giflib (5.2.2-1) unstable; urgency=medium [ Debian Janitor] * Update standards version to 4.6.1, no changes needed. * Remove obsolete fields Contact, Name from debian/upstream/metadata (already present in machine-readable debian/copyright). * Use secure URI in Homepage field. [ Andreas Metzler ] * debian/patches: + Drop patches applied upstream (fix-get-args-segment-violation.patch fix-spelling-errors-on-doc-pages.patch recover-giffilter-docs.patch add-gifsponge-docs.patch) + Drop superseded patch (install-only-distributed-binaries-manuals.patch). + Unfuzzz patches + Features fixes for CVE-2023-48161, CVE-2022-28506. * Cherry-pick Correct-document-page-install.patch to install manpages instead of xml source. * Install giflib.7 manpage. * Update symbol file (added DGifDecreaseImageCounter@Base). * Cherry-pick Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch to fix CVE-2021-40633. * Add lintian overrides for html files built from xml (source-is-missing). [ David Suárez ] * New upstream version; Closes: #1024988, #988151, #1014586, #1045040, 1049653 * Update email to debian domain. * Wrap and sort. * Add 'dont-build-html-pages-images' patch. * Acknowledges NMU's uploads. * Add 'salsa-ci.yml'. -- David Suárez Sun, 25 Feb 2024 17:44:51 +0000 giflib (5.2.1-2.5) unstable; urgency=medium * Non-maintainer upload * Move declaration of GifQuantizeBuffer() back to gif_lib.h (Closes: #1011705) -- Graham Inggs Sun, 12 Jun 2022 16:32:15 +0000 giflib (5.2.1-2.4) unstable; urgency=medium * Non-maintainer upload. * Upload to unstable. -- Mattia Rizzolo Wed, 27 Apr 2022 20:17:29 +0200 giflib (5.2.1-2.3) experimental; urgency=medium * Non-maintainer upload. * Merge experimental git branch into master * tests: do not spoil test result files with stderr -- Vasyl Gello Fri, 22 Apr 2022 04:06:59 +0000 giflib (5.2.1-2.2) experimental; urgency=medium * Non-maintainer upload. * Add patch from Fedora (giflib_quantize.patch) to reinstate GifQuantizeBuffer into giflib.so. Closes: #935088 * Re-add the symbols in libgif7.symbols. -- Mattia Rizzolo Thu, 14 Apr 2022 16:06:15 +0200 giflib (5.1.9-2.1) unstable; urgency=medium * Non-maintainer upload. * Ship pkg-config information. * Mark libgif-dev as Multi-Arch:same. (Closes: #998128) * Bump standards version to 4.6.0, no changes required. -- Vasyl Gello Thu, 14 Apr 2022 15:59:53 +0200 giflib (5.2.1-2.1) experimental; urgency=medium * Non-maintainer upload. * Set Maintainer to David Suárez , to match unstable and fix a QA check that is warning about orphaned package but missing O bug. -- Mattia Rizzolo Mon, 07 Jun 2021 14:41:34 +0200 giflib (5.1.9-2) unstable; urgency=medium * New Debian version. * d/control: - Update debhelper compatibility. - Update standards version; no changes needed. * d/patches: - Add 'fix-spelling-errors-on-doc-pages'; Closes: #857609. - Add 'fix-get-args-segment-violation'; Closes: #715963, #715964, #715967. - Add 'recover-giffilter-docs'. - Add 'add-gifsponge-docs'. * d/rules: - Install only html docs for installed binaries. - Clean generated patched doc files. * Update d/source/lintian-overrides tag. * Remove d/giflib-tools.lintian-overrides: we have the manpages. -- David Suárez Sun, 20 Dec 2020 22:07:35 +0100 giflib (5.1.9-1) unstable; urgency=medium [ Ondřej Nový ] * d/watch: Use https protocol. [ Andreas Metzler ] * AUTHORS file not shipped anymore, update debian/*.docs. * Uses straight make instead of autotools, adapt debian/rules accordingly. * Use dh 12 compat level. + Update debian/copyright, add Format specifier. [ David Suárez ] * New upstream version: - Add myself as maintainer; Closes: #834410. - Fixes heap-based buffer overflow in DGifDecompressLine function. CVE-2018-11490 sf#113; Closes: #904114 - Fixes MemorySanitizer: FPE on unknown address; CVE-2019-15133 sf#119: Closes: #904113 * Acknowledges NMU's uploads. * d/watch: - Bump version. - Don't run uupdate. - Don't use debian redirector. * d/patches: - Drop '03-spelling_fixes.patch' and 'CVE-2016-3977.patch'; Applied upstream. - Add 'install-only-distributed-binaries-manuals' patch. - Add 'revert-GifQuantizeBuffer-remove-from-lib' patch. * d/rules - Don't force the rebuilding of manpages, the clean rule does the job. - Remove the txt docs from giflib-tools; Not distributed. - Remove 'dh_strip --dbgsym-migration'; Not needed anymore. - Set DPKG_GENSYMBOLS_CHECK_LEVEL to 4. * giflib-tools.manpages: point to the correct ones. * d/control: - Add 'Rules-Requires-Root' field. - Update Standars version; no changes needed. - Change VCS URL's. * d/libgif7.symbols: - Add 'Build-Depends-Package' field. - Update symbols. * d/copyright: - Remove 'doc/gif87.txt'; Nows not distributed. - Add myself on debian/* files. - Add 'upstream-{Name,Contact}'. * Wrap and sort. * Add upstream metadata. * Add lintian overrides for some giflib-tools manpages. * Add lintian source override for sourceforge redirector. * Drop libgif7.shlibs; not needed. -- David Suárez Sun, 08 Dec 2019 21:18:23 +0100 giflib (5.2.1-2) experimental; urgency=low * QA upload. * Run "wrap-and-sort --max-line-length=72 --short-indent"; also wrap package descriptions. * Pass -c4 to dpkg-gensymbols. -- Andreas Metzler Sun, 25 Aug 2019 18:13:08 +0200 giflib (5.2.1-1) experimental; urgency=low * QA upload. * New upstream version. + Drop 03-spelling_fixes.patch and 40_fixtestsuite.diff. + Unfuzz and extend (for libutil addition) 30_link_utils_dynamically.diff. + Do not ship gif standards in txt format with giflib-tools. + Update symbol file. Symbols which were only accidentally exported were removed. For consumption by giflib-tools a small (static) helper library (libutil) still provides the symbols. + Pass CC=$(CC) to dh_auto_build -- Andreas Metzler Sun, 18 Aug 2019 14:32:47 +0200 giflib (5.1.8-1) experimental; urgency=low * QA upload. * New upstream version: + Drop 20_giflib_soname.patch and 25_giflib_mandir.patch. + Unfuzz 30_link_utils_dynamically.diff. + Fixes CVE-2019-15133 - SF bug #119: MemorySanitizer: FPE on unknown address * 40_fixtestsuite.diff: Do not use temporary files in /tmp with a predefined name in testsuite. This also fixes a testsuite error with parallel builds. * debian/rules: Remove prebuilt manpages before build instead of before install. -- Andreas Metzler Sun, 17 Mar 2019 19:08:37 +0100 giflib (5.1.7-1) experimental; urgency=low * QA upload. [ Ondřej Nový ] * d/watch: Use https protocol [ Andreas Metzler ] * New upstream version: + Refresh 03-spelling_fixes.patch. + Drop CVE-2016-3977.patch, included upstream. + AUTHORS file not shipped anymore, update debian/*.docs. + Uses straight make instead of autotools, adapt debian/rules accordingly. + 20_giflib_soname.patch from Fedora: Set soname on built library. + Update symbol file. + Fixes heap-based buffer overflow in DGifDecompressLine function. CVE-2018-11490 sf#113 Closes: #904114 + Update debian/copyright, add Format specifier. * [lintian] Add Build-Depends-Package info to symbol file. * Use dh 12 compat level. * Add 25_giflib_mandir.patch to fix the manpage install path and ship the installed manpages. * Set Rules-Requires-Root: no. * 30_link_utils_dynamically.diff: Link