Change log for giflib package in Ubuntu
| 1 → 43 of 43 results | First • Previous • Next • Last |
giflib (5.2.1-2.5ubuntu0.1) mantic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-40633.patch: Clean up memory better at end
of run (CVE-2021-40633)
- CVE-2021-40633
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2022-28506.patch: Fix heap-buffer overflow
- CVE-2022-28506
-- Giampaolo Fresi Roglia <email address hidden> Thu, 06 Jun 2024 14:29:49 +0200
Available diffs
giflib (5.1.9-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-40633.patch: Clean up memory better at end
of run (CVE-2021-40633)
- CVE-2021-40633
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2022-28506.patch: Fix heap-buffer overflow
- CVE-2022-28506
-- Giampaolo Fresi Roglia <email address hidden> Thu, 06 Jun 2024 14:27:00 +0200
Available diffs
giflib (5.1.9-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-40633.patch: Clean up memory better at end
of run (CVE-2021-40633)
- debian/patches/CVE-2023-39742.patch: Fix SourceForge bug #153,
segfault in getarg.c
- CVE-2021-40633
- CVE-2023-39742
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2022-28506.patch: Fix heap-buffer overflow
- CVE-2022-28506
-- Giampaolo Fresi Roglia <email address hidden> Thu, 06 Jun 2024 13:50:06 +0200
Available diffs
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
giflib (5.2.2-1ubuntu1) noble; urgency=medium
* d/p/snprintf.patch:
- cherry pick a patch from Adam Sampson to fix incorrect length arg
to snprintf (LP:#2060282).
-- Nathan Pratta Teodosio <email address hidden> Fri, 05 Apr 2024 10:31:09 +0200
Available diffs
giflib (5.2.2-1) unstable; urgency=medium
[ Debian Janitor]
* Update standards version to 4.6.1, no changes needed.
* Remove obsolete fields Contact, Name from debian/upstream/metadata
(already present in machine-readable debian/copyright).
* Use secure URI in Homepage field.
[ Andreas Metzler ]
* debian/patches:
+ Drop patches applied upstream (fix-get-args-segment-violation.patch
fix-spelling-errors-on-doc-pages.patch recover-giffilter-docs.patch
add-gifsponge-docs.patch)
+ Drop superseded patch (install-only-distributed-binaries-manuals.patch).
+ Unfuzzz patches
+ Features fixes for CVE-2023-48161, CVE-2022-28506.
* Cherry-pick Correct-document-page-install.patch to install manpages
instead of xml source.
* Install giflib.7 manpage.
* Update symbol file (added DGifDecreaseImageCounter@Base).
* Cherry-pick Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch to
fix CVE-2021-40633.
* Add lintian overrides for html files built from xml (source-is-missing).
[ David Suárez ]
* New upstream version;
Closes: #1024988, #988151, #1014586, #1045040, 1049653
* Update email to debian domain.
* Wrap and sort.
* Add 'dont-build-html-pages-images' patch.
* Acknowledges NMU's uploads.
* Add 'salsa-ci.yml'.
-- David Suárez <email address hidden> Sun, 25 Feb 2024 17:44:51 +0000
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
giflib (5.2.1-2.5) unstable; urgency=medium
* Non-maintainer upload
* Move declaration of GifQuantizeBuffer() back to gif_lib.h
(Closes: #1011705)
-- Graham Inggs <email address hidden> Sun, 12 Jun 2022 16:32:15 +0000
Available diffs
- diff from 5.2.1-2.4 to 5.2.1-2.5 (998 bytes)
giflib (5.2.1-2.4) unstable; urgency=medium * Non-maintainer upload. * Upload to unstable. -- Mattia Rizzolo <email address hidden> Wed, 27 Apr 2022 20:17:29 +0200
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
giflib (5.1.9-2build2) jammy; urgency=medium * No-change rebuild for ppc64el baseline bump. -- Łukasz 'sil2100' Zemczak <email address hidden> Wed, 23 Mar 2022 14:54:44 +0100
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
giflib (5.1.9-2build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:11:59 +0200
Available diffs
- diff from 5.1.9-2 (in Debian) to 5.1.9-2build1 (318 bytes)
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
giflib (5.1.9-2) unstable; urgency=medium
* New Debian version.
