Change log for freeimage package in Debian
| 1 → 40 of 40 results | First • Previous • Next • Last |
| Published in bullseye-release |
freeimage (3.18.0+ds2-6+deb11u1) bullseye-security; urgency=medium * CVE-2020-21427 (Closes: #1051737) * CVE-2020-21428 (Closes: #1051738) * CVE-2020-22524 (Closes: #1051889) -- Moritz Mühlenhoff <email address hidden> Fri, 15 Dec 2023 20:11:17 +0100
| Published in bookworm-release |
freeimage (3.18.0+ds2-9+deb12u1) bookworm-security; urgency=medium * CVE-2020-21427 (Closes: #1051737) * CVE-2020-21428 (Closes: #1051738) * CVE-2020-22524 (Closes: #1051889) -- Moritz Mühlenhoff <email address hidden> Fri, 15 Dec 2023 20:20:51 +0100
| Published in sid-release |
freeimage (3.18.0+ds2-10) unstable; urgency=medium * Team upload * Fix CVE-2020-21427 with upstream patches * Fix CVE-2020-21428 with upstream patch * Fix CVE-2020-22524 with upstream patch -- Bastian Germann <email address hidden> Tue, 19 Sep 2023 14:50:01 +0000
Available diffs
| Superseded in sid-release |
freeimage (3.18.0+ds2-9.1) unstable; urgency=medium * Non-maintainer upload. * Add upstream fix for FTBFS with LibRaw 0.21. (Closes: #1040259) * Add upstream fix for compilation on big endian. (Closes: #1002610) -- Adrian Bunk <email address hidden> Mon, 10 Jul 2023 00:29:00 +0300
Available diffs
- diff from 3.18.0+ds2-9 to 3.18.0+ds2-9.1 (1.6 KiB)
freeimage (3.18.0+ds2-9) unstable; urgency=medium * Team upload. * The -dev packages are Multi-Arch:same (Closes: #1023696) -- Dima Kogan <email address hidden> Mon, 13 Feb 2023 23:56:16 -0800
Available diffs
| Superseded in sid-release |
freeimage (3.18.0+ds2-8) unstable; urgency=medium
[ Anton Gladky ]
* [1216cab] Set Standards-Version: 4.6.1
[ Mathieu Malaterre ]
* [e6f1f63] d/patches: Refresh patch to handle openexr 3.x split.
(Closes: #1017512)
-- Anton Gladky <email address hidden> Sat, 20 Aug 2022 23:39:55 +0200
Available diffs
- diff from 3.18.0+ds2-7 to 3.18.0+ds2-8 (937 bytes)
| Superseded in sid-release |
freeimage (3.18.0+ds2-7) unstable; urgency=medium [ Steve Langasek ] * [242e474] Use jpeg_read_icc_profile() from libjpeg. [ Anton Gladky ] * [7fdce91] Update to the new ffmpeg_4.4.0+. (Closes: #1011416, #1011710) * [53c97ea] Update .gitlab-ci.yml * [2184c25] Update standards version to 4.6.0, no changes needed. * [d32e2a2] Avoid explicitly specifying -Wl,--as-needed linker flag. * [9060df4] Update watch file format version to 4. * [e40bdff] Drop unnecesary build version restrictions -- Anton Gladky <email address hidden> Thu, 26 May 2022 13:31:41 +0200
Available diffs
freeimage (3.18.0+ds2-6) unstable; urgency=medium * [cf6ffd2] Fix FTBFS against libraw 0.20.0. (Closes: #968637) * [09d8830] Set compat-level to 13 * [d09f8b8] Install *.a files -- Anton Gladky <email address hidden> Thu, 27 Aug 2020 23:31:08 +0200
Available diffs
| Superseded in sid-release |
freeimage (3.18.0+ds2-5) unstable; urgency=medium * [bef22ed] Revert "Add Rules-Requires-Root: no" -- Anton Gladky <email address hidden> Thu, 16 Jul 2020 19:40:05 +0200
| Superseded in sid-release |
freeimage (3.18.0+ds2-4) unstable; urgency=medium * [d2fd1a9] Add debian/.gitlab-ci.yml * [0dbdc38] Fix compilation due to external-static mismatch. (Closes: #964653) * [a244b61] Respect CPPFLAGS * [736ea7b] Update standards version to 4.5.0, no changes needed. * [e86eeb9] Add Rules-Requires-Root: no -- Anton Gladky <email address hidden> Wed, 15 Jul 2020 23:05:20 +0200
| Published in stretch-release |
freeimage (3.17.0+ds1-5+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2019-12213: stack exhaustion caused by unwanted recursion in
ReadThumbnail (Closes: #929597).
