Skip to content

Debian Changelog lha (1.14i-10.3)

2007

lha (1.14i-10.3) unstable; urgency=medium 

   * Non-maintainer upload.
   * Fix subsequent open with O_EXCL after mkstemp (Closes: #446236)

 -- Philipp Kern <pkern@debian.org>  Sat, 01 Dec 2007 16:32:52 +0100

lha (1.14i-10.2) unstable; urgency=high 

   * Non-maintainer upload by testing security team.
   * Included patch.CVE-2007-2030.patch to fix insecure handling of
     temporary files (CVE-2007-2030) (Closes: #437621).

 -- Nico Golde <nion@debian.org>  Sun, 09 Sep 2007 14:49:16 +0200

2006

lha (1.14i-10.1) unstable; urgency=high 

   * Security NMU for vulnerabilities inherited from GNU Gzip:
     [CVE-2006-4335 CVE-2006-4337 CVE-2006-4338]

 -- Moritz Muehlenhoff <jmm@debian.org>  Wed, 13 Dec 2006 20:21:32 +0100

2004

lha (1.14i-10) unstable; urgency=high 

   * debian/patch.redhat-sec2: Add one more security patch to fix:
       - CAN-2004-0771 (-w working directory option buffer overflow)
         CAN-2004-0771">http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771
       - CAN-2004-0769 (buffer overflow can be executed arbitrary code
         via long pathnames in headers, another issue of bug fixed in -9)
         CAN-2004-0769">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769
       - CAN-2004-0745 (execute arbitrary commands via a directory with
         shell metacharacters in its name.)
         CAN-2004-0745">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745
       - CAN-2004-0694 (reserved number)
         CAN-2004-0694">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694
     taken from RedHat patch.  (Closes: #279870)
   * man/lha.n: Fix typo "flie" instead of "file".  (Closes: #277545)

 -- GOTO Masanori <gotom@debian.org>  Sat, 13 Nov 2004 15:31:22 +0900

lha (1.14i-9) unstable; urgency=high 

   * debian/patch.header-overflow: Add fix another lha buffer overflow
     problem.  It warns when hitting an archive which includes
     long directory name with option l, v, x.  See:
       http://lw.ftw.zamosc.pl/lha-exploit.txt
       http://www.securityfocus.com/archive/1/363418
       http://bugs.gentoo.org/show_bug.cgi?id=51285
     Thanks to Lukasz Wojtow <lw@wszia.edu.pl> for pointing this problem.

 -- GOTO Masanori <gotom@debian.org>  Wed, 16 Jun 2004 09:51:06 +0900

lha (1.14i-8) unstable; urgency=high 

   * debian/patch.CAN-2004-0234_0235: Add fix CAN-2004-0235 symlink part
     patches.  (Closes: #247355, #247357)

 -- GOTO Masanori <gotom@debian.org>  Sat, 8 May 2004 02:24:57 +0900

lha (1.14i-7) unstable; urgency=high 

   * debian/patch.CAN-2004-ulf: Add to fix CAN-2004-0234 (buffer overflows),
     CAN-2004-0235 (directory traversal).  See:
     http://marc.theaimsgroup.com/?l=full-disclosure&m=108345064008698&w=2
   * debian/control: Change my mail address.

 -- GOTO Masanori <gotom@debian.org>  Thu, 6 May 2004 15:13:14 +0900

2002

lha (1.14i-6) unstable; urgency=low 

   * debian/copyright: Added more copyright license statement, translated
     by Osamu Aoki <debian@aokiconsulting.com>.
   * debian/copyright: Added good summary of upstream author, investigated by
     Osamu Aoki <debian@aokiconsulting.com> and
     Tatsuya Kinoshita <tats@iris.ne.jp>.
   * debian/header-e.doc: Added English version of header.doc (LHa header
     structure format document) translated by Osamu Aoki
     <debian@aokiconsulting.com>.

 -- GOTO Masanori <gotom@debian.or.jp>  Tue, 27 Aug 2002 13:08:22 +0900

lha (1.14i-5) unstable; urgency=low 

   * debian/patch.multibyte: Add multibyte character mode option 'y'.
     You can use multibyte filename especially SHIFTJIS code
     with this option.

