Change log for jbig2dec package in Ubuntu
| 1 → 35 of 35 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
jbig2dec (0.20-1build3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 07:40:24 +0000
Available diffs
- diff from 0.20-1build2 to 0.20-1build3 (313 bytes)
jbig2dec (0.20-1build2) noble; urgency=medium * Rebuild against new libpng16-16t64. -- Gianfranco Costamagna <email address hidden> Tue, 19 Mar 2024 14:17:38 +0100
Available diffs
- diff from 0.20-1 (in Debian) to 0.20-1build2 (571 bytes)
- diff from 0.20-1build1 to 0.20-1build2 (315 bytes)
| Superseded in noble-proposed |
jbig2dec (0.20-1build1) noble; urgency=medium * No-change rebuild against libpng16-16t64 -- Steve Langasek <email address hidden> Thu, 29 Feb 2024 06:58:13 +0000
Available diffs
- diff from 0.20-1 (in Debian) to 0.20-1build1 (495 bytes)
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
jbig2dec (0.20-1) unstable; urgency=medium
[ upstream ]
* new release
[ Jonas Smedegaard ]
* update git-buildpackage config:
+ use DEP-14 git branches
+ enable automatic DEP-14 branch name handling
+ add usage config
* drop patches cherry-picked upstream, now obsolete
* add patch cherry-picked upstream
to avoid uninitialized allocator in command-line tool
* update copyright info: update coverage
* simplify build; stop build-depend on cdbs
* declare compliance with Debian Policy 4.6.2
* build-depend on debhelper-compat (not debhelper)
* add patch 1001 to modernize test script;
build-depend on python3
-- Jonas Smedegaard <email address hidden> Thu, 30 Nov 2023 14:40:40 +0100
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Obsolete in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
jbig2dec (0.19-3build2) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 13:02:43 +0100
Available diffs
- diff from 0.19-3 (in Debian) to 0.19-3build2 (603 bytes)
- diff from 0.19-3build1 (in Ubuntu) to 0.19-3build2 (544 bytes)
| Superseded in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
| Deleted in impish-proposed (Reason: Moved ot jammy) |
jbig2dec (0.19-3build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:13:23 +0200
Available diffs
- diff from 0.19-3 (in Debian) to 0.19-3build1 (327 bytes)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
jbig2dec (0.19-3) unstable; urgency=medium
* add patch cherry-picked upstream
to use correct freeing function for JBIG2 images
* add autopkgtest;
closes: bug#959468, thanks to Dylan Aïssi
-- Jonas Smedegaard <email address hidden> Thu, 22 Apr 2021 13:11:05 +0200
Available diffs
- diff from 0.19-2 to 0.19-3 (1.6 KiB)
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
jbig2dec (0.19-2) unstable; urgency=medium
* cherry-pick patches from upstream:
+ silence a compiler warning
+ fix honor memory alignment (needed on SPARC)
* declare compliance with Debian Policy 4.5.1
-- Jonas Smedegaard <email address hidden> Tue, 02 Feb 2021 14:55:02 +0100
Available diffs
- diff from 0.19-1 to 0.19-2 (2.2 KiB)
jbig2dec (0.19-1) unstable; urgency=medium [ upstream ] * new release [ Jonas Smedegaard ] * simplify source script copyright-chceck -- Jonas Smedegaard <email address hidden> Thu, 10 Sep 2020 19:45:19 +0200
Available diffs
- diff from 0.18+20200417-1 to 0.19-1 (3.0 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
jbig2dec (0.18+20200417-1) unstable; urgency=medium
[ upstream ]
* development snapshot
+ Separate command line tool error callback state from parameters.
+ Mention all long options in usage and manpage.
+ Add command line option to limit memory usage.
+ Add more references to specification.
+ Keep type of index and array length the same.
+ Use unsigned suffix when defining UINT32_MAX.
+ Handle under-/overflow detection and messaging better.
+ Let arithmetic decoder and the underlying stream report errors.
+ Add overflow detection for IAID context size.
+ Treat end of stream as fatal error, and remember errors.
+ Avoid artificially limiting jbig2dec.
+ Avoid passing NULL buffer to snprintf().
+ Remove trailing whitespace.
+ Address all signedness comparison issues.
+ Enable warnings for signedness in comparisons.
