Ubuntu
freexl package

Change logs for freexl source package in Trusty

  1. Trusty (14.04)
  2. Change log 
  • freexl (1.0.0g-1ubuntu0.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Imported changes from Debian's 1.0.0g-1+deb8u5 package
    - debian/patches/CVE-2017-2923_CVE-2017-2924.patch
    - debian/patches/security-fixes-1.0.5.patch
    - CVE-2017-2923 CVE-2017-2924 CVE-2017-7435 CVE-2017-7436 CVE-2017-7437
      CVE-2017-7438 CVE-2017-7439

 -- Mike Salvatore <email address hidden>  Tue, 25 Sep 2018 12:11:00 -0400
  • freexl (1.0.0g-1ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Fix issues in previous security update (LP: #1516257)
    - afl-vulnerabilitities-regression.patch: Fix regression introduced by
      afl-vulnerabilitities.patch.
    - 32bit-multiplication-overflow.patch: Fix 32 bit multiplication overflow

 -- Bas Couwenberg <email address hidden>  Thu, 12 Nov 2015 22:04:49 +0100
  • freexl (1.0.0g-1ubuntu0.14.04.1) trusty-security; urgency=high

   * SECURITY UPDATE: Fix multiple vulnerabilities allowing denial of service
     or possibly execute arbitrary code (LP: #1437087):
     - CVE 2015-2753: FreeXL before 1.0.0i allows remote attackers to cause a
       denial of service (stack corruption) or possibly execute arbitrary code
       via a crafted sector in a workbook.
     - CVE 2015-2754: FreeXL before 1.0.0i allows remote attackers to cause a
       denial of service (stack corruption) and possibly execute arbitrary code
       via a crafted workbook, related to a "premature EOF."
 -- Johan Van de Wauw <email address hidden>   Fri, 03 Apr 2015 22:47:20 +0200
  • freexl (1.0.0g-1) unstable; urgency=low


  * New upstream release. 
  * Bump Standards-Version to 3.9.5, no changes required.
  * Add lintian override for debian-watch-may-check-gpg-signature,
    upstream doesn't provide signatures for verification.

 -- Bas Couwenberg <email address hidden>  Tue, 14 Jan 2014 11:18:32 +0100
  • freexl (1.0.0f-2) unstable; urgency=low


  * Change Priority to optional, keep Priority extra for -dbg package.

 -- Bas Couwenberg <email address hidden>  Thu, 21 Nov 2013 23:08:31 +0100
  • freexl (1.0.0f-1) unstable; urgency=low


  * New upstream version.
  * Add myself to Uploaders.
  * Update watch file, handle common mistakes.
  * Use dh-autoreconf for retooling.
  * Update Homepage URL.
  * Use canonical URLs for Vcs-* fields.
  * Multi-Arch: same dev and dbg packages.
  * Add lintian overrides for no upstream changelog, link to upstream timeline.
  * Update copyright file.
  * Move maintenance from collab-maint to pkg-grass.

 -- Bas Couwenberg <email address hidden>  Wed, 02 Oct 2013 18:42:35 +0200
  • freexl (1.0.0d-1) unstable; urgency=low


  * New upstream version
  * Standards-Version bump to 3.9.4, no changes needed
  * debhelper Build-Dependency bumped to 9
  * Manually export LDFLAGS in debian/rules to fix linking issue with
    the library
  * Updated debian/copyright
  * Enable hardening build-flags in debian/rules

 -- David Paleino <email address hidden>  Thu, 11 Oct 2012 10:37:33 +0200