1. 15 Mar, 2019 1 commit
  2. 13 Mar, 2019 30 commits
    • Mathieu Malaterre's avatar
      Import Debian changes 2.3.0-2 · 69dd71e5
      Mathieu Malaterre authored
      openjpeg2 (2.3.0-2) unstable; urgency=high
      
        [ Hugo Lefeuvre ]
        * CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in
          jp3d/convert.c (Closes: #884738).
        * CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and
          pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873).
        * CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c
          (Closes: #910763).
        * CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the
          opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533).
        * CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of
          openjp2/t1.c (Closes: #889683).
      
        [ Mathieu Malaterre ]
        * Add Hugo as Uploader
      69dd71e5
    • gregor herrmann's avatar
      Import Debian changes 2.3.0-1.1 · 9647efee
      gregor herrmann authored
      openjpeg2 (2.3.0-1.1) unstable; urgency=medium
      
        * Non-maintainer upload.
        * Fix "FTBFS with Java 9 due to -source/-target only":
          apply patch by Markus Koschany to build with Java 9 or later.
          (Closes: #873997)
      9647efee
    • Mathieu Malaterre's avatar
      Import Debian changes 2.3.0-1 · 8990d111
      Mathieu Malaterre authored
      openjpeg2 (2.3.0-1) unstable; urgency=medium
      
        * New upstream release. Closes: #877758
        * Drop explicit -dbg package. Closes: #877676
        * Fix CVE-2017-14041. Closes: #874115
        * Fix CVE-2017-14151. Closes: #874430
        * Fix CVE-2017-14152. Closes: #874431
      8990d111
    • Aurelien Jarno's avatar
      Import Debian changes 2.3.0-1~riscv64 · 6df81855
      Aurelien Jarno authored
      openjpeg2 (2.3.0-1~riscv64) unreleased; urgency=medium
      
        * Disable java and apache2 support.
      
      openjpeg2 (2.3.0-1) unstable; urgency=medium
      
        * New upstream release. Closes: #877758
        * Drop explicit -dbg package. Closes: #877676
        * Fix CVE-2017-14041. Closes: #874115
        * Fix CVE-2017-14151. Closes: #874430
        * Fix CVE-2017-14152. Closes: #874431
      6df81855
    • Mathieu Malaterre's avatar
      Import Upstream version 2.3.0 · a0777eb2
      Mathieu Malaterre authored
      a0777eb2
    • Mathieu Malaterre's avatar
      Import Debian changes 2.2.0-2 · 3b082df3
      Mathieu Malaterre authored
      openjpeg2 (2.2.0-2) unstable; urgency=medium
      
        * Fix changelog. Closes: #876535
        * Provide openjpeg-2.1 compat symlinks:
          + usr/include/openjpeg-2.1
          + usr/lib/$(DEB_HOST_MULTIARCH)/openjpeg-2.1
      3b082df3
    • Mathieu Malaterre's avatar
      Import Upstream version 2.2.0 · 7bd7546e
      Mathieu Malaterre authored
      7bd7546e
    • Mathieu Malaterre's avatar
      Import Debian changes 2.2.0-1 · 81a3871e
      Mathieu Malaterre authored
      openjpeg2 (2.2.0-1) unstable; urgency=medium
      
        * New upstream release. Closes: #872041
        * Fix CVE-2016-9113. Closes: #844552
        * Fix CVE-2016-9114. Closes: #844553
        * Fix CVE-2016-9115. Closes: #844554
        * Fix CVE-2016-9116. Closes: #844555
        * Fix CVE-2016-9117. Closes: #844556
      81a3871e
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.2-1.3 · a21d5bd9
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.2-1.3) unstable; urgency=medium
      
        * Fix FTFBS (Closes: #871905)
      a21d5bd9
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.2-1.2 · 8d198162
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.2-1.2) unstable; urgency=medium
      