+ Avoid warning by copying bytes instead of characters.
+ Fix under/overflow handling in arithmetic integer decoder.
+ Pass segment numbers as unsigned values to error callback.
+ Avoid formatting error messages twice in error callback.
+ Use size_t for string length.
+ Handle errors from reading jbig2 streams.
+ Always use uint32_t when counting pages.
+ Use uint32_t when counting segments.
+ Fix signedness conversions.
+ Fix two overlooked warnings.
+ Use correct define for maximum value of type.
+ Record stream errors in separate struct field.
+ Cast literal to avoid shifting outside of valid range.
+ Need to store local copy of error message.
+ Plug leak of image upon error.
+ Adjust number of bytes consumed by MMR decoder.
+ Initiate variable before avoids using uninited data
during cleanup.
+ Refill input buffer upon failure to parse segment header.
[ Jonas Smedegaard ]
* copyright: update coverage
* use debhelper compatibility level 10 (not 9);
stop build-depend explicitly on dh-autoreconf libtool
* avoid running python test apparently relying on missing data files;
drop patch 1001; stop build-depend on python;
closes: bug#943139, thanks to Sandro Tosi
-- Jonas Smedegaard <email address hidden> Thu, 23 Apr 2020 10:01:35 +0200
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
jbig2dec (0.18-1ubuntu1) focal; urgency=medium * Build using python3. -- Matthias Klose <email address hidden> Mon, 30 Mar 2020 12:53:08 +0200
Available diffs
- diff from 0.17-1 (in Debian) to 0.18-1ubuntu1 (19.3 KiB)
- diff from 0.18-1 (in Debian) to 0.18-1ubuntu1 (684 bytes)
jbig2dec (0.18-1) unstable; urgency=medium
[ upstream ]
* new release
closes: bug#952674, thanks to Mathieu Malaterre
[ Jonas Smedegaard ]
* declare compliance with Debian Policy 4.5.0
-- Jonas Smedegaard <email address hidden> Sun, 15 Mar 2020 10:48:03 +0100
Available diffs
- diff from 0.17-1 to 0.18-1 (19.0 KiB)
jbig2dec (0.17-1) unstable; urgency=medium
[ upstream ]
* New release.
[ Jonas Smedegaard ]
* Switch to track upstream release tags.
* Declare compliance with Debian Policy 4.4.1.
* Update copyright info:
+ List uptream bugtracker as preferred upstream contact.
-- Jonas Smedegaard <email address hidden> Wed, 02 Oct 2019 11:31:55 +0200
Available diffs
- diff from 0.16-1 to 0.17-1 (19.3 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
jbig2dec (0.16-1) unstable; urgency=high
[ upstream ]
* New bugfix release.
(no code changes since 0.15+20190209-1)
[ Jonas Smedegaard ]
* Set urgency=high, due to ghostscript 9.27 CVE fixes.
-- Jonas Smedegaard <email address hidden> Sun, 07 Apr 2019 17:52:08 +0200
Available diffs
- diff from 0.15-2 to 0.16-1 (51.2 KiB)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
jbig2dec (0.15-2) unstable; urgency=medium
* Add patches cherry-picked upstream:
+ Fix signed/unsigned mismatches.
+ Only print repeated error/warning messages once.
+ Bring jbig2dec's copy of memento up to date.
* Simplify rules: Stop resolve build-dependencies in rules file.
* Stop build-depend on dh-buildinfo.
* Wrap and sort control file.
* Update copyright info: Extend coverage for main upstream author.
-- Jonas Smedegaard <email address hidden> Wed, 21 Nov 2018 01:50:52 +0100
Available diffs
- diff from 0.15-1 to 0.15-2 (27.2 KiB)
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
jbig2dec (0.15-1) unstable; urgency=medium
[ upstream ]
* New bugfix release.
(no code changes since 0.14+20180826-1)
-- Jonas Smedegaard <email address hidden> Fri, 14 Sep 2018 14:10:04 +0200
Available diffs
- diff from 0.14-1 to 0.15-1 (65.3 KiB)
jbig2dec (0.14-1) unstable; urgency=medium
[ upstream ]
* New bugfix release.
[ Jonas Smedegaard ]
* Update copyright info:
+ Extend copyright of packaging to cover past year.
+ Strip nedless copyright signs.