* CVE-2019-12211: heap buffer overflow caused by invalid memcpy in
PluginTIFF.
-- Hugo Lefeuvre <email address hidden> Tue, 10 Dec 2019 16:35:54 +0100
| Published in buster-release |
freeimage (3.18.0+ds2-1+deb10u1) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2019-12213: stack exhaustion caused by unwanted recursion in
ReadThumbnail (Closes: #929597).
* CVE-2019-12211: heap buffer overflow caused by invalid memcpy in
PluginTIFF.
-- Hugo Lefeuvre <email address hidden> Tue, 10 Dec 2019 16:34:27 +0100
| Superseded in sid-release |
freeimage (3.18.0+ds2-3) unstable; urgency=medium
[ Hugo Lefeuvre ]
* CVE-2019-12213: stack exhaustion caused by unwanted recursion in
ReadThumbnail (Closes: #929597).
* CVE-2019-12211: heap buffer overflow caused by invalid memcpy in
PluginTIFF.
[ Anton Gladky ]
* [2a2e206] Bump debhelper from old 11 to 12.
* [044ea9c] Set debhelper-compat version in Build-Depends.
* [f776923] Set Standards-Version to 4.4.1. No changes
* [5417d72] Replace ADTTMP by AUTOPKGTEST_TMP
-- Anton Gladky <email address hidden> Tue, 31 Dec 2019 20:58:58 +0100
freeimage (3.18.0+ds2-1) unstable; urgency=medium * Upload into unstable. -- Anton Gladky <email address hidden> Sat, 05 Jan 2019 16:45:35 +0100
| Deleted in experimental-release (Reason: None provided.) |
freeimage (3.18.0+ds2-1~exp1) experimental; urgency=medium [ Andreas Tille ] * [6aa4ac3] New upstream version 3.18.0+ds1 * [7de4a2a] Refresh patches [ Anton Gladky ] * [61b38c4] Update d/copyright * [1f3f566] New upstream version 3.18.0+ds2 * [4586d3b] Refresh patches * [7ca9b46] Update -docs * [b8ae146] Use standards-version 4.2.1 -- Anton Gladky <email address hidden> Sat, 05 Jan 2019 10:15:55 +0100
| Published in jessie-release |
freeimage (3.15.4-4.2+deb8u1) jessie-security; urgency=high
* [f51f898] Fix CVE-2015-3885: integer overflow in the ljpeg_start function
(Closes: #786790)
* [b2e0c3f] Fix CVE-2016-5864: apply patch from wheezy-security.
Thanks to Salvatore Bonaccorso, Balint Reczey and Chris Lamb
(Closes: #839827)
-- Anton Gladky <email address hidden> Tue, 11 Oct 2016 21:00:24 +0200
freeimage (3.17.0+ds1-5) unstable; urgency=medium
[ James Cowgill ]
* [ab6c23d] Make the FaxG3 plugin visible but with no implementation
(Closes: #850027)
[ Anton Gladky ]
* [a4e7243] Apply cme fix dpkg.
-- Anton Gladky <email address hidden> Thu, 12 Jan 2017 20:45:54 +0100
Available diffs
- diff from 3.17.0+ds1-4 to 3.17.0+ds1-5 (4.1 KiB)
freeimage (3.17.0+ds1-4) unstable; urgency=medium
[ Anton Gladky ]
* Fix CVE-number.
[ Ghislain Antony Vaillant ]
* Fix FTCBFS: use triplet-prefixed build tools.
Thanks to Helmut Grohne for the fix (Closes: #845279)
* Fix wrong file type detection for certain plugins.
Update Disable-vendored-dependencies.patch
Thanks to Boris Lesner for the fix (Closes: #841089)
-- Ghislain Antony Vaillant <email address hidden> Tue, 13 Dec 2016 16:48:47 +0000
Available diffs
- diff from 3.17.0+ds1-3 to 3.17.0+ds1-4 (3.0 KiB)
freeimage (3.17.0+ds1-3) unstable; urgency=critical
[ Ghislain Antony Vaillant ]
* Fix CVE-2016-5864: apply patch from wheezy-security.
Thanks to Salvatore Bonaccorso, Balint Reczey and Chris Lamb
(Closes: #839827)
* d/gbp.conf: use master as packaging branch.
* Bump standards version to 3.9.8, no changes required.
* Upgrade to debhelper 10.