* d/control:
- Update debhelper compatibility.
- Update standards version; no changes needed.
* d/patches:
- Add 'fix-spelling-errors-on-doc-pages'; Closes: #857609.
- Add 'fix-get-args-segment-violation';
Closes: #715963, #715964, #715967.
- Add 'recover-giffilter-docs'.
- Add 'add-gifsponge-docs'.
* d/rules:
- Install only html docs for installed binaries.
- Clean generated patched doc files.
* Update d/source/lintian-overrides tag.
* Remove d/giflib-tools.lintian-overrides: we have the manpages.
-- David Suárez <email address hidden> Sun, 20 Dec 2020 22:07:35 +0100
Available diffs
- diff from 5.1.9-1 to 5.1.9-2 (3.1 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
giflib (5.1.9-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/watch: Use https protocol.
[ Andreas Metzler ]
* AUTHORS file not shipped anymore, update debian/*.docs.
* Uses straight make instead of autotools, adapt debian/rules accordingly.
* Use dh 12 compat level.
+ Update debian/copyright, add Format specifier.
[ David Suárez ]
* New upstream version:
- Add myself as maintainer; Closes: #834410.
- Fixes heap-based buffer overflow in DGifDecompressLine function.
CVE-2018-11490 sf#113; Closes: #904114
- Fixes MemorySanitizer: FPE on unknown address;
CVE-2019-15133 sf#119: Closes: #904113
* Acknowledges NMU's uploads.
* d/watch:
- Bump version.
- Don't run uupdate.
- Don't use debian redirector.
* d/patches:
- Drop '03-spelling_fixes.patch' and 'CVE-2016-3977.patch';
Applied upstream.
- Add 'install-only-distributed-binaries-manuals' patch.
- Add 'revert-GifQuantizeBuffer-remove-from-lib' patch.
* d/rules
- Don't force the rebuilding of manpages, the clean rule does the job.
- Remove the txt docs from giflib-tools; Not distributed.
- Remove 'dh_strip --dbgsym-migration'; Not needed anymore.
- Set DPKG_GENSYMBOLS_CHECK_LEVEL to 4.
* giflib-tools.manpages: point to the correct ones.
* d/control:
- Add 'Rules-Requires-Root' field.
- Update Standars version; no changes needed.
- Change VCS URL's.
* d/libgif7.symbols:
- Add 'Build-Depends-Package' field.
- Update symbols.
* d/copyright:
- Remove 'doc/gif87.txt'; Nows not distributed.
- Add myself on debian/* files.
- Add 'upstream-{Name,Contact}'.
* Wrap and sort.
* Add upstream metadata.
* Add lintian overrides for some giflib-tools manpages.
* Add lintian source override for sourceforge redirector.
* Drop libgif7.shlibs; not needed.
-- David Suárez <email address hidden> Sun, 08 Dec 2019 21:18:23 +0100
Available diffs
- diff from 5.1.4-3ubuntu1 (in Ubuntu) to 5.1.9-1 (542.4 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
giflib (5.1.4-3ubuntu1) eoan; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-11490.patch: adding checks
in DGifDecompressLine in order to avoid a heap buffer overflow and
a denial of service in lib/dgif_lib.c.
- CVE-2018-11490
* SECURITY UPDATE: Divide-by-zero
- debian/patches/CVE-2019-15133.patch: adding checks bounds
in lib/dgif_lib.c.
- CVE-2019-15133
-- <email address hidden> (Leonidas S. Barbosa) Mon, 19 Aug 2019 15:57:38 -0300
Available diffs
giflib (5.1.4-3ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-11490.patch: adding checks
in DGifDecompressLine in order to avoid a heap buffer overflow and
a denial of service in lib/dgif_lib.c.
- CVE-2018-11490
* SECURITY UPDATE: Divide-by-zero
- debian/patches/CVE-2019-15133.patch: adding checks bounds
in lib/dgif_lib.c.