        * Non-maintainer upload
        * Fix CVE-2016-1626, CVE-2016-1628, CVE-2016-5152, CVE-2016-9112 and
          CVE-2016-9118.patch
      8d198162
    • Luciano Bello's avatar
      Import Debian changes 2.1.2-1.1+deb9u3 · 3f531950
      Luciano Bello authored
      openjpeg2 (2.1.2-1.1+deb9u3) stretch-security; urgency=medium
      
        * Non-maintainer upload by the Security Team.
        * CVE-2018-14423: Division-by-zero vulnerabilities in the functions
          pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873).
        * CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks
          (closes: #889683).
        * CVE-2017-17480: Write stack buffer overflow due to missing buffer
          length formatter in fscanf call (closes: #884738).
        * CVE-2018-18088: Null pointer dereference caused by null image
          components in imagetopnm (closes: #910763).
        * CVE-2018-5785: Integer overflow in convertbmp.c (closes: #888533).
      3f531950
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.2-1.1+deb9u2 · 13c7e6c2
      Mathieu Malaterre authored
      openjpeg2 (2.1.2-1.1+deb9u2) stretch-security; urgency=medium
      
        * Fix whitespace/indent mess
        * CVE-2017-14039: CVE-2017-14039.patch
        * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
        * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
        * CVE-2017-14151: afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
        * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch
      13c7e6c2
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.2-1.1+deb9u1 · 987b3e04
      Mathieu Malaterre authored
      openjpeg2 (2.1.2-1.1+deb9u1) stretch-security; urgency=medium
      
        * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
        * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
        * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
        * CVE-2016-10504: 397f62c0a838e15d667ef50e27d5d011d2c79c04.patch
      987b3e04
    • Salvatore Bonaccorso's avatar
      Import Debian changes 2.1.2-1.1 · 9dcc7a58
      Salvatore Bonaccorso authored
      openjpeg2 (2.1.2-1.1) unstable; urgency=medium
      
        * Non-maintainer upload.
        * Add CVE-2016-9572_CVE-2016-9573.patch patch.
          CVE-2016-9572: NULL pointer dereference in input decoding
          CVE-2016-9573: Heap out-of-bounds read due to insufficient check in
          imagetopnm(). (Closes: #851422)
      9dcc7a58
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.2 · 8dfdbc1e
      Mathieu Malaterre authored
      8dfdbc1e
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.2-1 · 8526df6d
      Mathieu Malaterre authored
      openjpeg2 (2.1.2-1) unstable; urgency=medium
      
        * New upstream. Closes: #839120
        * Fix CVE-2016-7163. Closes: #837604
        * Fix CVE-2016-7445. Closes: #838690
        * Remove patches applied upstream:
      8526df6d
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.1 · af728730
      Mathieu Malaterre authored
      af728730
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.1-1 · f0add799
      Mathieu Malaterre authored
      openjpeg2 (2.1.1-1) unstable; urgency=medium
      
        * New upstream. Closes: #829734
          + d/watch points toward github now
          + Fix man page typos. Closes: #772889, #784377
          + Raise priority to optional. Closes: #822577
          + Fix multiple CVEs: Closes: #800453, #800149, #818399
        * Fix pc file. Closes: #787383
        * Remove reference to contrib. Closes: #820190
        * Bump Std-Vers to 3.9.8, no changes needed
      f0add799
    • Jean-Michel Vourgère's avatar
      Import Debian changes 2.1.0-2.1 · a62fba09
      Jean-Michel Vourgère authored
      openjpeg2 (2.1.0-2.1) unstable; urgency=high
      