 -- GOTO Masanori <gotom@debian.or.jp>  Fri, 19 Jul 2002 16:57:11 +0900

lha (1.14i-4) unstable; urgency=low 

   * debian/copyright: add original/translated license statement
     (closes: Bug#144582).

 -- GOTO Masanori <gotom@debian.or.jp>  Wed, 1 May 2002 09:53:24 +0900

lha (1.14i-3) unstable; urgency=low 

   * fix lha reports a wrong version number (closes: Bug#135199).

 -- GOTO Masanori <gotom@debian.or.jp>  Sun, 3 Mar 2002 21:38:46 +0900

2001

lha (1.14i-2) unstable; urgency=low 

   * Applied the patch not to get compiling warning message.
     Patched by Paul Slootman <paul@wurtel.net>. (Closes: #109634).

 -- GOTO Masanori <gotom@debian.or.jp>  Thu, 23 Aug 2001 00:26:53 +0900

lha (1.14i-1) unstable; urgency=low 

   * New upstream release (Closes: #62256).
   * New maintainer.
   * Updated Standards-version 3.5.2.
   * Use build this package with dh_*.
   * New upstream version is ready for -lh7- format (Closes: #67592).
   * Japanese manual is now included (Closes: #49245).
   * Unclosed Bugs (No copyright file is included)
     has just re-closed (Closes: #48748).

 -- GOTO Masanori <gotom@debian.or.jp>  Sun, 22 Jul 2001 13:11:50 +0900

lha (1.14e-2) unstable; urgency=low 

   * Moved /usr/man/* and /usr/doc/* under /usr/share. Closes: #80759.
   * Updated Standards-version, fixed lintian warnings.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sun, 21 Jan 2001 17:35:52 +0000

1999

lha (1.14e-0) unstable; urgency=low 

   * New upstream release. Thanks to Jiro Iwamoto <iwamot@maroon.plala.or.jp> for pointing this out.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sun, 25 Jul 1999 23:05:24 +0100

lha (1.14d-1) unstable; urgency=low 

   * Fixed manpage - no need to specify "-b" for command line help. Closes bug #33328.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sun, 14 Feb 1999 16:24:44 +0000

lha (1.14d-0) unstable; urgency=low 

   * New upstream release. Thanks to Tomohiro KUBOTA <kubota@kubota.rcpom.osaka-u.ac.jp> for pointing this out.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sat, 16 Jan 1999 21:54:37 +0000

1998

lha (1.14c-1) frozen unstable; urgency=low 

   * New man page, supplied by Martin Schulze <joey@finlandia.Infodrom.North.DE>. Fixes Bug#27195.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sun, 18 Oct 1998 13:53:12 +0100

lha (1.14c-0) unstable; urgency=low 

   * New upstream release. Thanks to Atsushi KAMOSHIDA <kamop@debian.or.jp> for pointing this out.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Sat, 15 Aug 1998 14:16:19 +0100

lha (1.00-6) unstable; urgency=low 

   * New maintainer.

 -- Steve McIntyre <stevem@chiark.greenend.org.uk>  Mon, 12 Jan 1998 00:09:12 +0000

lha (1.00-5) unstable; urgency=low 

   * Corrected Standards-Version to 2.3.0.1 (Bug#16756)

 -- Martin Schulze <joey@finlandia.infodrom.north.de>  Fri, 9 Jan 1998 02:08:03 +0100

1997

lha (1.00-4) unstable; urgency=low 

   * Compiled against libc6 (Bug#11696)

 -- Martin Schulze <joey@finlandia.infodrom.north.de>  Wed, 31 Dec 1997 20:51:38 +0100

lha (1.00-3) unstable; urgency=low 

   * Corrected manpage (Bug#7980)
 
   * New maintainer address

 -- Martin Schulze <joey@namib.north.de>  Mon, 28 Apr 1997 13:10:10 +0200

lha (1.00-2) unstable; urgency=low 

   * Installed ChangeLog files
 
   * Converted into new packaging scheme

 -- Martin Schulze <joey@namib.north.de>  Sun, 23 Feb 1997 12:22:13 +0100

Generated Sun Dec 2 01:38:19 2007 UTC by Parse::DebianChangelog (v1.1.1)
Contact debian-www@lists.debian.org in case of problems.