- CVE-2019-15133
-- <email address hidden> (Leonidas S. Barbosa) Mon, 19 Aug 2019 15:46:34 -0300
Available diffs
giflib (5.1.4-2ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2016-3977.patch: fix SF
in heap buff overflow in lib/dgif_lig.c,
util/gif2rgb.c.
- CVE-2016-3977
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-11490.patch: adding checks
in DGifDecompressLine in order to avoid a heap buffer overflow and
a denial of service in lib/dgif_lib.c.
- CVE-2018-11490
* SECURITY UPDATE: Divide-by-zero
- debian/patches/CVE-2019-15133.patch: adding checks bounds
in lib/dgif_lib.c.
- CVE-2019-15133
-- <email address hidden> (Leonidas S. Barbosa) Mon, 19 Aug 2019 15:35:19 -0300
Available diffs
giflib (5.1.4-0.3~16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-11490.patch: adding checks
in DGifDecompressLine in order to avoid a heap buffer overflow and
a denial of service in lib/dgif_lib.c.
- CVE-2018-11490
* SECURITY UPDATE: Divide-by-zero
- debian/patches/CVE-2019-15133.patch: adding checks bounds
in lib/dgif_lib.c.
- CVE-2019-15133
-- <email address hidden> (Leonidas S. Barbosa) Mon, 19 Aug 2019 15:21:52 -0300
Available diffs
| Superseded in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
giflib (5.1.4-3) unstable; urgency=medium
* QA upload.
* Heap-based buffer overflow in util/gif2rgb.c (CVE-2016-3977)
(Closes: #820526)
-- Salvatore Bonaccorso <email address hidden> Tue, 05 Jun 2018 20:58:51 +0200
Available diffs
- diff from 5.1.4-2 to 5.1.4-3 (1.2 KiB)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
giflib (5.1.4-2) unstable; urgency=low
* QA upload.
* New vcs repository generated from a) "gbp import-dscs --debsnap giflib",
b) old repo on alioth c) private repo for changes > 5.1.4-0.4.
Update Vcs* in debian/control, pointing to salsa.
* [lintian] Delete trailing whitespace in changelog.
-- Andreas Metzler <email address hidden> Sun, 11 Feb 2018 15:43:54 +0100
Available diffs
- diff from 5.1.4-1 to 5.1.4-2 (946 bytes)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
giflib (5.1.4-1) unstable; urgency=low * QA upload. * Set maintainer to qa. * Build with hardening=+bindnow. * Switch to automatic dbgsym packages. * 03-spelling_fixes.patch: Fix another two typoes found by lintian. * Bump standards-version - No changes. * Use debhelper 10 compat, which uses autoreconf and --parallel by default. -- Andreas Metzler <email address hidden> Tue, 01 Aug 2017 18:06:06 +0200
Available diffs
- diff from 5.1.4-0.4 to 5.1.4-1 (2.0 KiB)
| Deleted in trusty-proposed (Reason: failed SRU verification; LP: #1337898) |
giflib (4.1.6-11ubuntu0.14.04.1) trusty; urgency=medium * Remove dangling symlinks in libgif-dev (LP: #1337898) -- Jeremy Bicha <email address hidden> Sat, 24 Dec 2016 23:04:36 -0500
Available diffs
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
giflib (5.1.4-0.4) unstable; urgency=medium
* Non-maintainer upload.
* Remove patch/issue87 because that is already present in upstream.
* Remove patch/04-fprintf_format_error.patch which was commented out anyway.
* Install manpages supplied by upstream
Closes: #809439.
-- Paolo Greppi <email address hidden> Tue, 18 Oct 2016 00:16:00 +0200
Available diffs
- diff from 5.1.4-0.3 to 5.1.4-0.4 (8.2 KiB)
giflib (5.1.4-0.3~16.04) xenial-proposed; urgency=medium * SRU: LP: #1580376: Upload bug fix release for 16.04 LTS.