- Bump compat version to 10.
- Bump versioned depends of debhelper to 10.
- Drop explicit usage of `--with autoreconf` from dh command.
- Drop explicit usage of `--parallel` from dh command.
* Use DEB_BUILD_MAINT_OPTIONS for hardening.
* Disable PIE hardening feature.
[ Anton Gladky ]
* Change the urgency to critical.
-- Ghislain Antony Vaillant <email address hidden> Mon, 10 Oct 2016 15:12:26 +0100
Available diffs
| Published in wheezy-release |
freeimage (3.15.1-1.1) wheezy-security; urgency=high * Non-maintainer upload. * Fix integer overflow CVE-2015-0852. (Closes: #797165) -- Anton Gladky <email address hidden> Thu, 29 Oct 2015 22:33:32 +0100
freeimage (3.17.0+ds1-2) unstable; urgency=medium
* Improve build reproducibility by applying suggested s/sort/LC_ALL=C sort/
to Disable-vendored-dependencies.patch.
* Merge libpng16.patch with Fix-compatibility-with-system-libpng.patch.
* Use secure Vcs-Git URI.
* Bump standards version to 3.9.7, no changes required.
-- Ghislain Antony Vaillant <email address hidden> Fri, 04 Mar 2016 09:59:58 +0000
Available diffs
- diff from 3.17.0+ds1-1.1 to 3.17.0+ds1-2 (2.7 KiB)
freeimage (3.17.0+ds1-1.1) unstable; urgency=medium * Non-maintainer upload. * FTBFS with libpng1.6: New patch libpng16.patch (Closes: #742560) -- Tobias Frost <email address hidden> Fri, 22 Jan 2016 06:33:47 +0100
Available diffs
- diff from 3.15.4-6 to 3.17.0+ds1-1.1 (3.2 MiB)
- diff from 3.17.0+ds1-1 to 3.17.0+ds1-1.1 (916 bytes)
| Superseded in jessie-release |
freeimage (3.15.4-4.2) jessie-security; urgency=high * Non-maintainer upload. * Fix integer overflow CVE-2015-0852. (Closes: #797165) -- Anton Gladky <email address hidden> Thu, 29 Oct 2015 19:06:00 +0100
freeimage (3.17.0+ds1-1) unstable; urgency=medium * Move from experimental to unstable. -- Anton Gladky <email address hidden> Mon, 18 Jan 2016 08:33:15 +0100
Available diffs
- diff from 3.15.4-6 to 3.17.0+ds1-1 (3.2 MiB)
| Deleted in experimental-release (Reason: None provided.) |
freeimage (3.17.0+ds1-1~exp2) experimental; urgency=medium
* Add missing breaks / replaces relationship for libfreeimageplus-dev.
Thanks to Andreas Beckmann (Closes: #810570)
* Add missing depends on libfreeimage-dev for libfreeimageplus-dev.
* autopkgtest: use respective -dev packages for fi and fip tests.
* Add patch fixing the encoding of the FreeImage public header.
Thanks to Christophe Trophime (Closes: #798003)
-- Ghislain Antony Vaillant <email address hidden> Sun, 10 Jan 2016 16:09:02 +0000
| Superseded in experimental-release |
freeimage (3.17.0+ds1-1~exp1) experimental; urgency=medium
[ Ghislain Antony Vaillant ]
* New upstream release.
* Use repacked upstream source tarball:
- d/copyright: exclude vendored libraries.
- d/watch: use more flexible regexes.
- Remove *get-orig script, no longer used.
- Remove *lintian-overrides, no longer used.
* d/copyright: update licensing information.
* Add gbp.conf file.
* d/control: refresh list of build dependencies.
* Add new binary packages for FreeImagePlus.
Packages: libfreeimageplus{3,3-dbg,-dev,-doc}
* d/rules:
- Add multi-arch support.
- Use modern hardening settings.
- Run FreeImage and FreeImagePlus testsuites.
- Call upstream dos2unix target.
* Add autopkgtest support.
* Refresh patch queue:
- Drop disable_embedded_libraries.patch, replaced by new set of patches
derived from Fedora's.
Files: Disable-vendored-dependencies.patch,
Use-system-dependencies.patch
- Drop patch for CVE-2015-3885, FreeImage now uses the system libraw.
- Disable tests for any functionality requiring the vendored libraries.
File: Disable-testing-of-JPEG-transform.patch
- Temporary disable failing JXR MemIO test.
File: Disable-testing-of-JXR-MemIO.patch
- Improve compatibility with system libraries.
