-
evince (3.30.2-3+deb10u1) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* tiff: Handle failure from TIFFReadRGBAImageOriented (CVE-2019-11459)
(Closes: #927820)
-- Salvatore Bonaccorso <email address hidden> Wed, 12 Feb 2020 21:46:12 +0100
-
evince (3.30.2-3) unstable; urgency=medium
[ Jason Crain ]
* debian/apparmor-profile: Allow Illustrator .ai files (Closes: #920233)
-- Jeremy Bicha <email address hidden> Mon, 28 Jan 2019 19:48:11 -0500
-
evince (3.30.2-2) unstable; urgency=medium
* Restore -Wl,-O1 to our LDFLAGS
* Bump Standards-Version to 4.3.0
-- Jeremy Bicha <email address hidden> Sun, 23 Dec 2018 20:31:41 -0500
-
evince (3.30.2-1) unstable; urgency=medium
[ Jeremy Bicha ]
* New upstream release
[ Jamie Strandboge ]
* debian/apparmor-profile: Update thumbnailer policy
for temporary file path with and without bubblewrap (LP: #1798091)
(Closes: #911161)
-- Jeremy Bicha <email address hidden> Sat, 03 Nov 2018 17:30:50 -0400
-
evince (3.30.1-1) unstable; urgency=medium
[ Jeremy Bicha ]
* New upstream release
[ Jamie Strandboge ]
* debian/apparmor-profile.abstraction, apparmor-profile: harden the profile
- add preamble for expectations of the profile
- evince{-previewer}: restrict access to DBus system bus (we allow full
access to session, translation and accessibility buses for compatibility)
+ allow Get* to anything polkit allows
+ allow talking to avahi (for printing)
+ allow talking to colord (for printing)
- make the thumbnailer more restrictive (LP: #1794848) (Closes: #909849)
+ remove evince abstraction and use only what is needed from it
+ limit access to DBus session bus
+ generally disallow writes
+ allow reads for non-hidden files
- disallow access to the dirs of private files (LP: #1788929)
* debian/apparmor-profile: allow /bin/env ixr
-- Jeremy Bicha <email address hidden> Mon, 08 Oct 2018 00:17:39 -0400
-
evince (3.30.0-3) unstable; urgency=medium
[ Olivier Tilloy ]
* AppArmor: allow executing the gio-launch-desktop helper
(Closes: #908516)
-- Simon McVittie <email address hidden> Thu, 27 Sep 2018 12:19:53 +0100
-
evince (3.30.0-2) unstable; urgency=medium
* Re-enable postscript since ghostscript 9.22~dfsg-3 includes the recent
security fixes
-- Jeremy Bicha <email address hidden> Tue, 04 Sep 2018 04:16:23 -0400
-
evince (3.28.2-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bicha <email address hidden> Tue, 10 Apr 2018 13:33:32 -0400
-
evince (3.28.0-1) unstable; urgency=medium
* New upstream release
-- Tim Lunn <email address hidden> Sat, 17 Mar 2018 14:09:05 +1100
-
evince (3.27.92-1) unstable; urgency=medium
* New upstream release candidate
* Update install files for moved AppStream metadata
* Release to unstable
-- Jeremy Bicha <email address hidden> Sat, 10 Mar 2018 21:31:03 -0500
-
evince (3.26.0-3) unstable; urgency=medium
* Update Vcs fields for migration to https://salsa.debian.org/
* Bump debhelper compat to 11
* Drop obsolete patches (Closes: #876993, #886937)
- traditional_menu_bar.patch
- unity_normal_titlebar.patch
-- Jeremy Bicha <email address hidden> Wed, 24 Jan 2018 11:40:25 -0500
-
evince (3.26.0-2) unstable; urgency=medium
[ Michael Biebl ]
* Drop obsolete evince-gtk transitional package.
[ Simon McVittie ]
* Replace gir1.2-evince-3.0 Provides on gir1.2-evince-document-3.0 and
gir1.2-evince-view-3.0 (which nothing actually seems to depend on)
with gir1.2-evincedocument-3.0 and gir1.2-evinceview-3.0
(which correspond to the included typelibs). Note that there is no
Evince-3.0.typelib.
[ Jeremy Bicha ]
* Update Vcs fields for conversion to git
* Add debian/gbp.conf
* Bump Standards-Version to 4.1.2
-- Jeremy Bicha <email address hidden> Wed, 13 Dec 2017 11:56:34 -0500
-
evince (3.26.0-1) unstable; urgency=medium
* New upstream release
* debian/control.in: Bump Standards-Version to 4.1.1 (no further changes)
-- Laurent Bigonville <email address hidden> Wed, 04 Oct 2017 21:22:19 +0200
-
evince (3.25.92-1) unstable; urgency=medium
* New upstream release
* debian/libevdocument3-4.symbols: add new symbols
* Add patches from Ubuntu to show traditional menu bar outside GNOME:
- traditional_menu_bar.patch
- unity_normal_titlebar.patch
-- Jeremy Bicha <email address hidden> Wed, 06 Sep 2017 22:29:52 -0400
-
evince (3.24.1-1) unstable; urgency=medium
[ Laurent Bigonville ]
* debian/apparmor-profile.abstraction: remove support for the obsolete
/dev/.udev/ directory (Closes: #867143).
[ Jeremy Bicha ]
* New upstream release
* debian/control.in:
- Build-depend on libarchive-dev and libgdk-pixbuf2.0-dev
* Drop comics-Remove-support-for-tar-and-tar-like-commands.patch:
Applied in new release
* Bump Standards-Version to 4.1.0
-- Laurent Bigonville <email address hidden> Thu, 13 Jul 2017 16:38:04 +0200
-
evince (3.22.1-4) unstable; urgency=high
* d/p/comics-Remove-support-for-tar-and-tar-like-commands.patch:
Fix possible command injection vulnerability in CBT handler, this patch
removes handling of the CBT file format completely and evince now requires
unrar, unzip or 7z to open cbr, cbz or cb7 files (CVE-2017-1000083)
Discovered by Felix Wilhelm from the Google Security Team.
-- Laurent Bigonville <email address hidden> Thu, 13 Jul 2017 15:47:05 +0200