        * Non-maintainer upload.
        * Apache 2.4 transition: (Closes: #786333)
          + d/rules: Added --with apache2.
          + Drop d/libopenjpip-server.install.
          + Drop d/libopenjpip-server.prerm.
          + d/control: Add build-depends on dh-apache2, replace depends on
            apache2.2-bin by ${misc:Recommends}, add recommends on
            libapache2-mod-fastcgi.
          + New d/libopenjpip-server.conf for apache2 fastcgi setup.
          + Drop d/libopenjpip-server.load.
          + New d/libopenjpip-server.apache2 to set up the configuration.
      a62fba09
    • Hugo Lefeuvre's avatar
      Import Debian changes 2.1.0-2+deb8u6 · 80411a8a
      Hugo Lefeuvre authored
      openjpeg2 (2.1.0-2+deb8u6) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team.
        * CVE-2018-14423: Division-by-zero vulnerabilities in the functions
          pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873).
        * CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks
          (closes: #889683).
      80411a8a
    • Hugo Lefeuvre's avatar
      Import Debian changes 2.1.0-2+deb8u5 · 6fc12df0
      Hugo Lefeuvre authored
      openjpeg2 (2.1.0-2+deb8u5) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team.
        * CVE-2017-17480: write stack buffer overflow due to missing buffer
          length formatter in fscanf call.
        * CVE-2018-18088: null pointer dereference caused by null image
          components in imagetopnm.
      6fc12df0
    • Thorsten Alteholz's avatar
      Import Debian changes 2.1.0-2+deb8u4 · 114dac2e
      Thorsten Alteholz authored
      openjpeg2 (2.1.0-2+deb8u4) jessie-security; urgency=high
      
        * Non-maintainer upload by the LTS Team. 
        * CVE-2015-1239
          Fix for denial of service (process crash) via a crafted PDF.
        * CVE-2016-5139
          Fix for integer overflows, allowing a denial of service
          (heap-based buffer overflow) or possibly have unspecified
          other impact via crafted JPEG 2000 data.
      114dac2e
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-2+deb8u3 · ac9f2622
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-2+deb8u3) jessie-security; urgency=medium
      
        * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
        * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
        * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
        * CVE-2016-10504: not needed
        * CVE-2017-14039: CVE-2017-14039.patch
        * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
        * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
        * CVE-2017-14151: not needed
        * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch
        * CVE-2016-5157: CVE-2016-5157.patch
      ac9f2622
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.0-2+deb8u2 · aae62fea
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.0-2+deb8u2) jessie-security; urgency=medium
      
        * CVE-2016-5159 CVE-2016-8332 CVE-2016-9572 CVE-2016-9573
      aae62fea
    • Moritz Muehlenhoff's avatar
      Import Debian changes 2.1.0-2+deb8u1 · 18085d65
      Moritz Muehlenhoff authored
      openjpeg2 (2.1.0-2+deb8u1) jessie-security; urgency=medium
      
        * CVE-2015-6581 CVE-2015-8871 CVE-2016-1924 CVE-2016-7163
      18085d65
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-2 · 3bd11a6e
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-2) unstable; urgency=low
      
        * Install *.pc files. Closes: #762251
        * Remove cmake-fatal-error export stuff
        * Fix warnings in d/copyright
        * Bump Std-Vers to 3.9.6, no changes needed
        * Fix include path in export file to handle multi-arch install
          + debian/patches/multiarch_path.patch
      3bd11a6e
    • Mathieu Malaterre's avatar
      Import Upstream version 2.1.0 · f7d32588
      Mathieu Malaterre authored
      f7d32588
    • Mathieu Malaterre's avatar
      Import Debian changes 2.1.0-1 · dca69c0a
      Mathieu Malaterre authored
      openjpeg2 (2.1.0-1) unstable; urgency=low
      
        * New upstream. Closes: #761154, #761155
        * Rename binary packages to prevent conflicts. Closes: #760874
        * Remove "Multi-Arch: same" for -dev package. Closes: #760421
      dca69c0a
    • Mathieu Malaterre's avatar
      Import Upstream version 2.0.0 · a3ff4da3
      Mathieu Malaterre authored
      a3ff4da3
    • Mathieu Malaterre's avatar
      Import Debian changes 2.0.0-1 · d5ce8a89
      Mathieu Malaterre authored
      openjpeg2 (2.0.0-1) unstable; urgency=low
      
        * New upstream. Closes: #738655.
      d5ce8a89