-
sigil (0.9.9+dfsg-1ubuntu0.1~esm1) bionic-security; urgency=medium
* SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
EPUB file
- debian/patches/CVE-2019-14452-1.patch: do not allow zip files to have
upward relative path sections.
- debian/patches/CVE-2019-14452-2.patch: further harden against malicious
epubs and produce error message.
- debian/patches/CVE-2019-14452-3.patch: harden plugin unzipping to
zip-slip attacks.
- CVE-2019-14452
-- Mike Salvatore <email address hidden> Wed, 31 Jul 2019 09:19:23 -0400
-
sigil (0.9.9+dfsg-1) unstable; urgency=medium
* New upstream version 0.9.9+dfsg.
https://sigil-ebook.com/2017/12/22/sigil-0-9-9-released
* d/copyright: update.
* d/watch: change matching pattern to match the new tarball.
* d/upstream/signing-key.asc: Add the upstream signing key.
* Bump debhelper compat level to 11.
* d/control:
+ Move Vcs-* to salsa.debian.org.
+ Bump Standards-Version to 4.1.2:
- Replace Priority:extra (deprecated) with optional.
+ Set Rules-Requires-Root: no.
+ Remove dependency on ${shlibs:Depends} from sigil-data.
+ Drop Recommends on Python 2, to help with deprecating it.
* d/rules:
+ Use dh_missing --fail-missing instead of dh_install --fail-missing.
+ Remove the get-orig-source target, that was just calling uscan.
+ Make some command more verbose.
-- Mattia Rizzolo <email address hidden> Tue, 26 Dec 2017 19:27:42 +0100
-
sigil (0.9.8+dfsg-2build2) artful; urgency=medium
* No-change rebuild to build with python3.6.
-- Matthias Klose <email address hidden> Mon, 24 Jul 2017 14:03:01 +0000