Files: Fix-macro-redefinition-of-64-bit-integer-types.patch,
Fix-compatibility-with-system-libpng.patch
- Various bug fixes caught whilst testing.
Files: Fix-unsafe-usage-of-printf-in-testsuite.patch,
Fix-missing-cstdio-include-in-testsuite.patch,
Fix-endianness-detection.patch
- Disable HTML timestamps in Doxygen documentation.
File: Disable-usage-of-HTML-timestamps-in-doxygen.patch
- Rename patch fixing CVE-2015-0852.
File: Fix-CVE-2015-0852.patch
[ Anton Gladky ]
* Fix typo in d/control.
* Use packaged jquery.js instead of embedded.
* Fix build in indep-only mode.
-- Ghislain Antony Vaillant <email address hidden> Wed, 11 Nov 2015 13:40:17 +0000
freeimage (3.15.4-6) unstable; urgency=medium
* [2ae274b] Move package under the Debian science team. (Closes: #604614)
* [d526203] Apply cme fix dpkg-control.
* [d526a52] Use compat level 9.
* [c8cc95b] Simplify d/rules, .install.
* [2682cec] Fix integer overflow in the ljpeg_start function CVE-2015-3885.
(Closes: #786790)
* [64a044f] Ignore quilt dir
-- Anton Gladky <email address hidden> Thu, 29 Oct 2015 23:17:04 +0100
Available diffs
- diff from 3.15.4-4.1build1 (in Ubuntu) to 3.15.4-6 (3.7 KiB)
- diff from 3.15.4-5 to 3.15.4-6 (2.3 KiB)
freeimage (3.15.4-5) unstable; urgency=medium [ W. Martin Borgert ] * QA upload. * [e807e1c] Fix integer overflow. (Closes: #797165) -- W. Martin Borgert <email address hidden> Tue, 15 Sep 2015 22:50:49 +0200
freeimage (3.15.4-4.1) unstable; urgency=medium
* Non-maintainer upload
* Remove libjpeg8-dev from Build-Depends
* Add compatibility transupp.c from src:libjpeg-turbo and use that
to compile against libjpeg62 (Closes: #763255)
* Make d/copyright machine readable and add jpeg/* and Source/LibJPEG/*
license
-- Ondřej Surý <email address hidden> Mon, 06 Oct 2014 11:29:52 +0200
Available diffs
freeimage (3.15.4-4) unstable; urgency=medium
* QA upload.
* Build-depend on libjpeg8-dev.
Patch by Dejan Latinovic <email address hidden>.
Closes: #763255.
* Improve big endian detection.
Add fix-big-endian-detection.patch.
Patch by Dejan Latinovic <email address hidden>.
Closes: #763730.
* Refresh patches
-- Anibal Monsalve Salazar <email address hidden> Thu, 02 Oct 2014 10:18:47 +0100
freeimage (3.15.4-3) unstable; urgency=low
* QA upload.
* disable_embedded_libraries.patch
- Use system libtiff (Closes: #735249)
Thanks to Sabayon from Gentoo for the hints
* tag_truncation.patch
- Cherry pick upstream fix for truncation of tags in TIFF files
Thanks to Julian Taylor (Closes: #735847)
-- Scott Howard <email address hidden> Sun, 19 Jan 2014 21:44:52 -0500
Available diffs
- diff from 3.15.4-2 to 3.15.4-3 (3.0 KiB)
freeimage (3.15.4-2) unstable; urgency=low
* Fix FTBFS from declaring UINT64 twice
- updated debian/patches/fixes_ftbfs_amd64.patch
-- Scott Howard <email address hidden> Tue, 14 Jan 2014 11:51:54 -0500
Available diffs
- diff from 3.15.1-2build2 (in Ubuntu) to 3.15.4-2 (3.4 MiB)
- diff from 3.15.4-1 to 3.15.4-2 (771 bytes)
freeimage (3.15.4-1) unstable; urgency=low
* QA Upload
* New upstream minor release
- Includes fix to build on !linux (Closes: #650485)
* Refreshed patches (line endings had to change)
- Remove document-mode.patch (accepted upstream)
* Lintian fixes: S-V 3.9.5, DM-Upload-Allowed removed
* Remove document-mode.patch (accepted upstream)
-- Scott Howard <email address hidden> Mon, 13 Jan 2014 21:57:45 -0500
Available diffs
freeimage (3.15.1-2) unstable; urgency=low
* QA upload.