* Drop patches cherry-picked upstream since applied.
* Declare compliance with Debian Policy 4.1.4.
-- Jonas Smedegaard <email address hidden> Thu, 24 May 2018 14:41:41 +0200
Available diffs
- diff from 0.13-6 to 0.14-1 (25.6 KiB)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
jbig2dec (0.13-6) unstable; urgency=medium * Team upload * Update Vcs-* fields for the move to salsa.d.o -- Didier Raboud <email address hidden> Sat, 10 Feb 2018 16:29:26 +0100
Available diffs
- diff from 0.13-5 to 0.13-6 (510 bytes)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
jbig2dec (0.13-5) unstable; urgency=medium
* Add DEP-3 header to patch 1001.
* Advertise DEP-3 format in patch headers.
* Add patches cherry-picked upstream:
+ Fix decoder error on JBIG2 compressed image.
+ Tidy up unused code.
+ Add sanity check on image sizes.
+ refine test for "Denial of Service" images
+ Prevent SEGV due to integer overflow.
+ Prevent integer overflow vulnerability.
+ Bounds check before reading from image source data.
+ Plug leak of parameter info in command-line tool.
+ Fix memory leak in case of error.
+ Make clipping in image compositing handle underflow.
+ Fix double free in error case.
+ Do bounds checking of read data.
+ Do not grow page if page height is known.
+ Fix SEGV due to error code being ignored.
Closes: Bug#863279; CVE-2017-9216. Thanks to Salvatore Bonaccorso.
+ Allow for symbol dictionary with 0 symbols.
* Update watch file: Use substitution strings.
* Stop put aside auto-generated header file during build: No longer
shipped upstream.
* Modernize cdbs:
+ Do copyright-check in maintainer script (not during build).
+ Relax to build-depend unversioned on cdbs.
+ Stop build-depend on licensecheck.
* Declare compliance with Debian Policy 4.1.0.
* Update copyright info:
+ Use https protocol in file format URL.
+ Fix rename License section AGPL-3 → AGPL-3+.
* Tighten lintian overrides regarding License-Reference.
-- Jonas Smedegaard <email address hidden> Sat, 23 Sep 2017 13:27:40 +0200
Available diffs
- diff from 0.13-4.1 to 0.13-5 (12.3 KiB)
jbig2dec (0.11+20120125-1ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: integer overflow in jbig2_image_new
- debian/patches/CVE-2016-9601-pre*.patch: backport misc fixes.
- debian/patches/CVE-2016-9601-1.patch: fix signed/unsigned warnings in
jbig2.c, jbig2.h, jbig2_generic.c, jbig2_halftone.c, jbig2_huffman.c,
jbig2_huffman.h, jbig2_image.c, jbig2_mmr.c, jbig2_page.c,
jbig2_priv.h, jbig2_segment.c, jbig2_symbol_dict.c,
jbig2_symbol_dict.h, jbig2_text.c, jbig2_text.h.
- debian/patches/CVE-2016-9601-2.patch: fix warnings in jbig2_image.c,
jbig2_mmr.c, jbig2_symbol_dict.c.
- CVE-2016-9601
* SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
- debian/patches/CVE-2017-7885.patch: add extra check to
jbig2_symbol_dict.c.
- CVE-2017-7885
* SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
- debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
- CVE-2017-7975
* SECURITY UPDATE: integer overflow in jbig2_image_compose
- debian/patches/CVE-2017-7976.patch: add bounds check to
jbig2_image.c.
- CVE-2017-7976
-- Marc Deslauriers <email address hidden> Fri, 19 May 2017 09:11:39 -0400
Available diffs
jbig2dec (0.13-4ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
- debian/patches/CVE-2017-7885.patch: add extra check to
jbig2_symbol_dict.c.
- CVE-2017-7885
* SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
- debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
- CVE-2017-7975
* SECURITY UPDATE: integer overflow in jbig2_image_compose
- debian/patches/CVE-2017-7976.patch: add bounds check to
jbig2_image.c.
- CVE-2017-7976
-- Marc Deslauriers <email address hidden> Fri, 19 May 2017 07:44:36 -0400
Available diffs
jbig2dec (0.12+20150918-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in jbig2_image_new
- debian/patches/CVE-2016-9601-pre.patch: prevent checking too early in
jbig2.c.
