1. 13 Mar, 2019 16 commits
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.2-1 · 8526df6d
      Mathieu Malaterre authored
      openjpeg2 (2.1.2-1) unstable; urgency=medium
      
        * New upstream. Closes: #839120
        * Fix CVE-2016-7163. Closes: #837604
        * Fix CVE-2016-7445. Closes: #838690
        * Remove patches applied upstream:
      8526df6d
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.2 · 8dfdbc1e
      Mathieu Malaterre authored
      8dfdbc1e
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.1-1 · f0add799
      Mathieu Malaterre authored
      openjpeg2 (2.1.1-1) unstable; urgency=medium
      
        * New upstream. Closes: #829734
          + d/watch points toward github now
          + Fix man page typos. Closes: #772889, #784377
          + Raise priority to optional. Closes: #822577
          + Fix multiple CVEs: Closes: #800453, #800149, #818399
        * Fix pc file. Closes: #787383
        * Remove reference to contrib. Closes: #820190
        * Bump Std-Vers to 3.9.8, no changes needed
      f0add799
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.1 · af728730
      Mathieu Malaterre authored
      af728730
    • Jean-Michel Vourgère's avatar
      Import Debian changes 2.1.0-2.1 · a62fba09
      Jean-Michel Vourgère authored
      openjpeg2 (2.1.0-2.1) unstable; urgency=high
      
        * Non-maintainer upload.
        * Apache 2.4 transition: (Closes: #786333)
          + d/rules: Added --with apache2.
          + Drop d/libopenjpip-server.install.
          + Drop d/libopenjpip-server.prerm.
          + d/control: Add build-depends on dh-apache2, replace depends on
            apache2.2-bin by ${misc:Recommends}, add recommends on
            libapache2-mod-fastcgi.
          + New d/libopenjpip-server.conf for apache2 fastcgi setup.
          + Drop d/libopenjpip-server.load.
          + New d/libopenjpip-server.apache2 to set up the configuration.
      a62fba09
    • Hugo Lefeuvre's avatar
      Import Debian changes 2.1.0-2+deb8u6 · 80411a8a
      Hugo Lefeuvre authored
      openjpeg2 (2.1.0-2+deb8u6) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team.
        * CVE-2018-14423: Division-by-zero vulnerabilities in the functions
          pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873).
        * CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks
          (closes: #889683).
      80411a8a
    • Hugo Lefeuvre's avatar
      Import Debian changes 2.1.0-2+deb8u5 · 6fc12df0
      Hugo Lefeuvre authored
      openjpeg2 (2.1.0-2+deb8u5) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team.
        * CVE-2017-17480: write stack buffer overflow due to missing buffer
          length formatter in fscanf call.
        * CVE-2018-18088: null pointer dereference caused by null image
          components in imagetopnm.
      6fc12df0
    • Thorsten Alteholz's avatar
      Import Debian changes 2.1.0-2+deb8u4 · 114dac2e
      Thorsten Alteholz authored
      openjpeg2 (2.1.0-2+deb8u4) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team. 
        * CVE-2015-1239
          Fix for denial of service (process crash) via a crafted PDF.
        * CVE-2016-5139
          Fix for integer overflows, allowing a denial of service
          (heap-based buffer overflow) or possibly have unspecified
          other impact via crafted JPEG 2000 data.
      114dac2e
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-2+deb8u3 · ac9f2622
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-2+deb8u3) jessie-security; urgency=medium
      
        * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
        * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
        * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
        * CVE-2016-10504: not needed
        * CVE-2017-14039: CVE-2017-14039.patch
        * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
        * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
        * CVE-2017-14151: not needed
        * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch
        * CVE-2016-5157: CVE-2016-5157.patch
      ac9f2622
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.0-2+deb8u2 · aae62fea
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.0-2+deb8u2) jessie-security; urgency=medium
      
        * CVE-2016-5159 CVE-2016-8332 CVE-2016-9572 CVE-2016-9573
      aae62fea
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.0-2+deb8u1 · 18085d65
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.0-2+deb8u1) jessie-security; urgency=medium
      
        * CVE-2015-6581 CVE-2015-8871 CVE-2016-1924 CVE-2016-7163
      18085d65
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-2 · 3bd11a6e
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-2) unstable; urgency=low
      
        * Install *.pc files. Closes: #762251
        * Remove cmake-fatal-error export stuff
        * Fix warnings in d/copyright
        * Bump Std-Vers to 3.9.6, no changes needed
        * Fix include path in export file to handle multi-arch install
          + debian/patches/multiarch_path.patch
      3bd11a6e
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.0 · f7d32588
      Mathieu Malaterre authored
      f7d32588
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-1 · dca69c0a
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-1) unstable; urgency=low
      
        * New upstream. Closes: #761154, #761155
        * Rename binary packages to prevent conflicts. Closes: #760874
        * Remove "Multi-Arch: same" for -dev package. Closes: #760421
      dca69c0a
    • Mathieu Malaterre's avatar
      Import Upstream version 2.0.0 · a3ff4da3
      Mathieu Malaterre authored
      a3ff4da3
    • Mathieu Malaterre's avatar
      Import Debian changes 2.0.0-1 · d5ce8a89
      Mathieu Malaterre authored
      openjpeg2 (2.0.0-1) unstable; urgency=low
      
        * New upstream. Closes: #738655.
      d5ce8a89