From b134093d75235a90f09ff591137aed9dbdad6e89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Wed, 7 Aug 2019 09:32:37 +0200 Subject: Correct typo in watch file --- debian/watch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/watch b/debian/watch index 8a7b475..2f0e85f 100644 --- a/debian/watch +++ b/debian/watch @@ -4,4 +4,4 @@ dversionmangle=s/\+(debian|dfsg|ds|deb)\d*$//,\ uversionmangle=s/(\d)[_\.\-\+]?((RC|rc|pre|dev|beta|alpha)\d*)$/$1~$2/;s/RC/rc/;s/\-/\./g;s/\_/\./g,\ filenamemangle=s/(?:.*?)?(?:rel|v|oniguruma|ONIGURUMA)?[\-\_]?(\d\S+)\.(tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz)))/oniguruma-$1.$2/ \ https://github.com/kkos/oniguruma/tags \ -(?:.*?/)?(?:rel|v|oniguruma|ONIGURUMA)?[\-\_]?(\d\S+)\.(?:tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz))) \ +(?:.*?/)?(?:rel|v|oniguruma|ONIGURUMA)?[\-\_]?(\d\S+)\.(?:tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz))) -- cgit v1.2.3 From c3e46f9393d982d81ce46f63f7c7e368859bc4ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Wed, 7 Aug 2019 09:42:28 +0200 Subject: Remove upstream applied patches --- debian/changelog | 10 ++++++++++ debian/patches/series | 4 ++-- 2 files changed, 12 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 2ae3106..da21bdf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +libonig (6.9.3-1) UNRELEASED; urgency=medium + + * Neu upstream release. + * debian/watch:_Correct typo. + * Remove upstream applied patches: + - 0105-CVE-2019-13224.patch + - 0110-CVE-2019-13225.patch + + -- Jörg Frings-Fürst Wed, 07 Aug 2019 09:33:40 +0200 + libonig (6.9.2-1) unstable; urgency=medium * New upstream release: diff --git a/debian/patches/series b/debian/patches/series index e924636..1c34712 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,3 @@ 0100-source_typos.patch -0105-CVE-2019-13224.patch -0110-CVE-2019-13225.patch +#0105-CVE-2019-13224.patch +#0110-CVE-2019-13225.patch -- cgit v1.2.3 From 68d1ec60c90d27c511d51ce0bef44b132a7ddf11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Wed, 7 Aug 2019 10:03:41 +0200 Subject: Refresh symbols file and add Build-Depends-Package field --- debian/changelog | 1 + debian/symbols | 2 ++ 2 files changed, 3 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index da21bdf..0f1505f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,7 @@ libonig (6.9.3-1) UNRELEASED; urgency=medium * Neu upstream release. + - Refresh symbols file and add Build-Depends-Package field. * debian/watch:_Correct typo. * Remove upstream applied patches: - 0105-CVE-2019-13224.patch diff --git a/debian/symbols b/debian/symbols index 06628e7..89468b0 100644 --- a/debian/symbols +++ b/debian/symbols @@ -1,4 +1,5 @@ libonig.so.5 libonig5 #MINVER# +* Build-Depends-Package: libonig-dev OnigAsciiLowerMap@Base 6.8.1 OnigDefaultCaseFoldFlag@Base 6.8.1 OnigDefaultSyntax@Base 6.8.1 @@ -134,6 +135,7 @@ libonig.so.5 libonig5 #MINVER# onig_initialize_match_param@Base 6.8.1 onig_is_code_in_cc@Base 6.8.1 onig_is_code_in_cc_len@Base 6.8.1 + onig_is_error_code_needs_param@Base 6.9.3 onig_is_in_code_range@Base 6.8.1 onig_match@Base 6.8.1 onig_match_with_param@Base 6.8.1 -- cgit v1.2.3 From c527ea541a9633fb14391c981861e70070d9402f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 11:26:26 +0100 Subject: Change year to 2019 --- debian/changelog | 7 ++++--- debian/copyright | 4 ++-- 2 files changed, 6 insertions(+), 5 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 0f1505f..d88a462 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,10 +2,11 @@ libonig (6.9.3-1) UNRELEASED; urgency=medium * Neu upstream release. - Refresh symbols file and add Build-Depends-Package field. + - Remove upstream applied patches: + + 0105-CVE-2019-13224.patch + + 0110-CVE-2019-13225.patch + - Refresh debain/copyright. * debian/watch:_Correct typo. - * Remove upstream applied patches: - - 0105-CVE-2019-13224.patch - - 0110-CVE-2019-13225.patch -- Jörg Frings-Fürst Wed, 07 Aug 2019 09:33:40 +0200 diff --git a/debian/copyright b/debian/copyright index cd813f1..6b10c03 100644 --- a/debian/copyright +++ b/debian/copyright @@ -2,7 +2,7 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0 Source: https://github.com/kkos/oniguruma Files: * -Copyright: 2002-2018 K.Kosako +Copyright: 2002-2019 K.Kosako License: BSD-2-clause License: BSD-2-clause @@ -30,7 +30,7 @@ License: BSD-2-clause Files: debian/* Copyright: 2006-2008 Max Kellermann - 2014-2018 Jörg Frings-Fürst + 2014-2019 Jörg Frings-Fürst License: GPL-2+ License: GPL-2+ -- cgit v1.2.3 From cd957790e3a1c549cf86a8991f03a39d975fe3bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 11:46:56 +0100 Subject: Refresh symbols file --- debian/changelog | 4 ++-- debian/symbols | 15 ++++++++++----- 2 files changed, 12 insertions(+), 7 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index d88a462..83049ff 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -libonig (6.9.3-1) UNRELEASED; urgency=medium +libonig (6.9.4-1) UNRELEASED; urgency=medium * Neu upstream release. - Refresh symbols file and add Build-Depends-Package field. @@ -8,7 +8,7 @@ libonig (6.9.3-1) UNRELEASED; urgency=medium - Refresh debain/copyright. * debian/watch:_Correct typo. - -- Jörg Frings-Fürst Wed, 07 Aug 2019 09:33:40 +0200 + -- Jörg Frings-Fürst Fri, 29 Nov 2019 11:27:09 +0100 libonig (6.9.2-1) unstable; urgency=medium diff --git a/debian/symbols b/debian/symbols index 89468b0..19e8a59 100644 --- a/debian/symbols +++ b/debian/symbols @@ -143,12 +143,11 @@ libonig.so.5 libonig5 #MINVER# onig_name_to_group_numbers@Base 6.8.1 onig_names_free@Base 6.8.1 onig_new@Base 6.8.1 + onig_new_cclass_with_code_list@Base 6.9.4 onig_new_deluxe@Base 6.8.1 onig_new_match_param@Base 6.8.1 onig_new_without_alloc@Base 6.8.1 - onig_node_conv_to_str_node@Base 6.8.1 onig_node_free@Base 6.8.1 - onig_node_list_add@Base 6.8.1 onig_node_new_alt@Base 6.8.1 onig_node_new_anchor@Base 6.8.1 onig_node_new_bag@Base 6.9.1 @@ -174,10 +173,18 @@ libonig.so.5 libonig5 #MINVER# onig_region_new@Base 6.8.1 onig_region_resize@Base 6.8.1 onig_region_set@Base 6.8.1 + onig_regset_add@Base 6.9.4 + onig_regset_free@Base 6.9.4 + onig_regset_get_regex@Base 6.9.4 + onig_regset_get_region@Base 6.9.4 + onig_regset_new@Base 6.9.4 + onig_regset_number_of_regex@Base 6.9.4 + onig_regset_replace@Base 6.9.4 + onig_regset_search@Base 6.9.4 + onig_regset_search_with_param@Base 6.9.4 onig_renumber_name_table@Base 6.8.1 onig_scan@Base 6.8.1 onig_scan_env_set_error_string@Base 6.8.1 - onig_scan_unsigned_number@Base 6.8.1 onig_search@Base 6.8.1 onig_search_with_param@Base 6.8.1 onig_set_callout_data@Base 6.8.1 @@ -254,10 +261,8 @@ libonig.so.5 libonig5 #MINVER# onigenc_is_valid_mbc_string@Base 6.8.1 onigenc_length_check_is_valid_mbc_string@Base 6.8.1 onigenc_mb2_code_to_mbc@Base 6.8.1 - onigenc_mb2_code_to_mbclen@Base 6.8.1 onigenc_mb2_is_code_ctype@Base 6.8.1 onigenc_mb4_code_to_mbc@Base 6.8.1 - onigenc_mb4_code_to_mbclen@Base 6.8.1 onigenc_mb4_is_code_ctype@Base 6.8.1 onigenc_mbn_mbc_case_fold@Base 6.8.1 onigenc_mbn_mbc_to_code@Base 6.8.1 -- cgit v1.2.3 From 6242ce2fd8f4e293f6acbd828d268a917a1fd10c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 11:50:31 +0100 Subject: Declare compliance with Debian Policy 4.4.1.1 --- debian/changelog | 1 + debian/control | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 83049ff..c654cd3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,7 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium + 0110-CVE-2019-13225.patch - Refresh debain/copyright. * debian/watch:_Correct