- debian/patches/CVE-2016-9601-1.patch: fix signed/unsigned warnings in
jbig2.c, jbig2.h, jbig2_generic.c, jbig2_halftone.c, jbig2_huffman.c,
jbig2_huffman.h, jbig2_image.c, jbig2_mmr.c, jbig2_page.c,
jbig2_priv.h, jbig2_segment.c, jbig2_symbol_dict.c,
jbig2_symbol_dict.h, jbig2_text.c, jbig2_text.h.
- debian/patches/CVE-2016-9601-2.patch: fix warnings in jbig2_image.c,
jbig2_mmr.c, jbig2_symbol_dict.c.
- CVE-2016-9601
* SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
- debian/patches/CVE-2017-7885.patch: add extra check to
jbig2_symbol_dict.c.
- CVE-2017-7885
* SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
- debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
- CVE-2017-7975
* SECURITY UPDATE: integer overflow in jbig2_image_compose
- debian/patches/CVE-2017-7976.patch: add bounds check to
jbig2_image.c.
- CVE-2017-7976
-- Marc Deslauriers <email address hidden> Fri, 19 May 2017 08:26:25 -0400
Available diffs
jbig2dec (0.13-2ubuntu0.1) yakkety-security; urgency=medium
* SECURITY UPDATE: integer overflow in jbig2_image_new
- debian/patches/CVE-2016-9601-pre.patch: prevent checking too early in
jbig2.c.
- debian/patches/CVE-2016-9601-1.patch: fix signed/unsigned warnings in
jbig2.c, jbig2.h, jbig2_generic.c, jbig2_halftone.c, jbig2_huffman.c,
jbig2_huffman.h, jbig2_image.c, jbig2_mmr.c, jbig2_page.c,
jbig2_priv.h, jbig2_segment.c, jbig2_symbol_dict.c,
jbig2_symbol_dict.h, jbig2_text.c, jbig2_text.h.
- debian/patches/CVE-2016-9601-2.patch: fix warnings in jbig2_image.c,
jbig2_mmr.c, jbig2_symbol_dict.c.
- CVE-2016-9601
* SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
- debian/patches/CVE-2017-7885.patch: add extra check to
jbig2_symbol_dict.c.
- CVE-2017-7885
* SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
- debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
- CVE-2017-7975
* SECURITY UPDATE: integer overflow in jbig2_image_compose
- debian/patches/CVE-2017-7976.patch: add bounds check to
jbig2_image.c.
- CVE-2017-7976
-- Marc Deslauriers <email address hidden> Fri, 19 May 2017 07:51:10 -0400
Available diffs
jbig2dec (0.13-4.1) unstable; urgency=high
* Non-maintainer upload.
* Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460)
* Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788)
* Bounds check before reading from image source data (CVE-2017-7976)
(Closes: #860787)
-- Salvatore Bonaccorso <email address hidden> Tue, 16 May 2017 20:08:21 +0200
Available diffs
- diff from 0.13-4 to 0.13-4.1 (1.8 KiB)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
jbig2dec (0.13-4) unstable; urgency=medium
* Add patches cherry-picked upstream to squash signed/unsigned
warnings and to fix warning for always-false unsigned < 0 tests.
Closes: Bug#850497. Thanks to Salvatore Bonaccorso.
* Modernize Vcs-Browser field: Use git subdir (not cgit).
* Stop override lintian for
package-needs-versioned-debhelper-build-depends: Fixed in lintian.
* Update copyright info: Extend coverage of Debian packaging.
-- Jonas Smedegaard <email address hidden> Mon, 23 Jan 2017 21:13:34 +0100
Available diffs
- diff from 0.13-3 to 0.13-4 (9.0 KiB)
jbig2dec (0.13-3) unstable; urgency=medium
* Add patch cherry-picked upstream to prevent checking too early for
buffer overrun.
* Modernize CDBS: Build-depend on licensecheck (not devscripts).
-- Jonas Smedegaard <email address hidden> Tue, 23 Aug 2016 10:13:47 +0200
Available diffs
- diff from 0.13-2 to 0.13-3 (1.4 KiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
jbig2dec (0.13-2) unstable; urgency=medium
* Fix mark libjbig2dec0 as multi-ach: same.
Closes: Bug#799916. Thanks to Jacek Szafarkiewicz and Yuriy M.