giflib-tools dynamically instead of statically against giflib. * Delete debian/libgif7.shlibs (Unused, we have a symbol file) and debian/giflib-dbg.docs. * debian/copyright: More maintainer history/copyright, assuming NMUs did not feature big copyrightable changes. -- Andreas Metzler Sun, 17 Mar 2019 13:40:22 +0100 giflib (5.1.4-3) unstable; urgency=medium * QA upload. * Heap-based buffer overflow in util/gif2rgb.c (CVE-2016-3977) (Closes: #820526) -- Salvatore Bonaccorso Tue, 05 Jun 2018 20:58:51 +0200 giflib (5.1.4-2) unstable; urgency=low * QA upload. * New vcs repository generated from a) "gbp import-dscs --debsnap giflib", b) old repo on alioth c) private repo for changes > 5.1.4-0.4. Update Vcs* in debian/control, pointing to salsa. * [lintian] Delete trailing whitespace in changelog. -- Andreas Metzler Sun, 11 Feb 2018 15:43:54 +0100 giflib (5.1.4-1) unstable; urgency=low * QA upload. * Set maintainer to qa. * Build with hardening=+bindnow. * Switch to automatic dbgsym packages. * 03-spelling_fixes.patch: Fix another two typoes found by lintian. * Bump standards-version - No changes. * Use debhelper 10 compat, which uses autoreconf and --parallel by default. -- Andreas Metzler Tue, 01 Aug 2017 18:06:06 +0200 giflib (5.1.4-0.4) unstable; urgency=medium * Non-maintainer upload. * Remove patch/issue87 because that is already present in upstream. * Remove patch/04-fprintf_format_error.patch which was commented out anyway. * Install manpages supplied by upstream Closes: #809439. -- Paolo Greppi Tue, 18 Oct 2016 00:16:00 +0200 giflib (5.1.4-0.3) unstable; urgency=medium * Non-maintainer upload. * CVE-2016-3977: gif2rgb: heap buffer overflow. Closes: #820526. -- Matthias Klose Fri, 10 Jun 2016 00:24:07 +0200 giflib (5.1.4-0.2) unstable; urgency=medium * Non-maintainer upload. * Drop the local fix for issue #81, solved differently upstream. Closes: #823481. -- Matthias Klose Sun, 08 May 2016 17:40:28 +0200 giflib (5.1.4-0.1) unstable; urgency=medium * Non-maintainer upload. * New upstream version. * Security issues already fixed in 5.1.2: CVE-2016-3977. Closes: #820594, #820526. * Update symbols file. -- Matthias Klose Mon, 25 Apr 2016 20:19:43 +0200 giflib (5.1.2-0.3) unstable; urgency=medium * Non-maintainer upload. [ Tobias Frost ] * debian/patches/ef0cb9b4be572262b49fbc26fb2348683f44a517.patch: try to fix testsuite failures on feh/powerpc. (Closes: #812657) -- Gianfranco Costamagna Fri, 15 Apr 2016 19:09:44 +0200 giflib (5.1.2-0.2) unstable; urgency=medium * Non-maintainer upload. * Fix DGifOpen(), uninitialized memory. Closes: #812093. -- Matthias Klose Wed, 27 Jan 2016 01:00:16 +0100 giflib (5.1.2-0.1) unstable; urgency=high * Non-maintainer upload. * New upstream version. - CVE-2015-7555, Heap-based buffer overflow in giffix utility. Closes: #808704. -- Matthias Klose Sat, 16 Jan 2016 22:26:13 +0100 giflib (5.1.1-0.2) unstable; urgency=medium * Non-maintainer upload, upload to unstable. Closes: #803158. -- Matthias Klose Sat, 12 Dec 2015 16:13:06 +0100 giflib (5.1.1-0.1) experimental; urgency=medium * Non-maintainer upload. * New upstream version. See: #803158. * Enable parallel builds. * Build-depend on xmlto. * Don't ship broken libungif symlinks. Closes: #732272. LP: #1337898. -- Matthias Klose Wed, 28 Oct 2015 01:07:33 +0100 giflib (4.1.6-11) unstable; urgency=low * Remove Provides: libungif4g. * Enable Multiarch (Closes: #647497). * depend on dh-autoreconf. * Update to debhelper 9 and bump Standards to 3.9.4. * Honor the LAFileRemoval goal. * Update git links. -- Thibaut Gridel Sat, 07 Dec 2013 18:40:27 +0100 giflib (4.1.6-10) unstable; urgency=low * Fixing fprintf issues by YunQiang Su. * Hardening build flags (Closes: #673660). * Updating Standards (no change). -- Thibaut Gridel Fri, 19 Oct 2012 23:03:46 +0200 giflib (4.1.6-9.1) unstable; urgency=low * Non-maintainer upload. * Depend on libperl4-corelibs-perl (Closes: #659421) -- Dominic Hargreaves Sat, 28 Apr 2012 17:29:52 +0100 giflib (4.1.6-9) unstable; urgency=low * New Maintainer (Closes: #543841) * Adding watch file (Closes: #453530) * Converting to source package "3.0 (quilt)". * Correcting debhelper version dependency. * Adding Vcs fields. * Adding manpages. * Removing duplicate Section field. * Correctly hyphenate man pages. * Fixing spelling typos. * Adding symbols file. * Autoreconfiguring to fix rpath. * Cleaning what autoreconf did. * Registering html documentation. -- Thibaut GRIDEL Wed, 13 Jan 2010 21:22:00 +0100 giflib (4.1.6-8) unstable; urgency=low * Updating package to standards version 3.8.3. * Removing vcs fields. * Orphaning package. -- Daniel Baumann Thu, 27 Aug 2009 07:25:21 +0200 giflib (4.1.6-7) unstable; urgency=low * Replacing obsolete dh_clean -k with dh_prep. * Updating section of the debug package. * Using quilt rather than dpatch. * Using correct rfc-2822 date formats in changelog. * Updating package to standards version 3.8.2. * Removing old transitional packages. * Adding misc depends to debug and development package. * Updating year in copyright file. * Minimizing rules file. -- Daniel Baumann Mon, 27 Jul 2009 13:12:16 +0200 giflib (4.1.6-6) unstable; urgency=low * Updating vcs fields in control file. * Using patch-stamp rather than patch in rules file. * Removing config.guess and config.sub in clean target of rules. * Passing '--disable-x11' to configure call to ensure that giflib is not linked against X11 libs by accident (Closes: #503836). -- Daniel Baumann Tue, 28 Oct 2008 21:57:00 +0100 giflib (4.1.6-5) unstable; urgency=low * Correcting mistake of having libungif4-dev transitional package arch dependent. * Also adding libgif.so.4.1 symlink. * Using links debhelper to create symlinks. * Reordering rules file (Closes: #488586). * Rewriting copyright file in machine-interpretable format. * Adding vcs fields in control file. * Upgrading package to standards .8.0. * Upgrading package to debhelper 7. * Reverting config.guess and config.sub to upstream. -- Daniel Baumann Wed, 16 Jul 2008 12:06:00 +0200 giflib (4.1.6-4) unstable; urgency=high * Adding patch from libungif to fix CVE-2005-2974 and CVE-2005-3350. * Updating upstream homepage (Closes: #469561). -- Daniel Baumann Fri, 07 Mar 2008 14:40:00 +0100 giflib (4.1.6-3) unstable; urgency=high * Adding transitional packages to kick libungif out of the archive by force. * Removing watch file (Closes: #453592). -- Daniel Baumann Wed, 06 Feb 2008 23:22:00 +0100 giflib (4.1.6-2) unstable; urgency=low * Adding legacy links for libungif4g/libungif4-dev. -- Daniel Baumann Thu, 17 Jan 2008 20:02:00 +0100 giflib (4.1.6-1) unstable; urgency=low * New upstream release. * Bumped package to new policy. * Using new homepage field in control. * Don't hide make errors in clean target of rules. * Added --fail-missing to dh_install call. * Updated conficts/replaces/provides to initiate libungif4 to libgif4 transition. -- Daniel Baumann Thu, 17 Jan 2008 18:34:00 +0100 giflib (4.1.4-2) unstable; urgency=low * Minor cleanups. -- Daniel Baumann Fri, 19 Jan 2007 14:14:00 +0100 giflib (4.1.4-1) unstable; urgency=low * Took over package from Pawel. * New upstream release (Closes: #395388): - This