xsok (1.02-16) unstable; urgency=medium
* patch 10_lots_of_stuff: break into logical patches.
- build_tweaks, config, manpage, overflow
* new patch no_gunzip: rip out the gunzip support.
This had a fragile security patch in it - there were two code paths
selected by a define in the Imakefile, and only one was fixed.
- patch 20_gunzip_exploit_fix deleted, as it is obsolete
* new patch wm_delete: support ICCCM, or at least WM_DELETE_WINDOW.
Thanks to Peter de Wachter <email address hidden> for the patch.
(Closes: #288143)
* new patch security_paranoia: fix/remove various uses of strcpy/sprintf.
Most of these aren't exploitable, but some might be.
* new patch undo_nowrap: prevent "undo" command from wrapping around
to the end of the game. This behavior was clearly intentional, but
it's counterintuitive and undocumented. (Closes: #288142)
* new patch drag_segfault: prevent segfault when trying to drag the
player with button 2. (Closes: #318617)
* patch build_tweaks:
- disable ifdef for HPArchitecture. Obviously they mean HP-UX; we
don't want that stuff for Debian hppa.
- remove -O2 from CCOPTIONS, to enable DEB_BUILD_OPTIONS=noopt.
- fix 3 gcc warnings. All harmless, except one on 64-bit BE,
which Debian doesn't have for this package.
* debian/rules: support DEB_BUILD_OPTIONS=nostrip,noopt.
* debian/rules:
- Remove kludge around Bug #319121, it's fixed now.
- In the same vein, override $(LOCAL_LIBRARIES) to avoid linking
extraneous X libraries.
- debian/control: Trim Build-Depends accordingly.
* debian/docs: don't ship README, it's not really relevant to Debian.
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 15 Jun 2006 16:27:06 +0100