Available diffs
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
giflib (5.1.4-0.3) unstable; urgency=medium * Non-maintainer upload. * CVE-2016-3977: gif2rgb: heap buffer overflow. Closes: #820526. -- Matthias Klose <email address hidden> Fri, 10 Jun 2016 00:24:07 +0200
Available diffs
- diff from 5.1.4-0.2 to 5.1.4-0.3 (1.0 KiB)
giflib (5.1.4-0.2) unstable; urgency=medium
* Non-maintainer upload.
* Drop the local fix for issue #81, solved differently upstream.
Closes: #823481.
-- Matthias Klose <email address hidden> Sun, 08 May 2016 17:40:28 +0200
Available diffs
- diff from 5.1.4-0.1 to 5.1.4-0.2 (1.0 KiB)
giflib (5.1.4-0.1) unstable; urgency=medium
* Non-maintainer upload.
* New upstream version.
* Security issues already fixed in 5.1.2: CVE-2016-3977.
Closes: #820594, #820526.
* Update symbols file.
-- Matthias Klose <email address hidden> Mon, 25 Apr 2016 20:19:43 +0200
Available diffs
- diff from 5.1.2-0.3 to 5.1.4-0.1 (6.3 KiB)
giflib (5.1.2-0.3) unstable; urgency=medium
* Non-maintainer upload.
[ Tobias Frost ]
* debian/patches/ef0cb9b4be572262b49fbc26fb2348683f44a517.patch:
try to fix testsuite failures on feh/powerpc.
(Closes: #812657)
-- Gianfranco Costamagna <email address hidden> Fri, 15 Apr 2016 19:09:44 +0200
Available diffs
- diff from 5.1.2-0.2 to 5.1.2-0.3 (743 bytes)
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
giflib (5.1.2-0.2) unstable; urgency=medium * Non-maintainer upload. * Fix DGifOpen(), uninitialized memory. Closes: #812093. -- Matthias Klose <email address hidden> Wed, 27 Jan 2016 01:00:16 +0100
Available diffs
- diff from 5.1.2-0.1 to 5.1.2-0.2 (1.0 KiB)
giflib (5.1.2-0.1) unstable; urgency=high
* Non-maintainer upload.
* New upstream version.
- CVE-2015-7555, Heap-based buffer overflow in giffix utility.
Closes: #808704.
-- Matthias Klose <email address hidden> Sat, 16 Jan 2016 22:26:13 +0100
Available diffs
- diff from 5.1.1-0.2 to 5.1.2-0.1 (26.9 KiB)
giflib (5.1.1-0.2) unstable; urgency=medium * Non-maintainer upload, upload to unstable. Closes: #803158. -- Matthias Klose <email address hidden> Sat, 12 Dec 2015 16:13:06 +0100
Available diffs
- diff from 5.1.1-0.1 to 5.1.1-0.2 (309 bytes)
giflib (5.1.1-0.1) experimental; urgency=medium * Non-maintainer upload. * New upstream version. See: #803158. * Enable parallel builds. * Build-depend on xmlto. * Don't ship broken libungif symlinks. Closes: #732272. LP: #1337898. -- Matthias Klose <email address hidden> Wed, 28 Oct 2015 01:07:33 +0100
Available diffs
giflib (5.1.1-0ubuntu1) xenial; urgency=medium * New upstream version. * Enable parallel builds. * Build-depend on xmlto. * Don't ship broken libungif symlinks. Closes: #732272. LP: #1337898. -- Matthias Klose <email address hidden> Wed, 21 Oct 2015 16:28:17 +0200
Available diffs
- diff from 4.1.6-11 (in Debian) to 5.1.1-0ubuntu1 (848.4 KiB)
| Superseded in xenial-release |
| Obsolete in wily-release |
| Obsolete in vivid-release |
| Obsolete in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
giflib (4.1.6-11) unstable; urgency=low * Remove Provides: libungif4g. * Enable Multiarch (Closes: #647497). * depend on dh-autoreconf. * Update to debhelper 9 and bump Standards to 3.9.4. * Honor the LAFileRemoval goal. * Update git links. -- Thibaut Gridel <email address hidden> Sat, 07 Dec 2013 18:40:27 +0100
Available diffs
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
giflib (4.1.6-10ubuntu1) raring; urgency=low
* Resynchronise with Debian. Remaining changes:
- Add multiarch support.