typo. + * Declare compliance with Debian Policy 4.4.1.1 (No changes needed). -- Jörg Frings-Fürst Fri, 29 Nov 2019 11:27:09 +0100 diff --git a/debian/control b/debian/control index bad90d6..537bc40 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: extra Maintainer: Jörg Frings-Fürst Build-Depends: debhelper (>= 12) -Standards-Version: 4.4.0 +Standards-Version: 4.4.1 Homepage: https://github.com/kkos/oniguruma Vcs-Git: git://jff.email/opt/git/libonig.git Vcs-Browser: https://jff.email/cgit/libonig.git -- cgit v1.2.3 From 63bdac4134d7d74b5dcb65aef0d22c32cb7079a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 12:05:42 +0100 Subject: Switch to debhelper-compat --- debian/changelog | 3 +++ debian/compat | 1 - debian/control | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) delete mode 100644 debian/compat (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index c654cd3..0fc7fa0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,9 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium - Refresh debain/copyright. * debian/watch:_Correct typo. * Declare compliance with Debian Policy 4.4.1.1 (No changes needed). + * Switch to debhelper-compat: + - debian/control: change to debhelper-compat (=12) + - remove debian/compat -- Jörg Frings-Fürst Fri, 29 Nov 2019 11:27:09 +0100 diff --git a/debian/compat b/debian/compat deleted file mode 100644 index 48082f7..0000000 --- a/debian/compat +++ /dev/null @@ -1 +0,0 @@ -12 diff --git a/debian/control b/debian/control index 537bc40..d48d070 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: libs Priority: extra Maintainer: Jörg Frings-Fürst Build-Depends: - debhelper (>= 12) + debhelper-compat (= 12) Standards-Version: 4.4.1 Homepage: https://github.com/kkos/oniguruma Vcs-Git: git://jff.email/opt/git/libonig.git -- cgit v1.2.3 From d71526b1c053fc69aaec2d2465c6d416633662fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 12:18:09 +0100 Subject: d/contol: Add Rules-Requires-Root: binary-targets --- debian/changelog | 2 ++ debian/control | 1 + 2 files changed, 3 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 0fc7fa0..8376088 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,8 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium * Switch to debhelper-compat: - debian/control: change to debhelper-compat (=12) - remove debian/compat + * debian/control: + - Add Rules-Requires-Root: binary-targets. -- Jörg Frings-Fürst Fri, 29 Nov 2019 11:27:09 +0100 diff --git a/debian/control b/debian/control index d48d070..b62f093 100644 --- a/debian/control +++ b/debian/control @@ -5,6 +5,7 @@ Maintainer: Jörg Frings-Fürst Build-Depends: debhelper-compat (= 12) Standards-Version: 4.4.1 +Rules-Requires-Root: binary-targets Homepage: https://github.com/kkos/oniguruma Vcs-Git: git://jff.email/opt/git/libonig.git Vcs-Browser: https://jff.email/cgit/libonig.git -- cgit v1.2.3 From 101f52fb0d2c7213ea63c29b031489fb22c2b8a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 12:34:20 +0100 Subject: d/changelog: Add some fixed CVEs --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 8376088..5106128 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,14 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium + 0105-CVE-2019-13224.patch + 0110-CVE-2019-13225.patch - Refresh debain/copyright. + - Fixes CVE-2019-19204: heap-buffer-overflow in fetch_interval_quantifier + due to double PFETCH (Closes: #945313). + - Fixes CVE-2019-19203: heap-buffer-overflow in gb18030_mbc_enc_len + (Closes: #945312). + - Fixes CVE-2019-19012: Out of bounds read in mbc_to_code() + (Closes: #944959). + - Fixes CVE-2019-16163: Stack Exhaustion Problem (Closes: #939988). + - Fixes CVE-2019-19246: heap-based buffer over-read in