is giflib 4.x, replacing giflib 3.x. No package in the archive has to be transitioned. After etch, giflib will replace libungif (all alleged patents are expired all over the world). - doesn't contain gif2x11 (Closes: #328665) - isn't affected by CVE-2005-2974 and CVE-2005-3350 (Closes: #395382). * Redone debian directory based on current debhelper templates, additionally: - added watch file. - added debug package. -- Daniel Baumann Thu, 02 Nov 2006 20:39:00 +0100 giflib (3.0-12) unstable; urgency=low * Applied patch from Dann Frazier to fix problems on 64-bit archs (closes: #325034) * Updated standards-version (no changes required) -- Pawel Wiecek Thu, 22 Sep 2005 21:15:00 +0200 giflib (3.0-11) unstable; urgency=low * Updated copyright file by removing warning saying it cannot by put on CDs, removed patent-related notes from long descriptions in control as well (should have done that in -10, but forgot). -- Pawel Wiecek Thu, 19 Aug 2004 00:43:34 +0200 giflib (3.0-10) unstable; urgency=low * Moved to main because of LZW's patent expiration (at long last!) (closes: #258465) * Fixed build-dependencies (closes: #262405) -- Pawel Wiecek Tue, 17 Aug 2004 22:09:18 +0200 giflib (3.0-9) unstable; urgency=low * Renamed getarg.h to gagetarg.h, to avoid name clashes (closes: #83331) * Updated standards version (no changes) -- Pawel Wiecek Mon, 19 Jan 2004 22:47:34 +0100 giflib (3.0-8) unstable; urgency=low * Applied patch from John Lightsey to fix transparency problems (closes: #20716) * Documented the fact, that giflib cannot be put on CD-ROMs (closes: #24580) * Applied patch from John Lightsey to fix gifinto's behavior when no arguments are supplied (closes: #49431) * giflib3g-dev now conflicts with heimdal-dev (closes: #83331, #180265) * Updated standards version * Updated sections (giflib3g-dev goes to non-free/libdevel, giflib3g-bin goes to non-free/utils) -- Pawel Wiecek Wed, 18 Jun 2003 13:54:09 +0200 giflib (3.0-7) unstable; urgency=low * New maintainer (closes: #139387) * Upgraded to current standards version (closes: #133331) -- Pawel Wiecek Tue, 09 Apr 2002 14:22:35 +0200 giflib (3.0-6) unstable; urgency=low * Move docs and man pages to /usr/share (Closes: #91165, #91479, #91480, #91482) -- Larry Daffner Tue, 27 Mar 2001 21:33:02 -0600 giflib (3.0-5.2) unstable; urgency=low * Redid debian/rules to use debhelper. * Added symlinks so giflib can be used with packages compiled with libungif. * Added shlibs control file so that packages compiled with giflib can also be used with libungif. -- Jim Pick Sun, 05 Jul 1998 22:46:51 -0700 giflib (3.0-5.1) unstable frozen; urgency=low * Corrected bogus hardwired dependency on libc6. -- Michael Alan Dorman Sun, 10 May 1998 11:31:47 -0500 giflib (3.0-5) unstable frozen; urgency=low * Fixed copyright location(s) * new maintainer address -- Larry Daffner Tue, 24 Mar 1998 11:31:47 -0600 giflib (3.0-4.1) unstable; urgency=low * libc6 release for hamm. -- Andreas Jellinghaus Sat, 18 Oct 1997 12:25:32 +0200 giflib (3.0-4) unstable; urgency=low * renamed binaries to giflib* to bring them in sync with source name. -- Andreas Jellinghaus Mon, 29 Sep 1997 18:11:22 +0200 giflib (3.0-3) unstable; urgency=low * fixed shared library. now link all bins with shared library. -- Andreas Jellinghaus Wed, 24 Sep 1997 19:14:48 +0200 giflib (3.0-2) unstable; urgency=low * added -D_REENTRANT and -lc to cflags/ldflags for glibc2. -- Andreas Jellinghaus Thu, 18 Sep 1997 14:26:06 +0200 giflib (3.0-1) unstable; urgency=low * Initial Release. -- Andreas Jellinghaus Thu, 18 Sep 1997 11:31:18 +0200