcard) target!
- Never have a directory (or file) with the same name as a
(phony) target, as it *will* prevent the target from being
run while that file/directory exists, with varying messages
=> rename ./build/ to builddir and build-% to dobuild-%
Discovered while trying to hand-fix an m68k build.
* Throw in some lintian fixes (manpage, spelling) for good measure.
-- Thorsten Glaser <email address hidden> Sun, 06 May 2012 16:02:55 +0000
libxslt (1.1.26-9) unstable; urgency=low * QA upload. * Set maintainer to Debian QA Group <email address hidden> * Clear uploaders * Fix building with build-arch. Closes: 666333. -- Peter Michael Green <email address hidden> Tue, 24 Apr 2012 23:23:50 +0000
libxslt (1.1.26-8) unstable; urgency=low * debian/rules: - Empty dependency_libs in .la files. Closes: #633337. - Add --with python2 to dh call. * debian/control: - Remove build dependency on python-support. - Build depend on python-all-dev >= 2.6.6-3~. - Remove XB-Python-Version header. - Bump Standards-Version to 3.9.2.0. No changes required. * debian/pycompat: Removed. -- Mike Hommey <email address hidden> Fri, 29 Jul 2011 11:59:25 +0200
libxslt (1.1.26-7) unstable; urgency=low * libxslt/functions.c: Fix generate-id() to not expose object addresses. Closes: #617413. Fixes: CVE-2011-1202. -- Mike Hommey <email address hidden> Fri, 18 Mar 2011 16:11:19 +0100
libxslt (1.1.26-6) unstable; urgency=low
* debian/python-libxslt1-dbg.preinst: Add preinst snippet to remove
/usr/share/doc/python-libxslt1-dbg symlink on Ubuntu. This is an
Ubuntu-only fix, but allows Ubuntu to just use the Debian package
without further modifications.
Closes: #587910
-- Mike Hommey <email address hidden> Thu, 26 Aug 2010 11:42:01 +0200
libxslt (1.1.26-5) unstable; urgency=low
* debian/rules: Avoid possible renaming of _d.so files to _d_d.so files in
the install-python%-dbg rules.
* debian/control:
- Add missing dependency on python-libxml2-dbg to python-libxslt1-dbg.
- Remove old Conflicts/Replaces for packages that have disappeared before
etch.
- Bump Standards-Version to 3.9.0.0.
- Add Homepage.
- Add Vcs-{Git,Browser} fields.
-- Mike Hommey <email address hidden> Tue, 29 Jun 2010 12:38:30 +0200
libxslt (1.1.26-4) unstable; urgency=low
* debian/rules:
- Refactor configure-% and build-% rules.
- Hack to link with -Wl,--as-needed.
* debian/python-libxslt1.install: Don't hardcode site-/dist-packages in
.install. Cope with builds which don't have any dist-packages (or
site-packages) based python versions. Thanks Loïc Minier.
* debian/control:
- Add missing XB-Python-Version to python-libxslt1.
- Mention the version of XSLT implemented. Closes: #579244.
- Fix typo in libxslt1-dev package description. Closes: #579241.
* debian/control, debian/python-libxslt1-dbg.install, debian/rules: Add a
python-libxslt1-dbg package.
* doc/xsltproc.xml, doc/xsltproc.1: Document what happens when there is
no output and -o is specified. Closes: #539890.
-- Mike Hommey <email address hidden> Mon, 28 Jun 2010 19:10:30 +0200
libxslt (1.1.26-3) unstable; urgency=low
* debian/compat: Switch to debhelper compat level 7.
* debian/control: Build depend on debhelper >= 7.0.50~.
* debian/rules:
+ Remove old source and diff rules. They only displayed a message
inviting to use dpkg-source -b.
+ Remove workarounds for modified and deleted files. The modified file
is not modified anymore, and as we're not using svn-buildpackage we
also don't care about deleted files anymore.
+ Trust dpkg-buildpackage to set the CFLAGS.
+ Change the way python libs are built. We now use configure to set
different environment with and without python, and arrange things so
that we don't have to build the base libxslt library several times.
+ Use a common cache for main and python configure passes.
+ Modify libexslt.la in place in debian/tmp.
+ Switch to dh.
+ Deduplicate in /usr/lib/pyshared, not
/usr/lib/python-support/python-libxslt1.
* debian/python-libxslt1.install: Install python files from
/usr/lib/python*/dist-packages.
* python/Makefile.am, python/Makefile.in, python/generator.py: Don't
generate python API intermediate files in $srcdir.
* debian/libxslt1-dev.install: Install libexslt.la with dh_install.
-- Mike Hommey <email address hidden> Fri, 09 Apr 2010 15:18:51 +0200
libxslt (1.1.26-2) unstable; urgency=low
* debian/control:
+ Add missing ${misc:Depends}.
+ Bump Standards-Version to 3.8.4.0.
+ Put libxslt1-dbg in section debug.
* debian/libxslt1-dev.install: Install /usr/share/aclocal files.
Closes: #569066.
* debian/rules, debian/libxslt1.1.symbols: Add symbols file and bump
shlibs. Closes: #563399.
-- Mike Hommey <email address hidden> Mon, 22 Feb 2010 10:57:27 +0100
libxslt (1.1.26-1) unstable; urgency=low
* New upstream release.
+ Allow both --xinclude and --output options at the same time in xsltproc.
Closes: #497585.
-- Mike Hommey <email address hidden> Fri, 25 Sep 2009 22:42:15 +0200
libxslt (1.1.24-2) unstable; urgency=high * libexslt/crypto.c: Apply upstream fix for CVE-2008-2935. Closes: #493162. -- Mike Hommey <email address hidden> Sun, 03 Aug 2008 09:03:42 +0200
| 1 → 51 of 51 results | First • Previous • Next • Last |
