New changelog entries:
* Merge from Debian unstable. Remaining changes:
- debian/patches/CVE-2019-19221.patch: Bugfix and optimize
archive_wstring_append_from_mbs() in libarchive/archive_string.c.
- CVE-2019-19221
1c37020...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.4.0-2 to debian/sid
New changelog entries:
* Declare compliance with Debian Policy 4.5.0 with no changes.
* Add the year 2020 to my debian/* copyright notice.
* Add the CVE-2020-9308 patch - invalid RAR5 headers. (Closes: #951759)
* Make the autopkgtests cross-test-friendly. (Closes: #953140)
20aa7c1...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.4.0-1 to debian/sid
New changelog entries:
* Declare compliance with Debian Policy 4.4.0 with no changes.
* Mark the adequate test as superficial and give it a name.
* Update the watch file a bit:
- use the version 4 format placeholders
- drop the "pasv" option, no FTP upstream sites
- add the upstream signing key
* Run all available Salsa CI jobs.
* Drop the bsdtar and bsdcpio transitional packages.
Closes: #940745, #940753
* New upstream version:
- drop all the patches obtained from the upstream Git repository
(CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000879, CVE-2018-1000880, CVE-2019-1000019, CVE-2019-1000020, and
zip-nullptr)
- update the library symbols file
* Add some bugfix patches obtained from upstream.
* Add the typos patch to correct some typographical and grammatical
errors.
* Update the upstream copyright information.
f5bd55d...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.3.3-4 to debian/sid
New changelog entries:
* Add three upstream patches:
- CVE-2019-1000019: fix a crash when parsing some 7zip archives
- CVE-2019-1000020: require the RockRidge extension for iso9660
- zip-nullptr: fix a null pointer deference in ZIP files handling
b3732f8...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.3.3-3 to debian/sid
New changelog entries:
[ Andreas Henriksson ]
* Build-depend on libext2fs-dev instead of e2fslibs-dev (Closes: #890210)
* CI: Use the salsa-ci-team pipeline
[ Peter Pentchev ]
* Declare compliance with Debian Policy 4.3.0 with no changes.
* Bump the debhelper compatibility level to 12 with no changes.
* Add my copyright notice for debian/*.
* Extend Andreas Henriksson's copyright notice all the way to 2019.
073798e...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.3.3-2 to debian/sid
New changelog entries:
[ Peter Pentchev ]
* Declare compliance with Debian Policy 4.2.1 with no changes.
* Drop the Lintian overrides related to B-D: debhelper-compat -
Lintian 2.5.98 no longer emits these warnings and errors.
* Build with zstd compression support.
* Pass --fail-missing to dh_missing, not to dh_install any more.
[ Andreas Henriksson ]
* New upstream release.
* Drop debian/patches/ now part of upstream release:
- Avoid-a-read-off-by-one-error-for-UTF16-names-in-RAR.patch
- Do-something-sensible-for-empty-strings-to-make-fuzz.patch
- Fail-with-negative-lha-compsize-in-lha_read_file_header_1.patch
- Reject-LHA-archive-entries-with-negative-size.patch
- Reread-the-CAB-header-skipping-the-self-extracting-b.patch
- archive_strncat_l-allocate-and-do-not-convert-if-len.patch
- iso9660-validate-directory-record-length.patch
* Update libarchive13.symbols
46af13a...
by
Peter Pentchev <email address hidden>
Import patches-unapplied version 3.2.2-5 to debian/sid
New changelog entries:
* Acknowledge NMUs; many thanks to Salvatore Bonaccorso!
* Use my Debian e-mail address.
* Declare compliance with Debian Policy 4.2.0:
- add Rules-Requires-Root: no to the source control stanza
- install the upstream release notes (NEWS)
* Drop the duplicate Priority fields for the binary packages.
* Switch to the HTTPS scheme in various upstream and Debian
packaging URLs.
* Drop some trailing whitespace from old changelog entries.
* Bump the debhelper compatibility level to 11 with no changes and
use the B-D: debhelper-compat (= 11) mechanism.
* Add a trivial autopkgtest running adequate on the binary packages.