Kaminskiy.
* Add patch 2001 to avoid compile unrelated and unusable Memento
memory debugging code.
Closes: Bug#824483. Thanks to Yuriy M. Kaminskiy.
* Drop symbols for dropped Memento code.
Thanks to Yuriy M. Kaminskiy.
-- Jonas Smedegaard <email address hidden> Mon, 16 May 2016 18:35:14 +0200
Available diffs
- diff from 0.13-1 to 0.13-2 (1.6 KiB)
jbig2dec (0.13-1) unstable; urgency=medium
[ upstream ]
* New bugfix release.
[ Jonas Smedegaard ]
* Update watch file:
+ Bump file format to version 4.
+ Mangle scanned page to get tarball URLs from tags, and adapt URL
pattern.
+ Mangle download filename.
+ Mention gbp in usage comment.
* Use https protocol in Vcs-Git URL.
* Declare compliance with Debian Policy 3.9.8.
* Update copyright info:
+ Extend coverage for main author to include recent years.
+ Extend copyright of packaging to cover current year.
* Update git-buildpackage config: Filter any .gitignore file.
* Drop patch 2001: Applied upstream.
* Drop 3 symbols (unused, according to http://codesearch.debian.net/).
* Fix remove old lintian overrides file.
-- Jonas Smedegaard <email address hidden> Tue, 10 May 2016 16:51:55 +0200
Available diffs
jbig2dec (0.12+20150918-1build1) yakkety; urgency=medium * No-change rebuild for libpng soname change. -- Matthias Klose <email address hidden> Sat, 23 Apr 2016 00:12:43 +0000
Available diffs
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
jbig2dec (0.12+20150918-1) unstable; urgency=medium
[ upstream ]
* Snapshot.
+ Tidy build configuration.
+ Update for modern libpng.
+ Commit of build_consolidation branch.
+ Fixes for Windows build with VS 2015.
+ Check that cloned image exists before proceeding further.
+ Release huffman table memory properly.
[ Jonas Smedegaard ]
* Fix lintian overrides.
* Unfuzz all patches.
-- Jonas Smedegaard <email address hidden> Sat, 26 Sep 2015 17:33:05 +0200
Available diffs
- diff from 0.12-2 to 0.12+20150918-1 (3.8 KiB)
| Superseded in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
jbig2dec (0.12-2) unstable; urgency=medium
* Move package maintenance to printing team.
* Suppress lintian warning about build-depending unversioned on
debhelper.
* Update copyright info: Fix strip stray License field.
-- Jonas Smedegaard <email address hidden> Fri, 31 Jul 2015 19:19:18 +0200
Available diffs
| Superseded in wily-release |
| Obsolete in vivid-release |
| Obsolete in utopic-release |
| Published in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
jbig2dec (0.11+20120125-1ubuntu1) raring; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/libjbig2dec0.symbols: Added symbols file, generated and updated by
"dpkg-gensymbols -plibjbig2dec0 -Pdebian/libjbig2dec0/".
* Update symbols file based on dpkg-gensymbols diff in pbuilder.
* Update to Ubuntu maintainer.
Available diffs
jbig2dec (0.11-1ubuntu2) quantal; urgency=low * Rebuild for new armel compiler default of ARMv5t. -- Colin Watson <email address hidden> Thu, 04 Oct 2012 09:17:57 +0100
Available diffs
- diff from 0.11-1ubuntu1 to 0.11-1ubuntu2 (368 bytes)
| Superseded in quantal-release |
| Published in precise-release |
| Obsolete in oneiric-release |
| Obsolete in natty-release |
| Superseded in natty-release |
jbig2dec (0.11-1ubuntu1) natty; urgency=low
* debian/libjbig2dec0.symbols: Added symbols file, generated and updated by
"dpkg-gensymbols -plibjbig2dec0 -Pdebian/libjbig2dec0/".
-- Till Kamppeter <email address hidden> Mon, 10 Jan 2011 19:01:36 +0100
Available diffs
- diff from 0.11-1 to 0.11-1ubuntu1 (1.1 KiB)
jbig2dec (0.11-1) unstable; urgency=low * Initial release. Closes: bug#539965. -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 25 May 2010 15:15:50 +0100
| 1 → 35 of 35 results | First • Previous • Next • Last |