* debian/patches/document-mode.patch:
- Fix FTBFS with LibRaw 0.15 (Closes: #710133).
-- Luca Falavigna <email address hidden> Thu, 11 Jul 2013 11:22:37 +0200
Available diffs
- diff from 3.15.1-1 to 3.15.1-2 (1.3 KiB)
freeimage (3.15.1-1) unstable; urgency=low [ Evan Broder ] * QA upload. * New upstream release (closes: 649541, LP: #898825, #898845) - Refreshed patches. + Abuse dh-autoreconf to generate Makefile.srcs and fipMakefile.srcs patches at build time - Update debian/freeimage-get-orig-source for the new version. - Add new build-dep libraw-dev. - Update patch to disable embedded libraries to deal with API changes in libpng, libmng, and libraw. - Make sure we install symlinks for libfreeimageplus. - Use (upstream-supported) CFLAGS instead of COMPILERFLAGS. * Switch to source format 3.0 (quilt) * Switch to dh(1) and debhelper compat 8 * Add missing misc:Depends. * Include the upstream changelog. * Update Debian standards version (no other changes needed). [ Stefano Rivera ] * Dropped README.source. * Updated freeimage (3.9.5) fixes CVE-2011-1167, CVE-2011-0192, CVE-2010-2595 * Override lintian's embedded-library error for libtiff. It wasn't extricable. -- Evan Broder <email address hidden> Tue, 06 Dec 2011 14:31:21 +0200
Available diffs
freeimage (3.10.0-4) unstable; urgency=low * Fix copy-pasto in tif_config.h. -- Julien Cristau <email address hidden> Fri, 29 Oct 2010 22:39:26 +0200
freeimage (3.10.0-3) unstable; urgency=low
* Don't use embedded copies of various libraries, add build-deps on their
packaged versions (closes: #595560):
- libjpeg 6b
- libmng 1.0.9
- libopenjpeg 1.2.0
- libpng 1.2.23
+ CVE-2010-2249, CVE-2010-1205, CVE-2010-0205, CVE-2009-2042,
CVE-2008-6218, CVE-2008-5907, CVE-2009-0040, CVE-2008-3964,
CVE-2008-1382
- openexr 1.6.1
+ CVE-2009-1720, CVE-2009-1721
- zlib 1.2.3
* The embedded libtiff copy is still used, because freeimage uses its
internals and I couldn't figure out how to unentangle this. Update the
tiff copy to 3.9.4-5, though:
CVE-2010-3087, CVE-2010-2483, CVE-2010-2482, CVE-2010-2481, CVE-2010-2443,
CVE-2010-2233, CVE-2010-2067, CVE-2010-2065, CVE-2010-1411, CVE-2009-2347,
CVE-2008-2327.
* Add tiff copyright and license to debian/copyright (closes: #601002)
* Link with -lm (closes: #558857).
* Try to avoid arch-specific values in our copy of tif_config.h and
tiffconf.h (closes: #601762)
* Set LFS CFLAGS in Makefile.gnu.
* Orphan package (closes: #595559).
-- Julien Cristau <email address hidden> Fri, 29 Oct 2010 14:46:46 +0200
freeimage (3.9.3-3) unstable; urgency=low
* Removed the file FreeImage393.pdf for which sources are apparently
not available.
* Added copyright ownner to copyright file.
-- Federico Di Gregorio <email address hidden> Mon, 07 May 2007 15:35:21 +0200
freeimage (3.10.0-2) unstable; urgency=low
* Fixed typo in short description of libfreeimage3-dbg.
(Closes: #518647)
* Adjusted patched to not need -p0 (Closes: #485251).
* Made package priority optional.
* Moved libfreeimage3-dbg package into debug section.
* Added debian/README.source.
* Added watch file.
* Added myself to Uploaders.
* Updated Standards-Version.
-- Michael Koch <email address hidden> Tue, 15 Sep 2009 20:12:53 +0200
freeimage (3.10.0-1) unstable; urgency=low * New upstream release. Closes: #471242 * Added extra freeimage documentation in orig tarball. * Added get-orig-source target. * Added Homepage field in control file. * Removing some unnecessary stuff from rules file. * Adding some necessary build dependencies. * Adding some modifications to allow for configuring various compiler flags. * Fix FTBFS on amd64. * Adding debug package. * Added DM-Upload-Allowed: yes field. * Added Vcs entries. -- Andres Mejia <email address hidden> Thu, 15 May 2008 03:18:00 -0400
| 1 → 40 of 40 results | First • Previous • Next • Last |