str_lower_case_match. * debian/watch:_Correct typo. * Declare compliance with Debian Policy 4.4.1.1 (No changes needed). * Switch to debhelper-compat: -- cgit v1.2.3 From c347fb41cbf06a1b2640758151c9d132d70fd298 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Fri, 29 Nov 2019 12:46:35 +0100 Subject: d/changelog: Change distribution to unstable, Change date and time --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 5106128..63c1391 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -libonig (6.9.4-1) UNRELEASED; urgency=medium +libonig (6.9.4-1) unstable; urgency=medium * Neu upstream release. - Refresh symbols file and add Build-Depends-Package field. @@ -22,7 +22,7 @@ libonig (6.9.4-1) UNRELEASED; urgency=medium * debian/control: - Add Rules-Requires-Root: binary-targets. - -- Jörg Frings-Fürst Fri, 29 Nov 2019 11:27:09 +0100 + -- Jörg Frings-Fürst Fri, 29 Nov 2019 12:45:36 +0100 libonig (6.9.2-1) unstable; urgency=medium -- cgit v1.2.3 From f0f2976752d54aa632bd5b1e0d225b95f0413734 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sun, 22 Dec 2019 15:58:37 +0100 Subject: Change Rules-Requires-Root to no --- debian/changelog | 2 +- debian/control | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 63c1391..a5cadda 100644 --- a/debian/changelog +++ b/debian/changelog @@ -20,7 +20,7 @@ libonig (6.9.4-1) unstable; urgency=medium - debian/control: change to debhelper-compat (=12) - remove debian/compat * debian/control: - - Add Rules-Requires-Root: binary-targets. + - Add Rules-Requires-Root: no. -- Jörg Frings-Fürst Fri, 29 Nov 2019 12:45:36 +0100 diff --git a/debian/control b/debian/control index b62f093..a277d0f 100644 --- a/debian/control +++ b/debian/control @@ -4,8 +4,8 @@ Priority: extra Maintainer: Jörg Frings-Fürst Build-Depends: debhelper-compat (= 12) -Standards-Version: 4.4.1 -Rules-Requires-Root: binary-targets +Standards-Version: 4.4.1.1 +Rules-Requires-Root: no Homepage: https://github.com/kkos/oniguruma Vcs-Git: git://jff.email/opt/git/libonig.git Vcs-Browser: https://jff.email/cgit/libonig.git -- cgit v1.2.3 From 09ad01174dfbfe683e0ed840d6469108d1b13d64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sun, 22 Dec 2019 16:00:30 +0100 Subject: Remove outdated debian/NEWS.Debian --- debian/NEWS.Debian | 6 ------ debian/changelog | 1 + 2 files changed, 1 insertion(+), 6 deletions(-) delete mode 100644 debian/NEWS.Debian (limited to 'debian') diff --git a/debian/NEWS.Debian b/debian/NEWS.Debian deleted file mode 100644 index e58552a..0000000 --- a/debian/NEWS.Debian +++ /dev/null @@ -1,6 +0,0 @@ -libonig (6.0.0-1) unstable; urgency=medium - - The file /usr/bin/onig-config is not Multi-Arch conform. So it is removed - in this release. You can use pkg-config instead. - - -- Jörg Frings-Fürst Tue, 06 Jan 2015 11:09:12 +0100 diff --git a/debian/changelog b/debian/changelog index a5cadda..6a8ff81 100644 --- a/debian/changelog +++ b/debian/changelog @@ -21,6 +21,7 @@ libonig (6.9.4-1) unstable; urgency=medium - remove debian/compat * debian/control: - Add Rules-Requires-Root: no. + * Remove outdated debian/NEWS.Debian. -- Jörg Frings-Fürst Fri, 29 Nov 2019 12:45:36 +0100 -- cgit v1.2.3 From 091456e1a135d4674701a264495bd34918779391 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sun, 22 Dec 2019 16:01:54 +0100 Subject: d/changelog: Change date and time --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 6a8ff81..8dada6e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -23,7 +23,7 @@ libonig (6.9.4-1) unstable; urgency=medium - Add Rules-Requires-Root: no. * Remove outdated debian/NEWS.Debian. - -- Jörg Frings-Fürst Fri, 29 Nov 2019 12:45:36 +0100 + -- Jörg Frings-Fürst Sun, 22 Dec 2019 16:00:46 +0100 libonig (6.9.2-1) unstable; urgency=medium -- cgit v1.2.3