1jasper (1.900.1-13) unstable; urgency=high
2
3  * Fix CVE-2011-4516 and CVE-2011-4517: Two buffer overflow issues possibly
4    exploitable via specially crafted input files (Closes: #652649)
5    Thanks to Red Hat and Michael Gilbert
6
7 -- Roland Stigge <stigge@antcom.de>  Wed, 04 Jan 2012 19:14:40 +0100
8
9jasper (1.900.1-12) unstable; urgency=low
10
11  * Added patch to fix filename buffer overflow, thanks to Jonas Smedegard
12    and Alex Cherepanov from ghostscript (Closes: #649833)
13
14 -- Roland Stigge <stigge@antcom.de>  Sun, 27 Nov 2011 19:56:01 +0100
15
16jasper (1.900.1-11) unstable; urgency=low
17
18  * Added Multiarch support, thanks to Colin Watson (Closes: #645118)
19
20 -- Roland Stigge <stigge@antcom.de>  Wed, 02 Nov 2011 17:16:10 +0100
21
22jasper (1.900.1-10) unstable; urgency=low
23
24  * Added debian/watch
25  * debian/patches/01-misc-fixes.patch:
26    - Separated out config.{guess,sub}
27
28 -- Roland Stigge <stigge@antcom.de>  Mon, 15 Aug 2011 19:09:29 +0200
29
30jasper (1.900.1-9) unstable; urgency=low
31
32  * Switch to dpkg-source 3.0 (quilt) format
33  * Using new dh 7 build system
34
35 -- Roland Stigge <stigge@antcom.de>  Tue, 12 Jul 2011 20:21:21 +0200
36
37jasper (1.900.1-8) unstable; urgency=low
38
39  * Removed unneeded .la file (Closes: #633162)
40  * debian/control:
41    - Standards-Version: 3.9.2
42    - use libjpeg8-dev instead of libjpeg62-dev
43
44 -- Roland Stigge <stigge@antcom.de>  Mon, 11 Jul 2011 21:27:24 +0200
45
46jasper (1.900.1-7) unstable; urgency=low
47
48  * Acknowledge NMU
49  * Added patch to fix Debian patch for CVE-2008-3521 (Closes: #506739)
50  * debian/control: Standards-Version: 3.8.4
51
52 -- Roland Stigge <stigge@antcom.de>  Sun, 21 Feb 2010 16:09:45 +0100
53
54jasper (1.900.1-6.1) unstable; urgency=low
55
56  * Non-maintainer upload.
57  * This is a fix for the GeoJP2 patch introduced in 1.900.1-5 which caused
58    GDAL faulting. Thanks Even Rouault. (Closes: #553429)
59
60 -- Francesco Paolo Lovergine <frankie@debian.org>  Wed, 28 Oct 2009 09:39:28 +0100
61
62jasper (1.900.1-6) unstable; urgency=low
63
64  * Reverted to jasper 1.900.1-6 because 1.900.1-5.1 messed up (see #528543)
65    but 1.900.1-5 wasn't available anymore. (Closes: #514296, #528543)
66  * Re-applied patch from #275619 as in 1.900.1-5
67  * debian/control: Standards-Version: 3.8.2
68  * Applied patch by Nico Golde (Closes: #501021)
69     - CVE-2008-3522[0]: Buffer overflow.
70     - CVE-2008-3521[1]: unsecure temporary files handling.
71     - CVE-2008-3520[2]: Multiple integer overflows.
72
73 -- Roland Stigge <stigge@antcom.de>  Sat, 20 Jun 2009 15:21:16 +0200
74
75jasper (1.900.1-5.1) unstable; urgency=low
76
77  * Non-maintainer upload.
78  * add patches/02_security.dpatch to fix various CVEs (Closes: #501021):
79     + CVE-2008-3522[0]: Buffer overflow.
80     + CVE-2008-3521[1]: unsecure temporary files handling.
81     + CVE-2008-3520[2]: Multiple integer overflows.
82
83 -- Pierre Habouzit <madcoder@debian.org>  Sun, 12 Oct 2008 21:40:59 +0200
84
85jasper (1.900.1-5) unstable; urgency=low
86
87  * Added GeoJP2 patch by Sven Geggus <sven.geggus@iitb.fraunhofer.de>
88    (Closes: #275619)
89  * debian/control: Standards-Version: 3.8.0
90
91 -- Roland Stigge <stigge@antcom.de>  Sun, 08 Jun 2008 13:14:24 +0200
92
93jasper (1.900.1-4) unstable; urgency=low
94
95  * src/libjasper/jpc/jpc_dec.c: Extended assert() to accept 4 color
96    components (Closes: #469786)
97  * debian/rules: improve "make distclean", thanks to lintian
98  * debian/control:
99    - Standards-Version: 3.7.3
100    - ${Source-Version} -> ${binary:Version}
101    - Removed self-dependencies of libjasper-dev
102
103 -- Roland Stigge <stigge@antcom.de>  Sun, 09 Mar 2008 11:53:44 +0100
104
105jasper (1.900.1-3) unstable; urgency=low
106
107  * Fixed segfaults on broken images (Closes: #413041)
108
109 -- Roland Stigge <stigge@antcom.de>  Tue, 10 Apr 2007 10:05:10 +0200
110
111jasper (1.900.1-2) experimental; urgency=low
112
113  * Added jas_tmr.h to -dev package (Closes: #414705)
114
115 -- Roland Stigge <stigge@antcom.de>  Tue, 13 Mar 2007 14:23:58 +0100
116
117jasper (1.900.1-1) experimental; urgency=low
118
119  * New upstream release
120  * debian/control:
121    - Standards-Version: 3.7.2
122    - Build-Depends: freeglut3-dev instead of libglut3-dev (Closes: #394496)
123  * Renamed packages to libjasper1, libjasper-dev, libjasper-runtime according
124    to upstream shared library naming change
125
126 -- Roland Stigge <stigge@antcom.de>  Fri, 26 Jan 2007 14:22:18 +0100
127
128jasper (1.701.0-2) unstable; urgency=low
129
130  * Prevent compression of pdf documents in binary packages
131  * Added man pages for the executables (Closes: #250077)
132  * Again renamed binary packages to reflect Policy:
133      - libjasper-1.701-1
134      - libjasper-1.701-dev (Provides, Replaces and Conflicts: libjasper-dev)
135      - libjasper-runtime
136
137 -- Roland Stigge <stigge@antcom.de>  Sun, 20 Jun 2004 13:54:10 +0200
138
139jasper (1.701.0-1) unstable; urgency=low
140
141  * New maintainer (Closes: #217099)
142  * New upstream release (Closes: #217570)
143      - new DFSG-compliant license (Closes: #218999, #245075)
144      - includes newer libtool related files (Closes: #210383)
145  * debian/control:
146      - Standards-Version: 3.6.1
147      - Changed binary package names, fixed interdependencies (Closes: #211592)
148          libjasper-1.700-2 => libjasper1
149          libjasper-1.700-2-dev => libjasper-dev
150          libjasper-progs => libjasper-runtime
151        (new packages conflicting and replacing the old ones)
152      - Added libxi-dev, libxmu-dev, libxt-dev to Build-Depends
153        (Closes: #250481)
154
155 -- Roland Stigge <stigge@antcom.de>  Sat, 19 Jun 2004 23:19:32 +0200
156
157jasper (1.700.2-1) unstable; urgency=low
158
159  * Initial Release.
160
161 -- Christopher L Cheney <ccheney@debian.org>  Fri, 22 Aug 2003 01:30:00 -0500
162
163