Available diffs
giflib (4.1.6-9.1ubuntu1) quantal; urgency=low
* Resynchronise with Debian. Remaining changes:
- Multiarch it and add fprintf_format_error.patch.
Available diffs
- diff from 4.1.6-9ubuntu1 to 4.1.6-9.1ubuntu1 (699 bytes)
giflib (4.1.6-9ubuntu1) precise; urgency=low
* Multiarch it and add fprintf_format_error.patch (Closes: #647497).
Thanks to YunQiang Su for the patch.
-- Benjamin Drung <email address hidden> Wed, 18 Jan 2012 16:16:21 +0100
Available diffs
- diff from 4.1.6-9 to 4.1.6-9ubuntu1 (3.3 KiB)
| Superseded in precise-release |
| Obsolete in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
| Obsolete in lucid-release |
giflib (4.1.6-9) unstable; urgency=low * New Maintainer (Closes: #543841) * Adding watch file (Closes: #453530) * Converting to source package "3.0 (quilt)". * Correcting debhelper version dependency. * Adding Vcs fields. * Adding manpages. * Removing duplicate Section field. * Correctly hyphenate man pages. * Fixing spelling typos. * Adding symbols file. * Autoreconfiguring to fix rpath. * Cleaning what autoreconf did. * Registering html documentation. -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 27 Jan 2010 01:31:44 +0000
Available diffs
- diff from 4.1.6-8 to 4.1.6-9 (4.1 KiB)
giflib (4.1.6-8) unstable; urgency=low * Updating package to standards version 3.8.3. * Removing vcs fields. * Orphaning package.
Available diffs
- diff from 4.1.6-6 to 4.1.6-8 (3.4 KiB)
giflib (4.1.6-6) unstable; urgency=low
* Updating vcs fields in control file.
* Using patch-stamp rather than patch in rules file.
* Removing config.guess and config.sub in clean target of rules.
* Passing '--disable-x11' to configure call to ensure that giflib is
not linked against X11 libs by accident (Closes: #503836).
Available diffs
- diff from 4.1.6-4 to 4.1.6-6 (6.1 KiB)
giflib (4.1.6-4) unstable; urgency=high * Adding patch from libungif to fix CVE-2005-2974 and CVE-2005-3350. * Updating upstream homepage (Closes: #469561). -- Michael Bienia <email address hidden> Tue, 08 Apr 2008 06:56:54 +0100
giflib (4.1.6-3) unstable; urgency=high * Adding transitional packages to kick libungif out of the archive by force. * Removing watch file (Closes: #453592).
giflib (4.1.4-2) unstable; urgency=low * Minor cleanups. -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 26 Apr 2007 23:56:40 +0100
giflib (4.1.4-1) unstable; urgency=low
* Took over package from Pawel.
* New upstream release (Closes: #395388):
- This is giflib 4.x, replacing giflib 3.x. No package in the archive has to
be transitioned. After etch, giflib will replace libungif (all alleged patents
are expired all over the world).
- doesn't contain gif2x11 (Closes: #328665)
- isn't affected by CVE-2005-2974 and CVE-2005-3350 (Closes: #395382).
* Redone debian directory based on current debhelper templates, additionally:
- added watch file.
- added debug package.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 13 Nov 2006 16:34:55 +0000
| Superseded in feisty-release |
| Obsolete in edgy-release |
| Obsolete in dapper-release |
| Superseded in dapper-release |
giflib (3.0-12) unstable; urgency=low
* Applied patch from Dann Frazier <email address hidden> to fix problems on 64-bit
archs (closes: #325034)
* Updated standards-version (no changes required)
-- Pawel Wiecek <email address hidden> Thu, 22 Sep 2005 21:15:00 +0200
giflib (3.0-11) unstable; urgency=low
* Updated copyright file by removing warning saying it cannot by put on CDs,
removed patent-related notes from long descriptions in control as well
(should have done that in -10, but forgot).
-- Pawel Wiecek <email address hidden> Thu, 19 Aug 2004 00:43:34 +0200
| 1 → 43 of 43 results | First • Previous • Next • Last |
