-
pcre3 (2:8.39-15) unstable; urgency=medium
* Make currently-important packages optional as pcre3 is obsolete
(Closes: #1026214)
-- Matthew Vernon <email address hidden> Thu, 22 Dec 2022 16:45:21 +0000
-
pcre3 (2:8.39-14) unstable; urgency=low
* Relax Depends: of libpcre3-dev to just libc-dev (Closes: #1008714)
-- Matthew Vernon <email address hidden> Sat, 02 Apr 2022 14:13:07 +0100
-
pcre3 (2:8.39-13) unstable; urgency=medium
* upstream patch fixing CVE-2020-14155 (Closes: #963086)
-- Matthew Vernon <email address hidden> Thu, 18 Jun 2020 19:33:56 +0100
-
pcre3 (2:8.39-12) unstable; urgency=medium
* Patch from Andrej Shadura <email address hidden> to mark one
more STL symbol as optional (Closes: #923743).
-- Matthew Vernon <email address hidden> Thu, 07 Mar 2019 15:30:15 +0000
-
pcre3 (2:8.39-11) unstable; urgency=medium
[ Matthias Klose ]
* Mark 2 STL symbols as optional (Closes: #904008)
[ Matthew Vernon ]
* Bump debian/compat to 11 (Closes: #646973)
* Fixes to debian/rules so package builds with dh compat 11
-- Matthew Vernon <email address hidden> Sat, 21 Jul 2018 14:59:04 +0100
-
pcre3 (2:8.39-10) unstable; urgency=high
* Update symbols file (Closes: #897834
-- Matthew Vernon <email address hidden> Tue, 17 Jul 2018 18:59:42 +0100
-
pcre3 (2:8.39-9) unstable; urgency=medium
* Update symbols file (Closes: #888921)
-- Matthew Vernon <email address hidden> Sat, 03 Feb 2018 18:27:50 +0000
-
pcre3 (2:8.39-8) unstable; urgency=medium
* drive ulimit correctly (Closes: #876299)
-- Matthew Vernon <email address hidden> Mon, 04 Dec 2017 05:27:10 +0000
-
pcre3 (2:8.39-7) unstable; urgency=low
* increase stack limit before running tests (Closes: #876299)
-- Matthew Vernon <email address hidden> Sun, 03 Dec 2017 12:21:44 +0000
-
pcre3 (2:8.39-6) unstable; urgency=medium
* patch from Sergei from MariaDB (via Ondřej Surý) to fix stack frame
size detection (Closes: #878107, #876299)
-- Matthew Vernon <email address hidden> Thu, 30 Nov 2017 15:38:57 +0000
-
pcre3 (2:8.39-5) unstable; urgency=medium
* patch from Katsuhiko Nishimra to symbols file to fix FTBFS with gcc7
(Closes: #876046, #853606)
-- Matthew Vernon <email address hidden> Tue, 19 Sep 2017 22:10:37 +0100
-
pcre3 (2:8.39-4) unstable; urgency=low
* Remove now-deprecated Pre-Depends on multiarch-support (not needed
since jessie) (Closes: #865987)
-- Matthew Vernon <email address hidden> Sun, 23 Jul 2017 16:20:23 +0100
-
pcre3 (2:8.39-3) unstable; urgency=high
* CVE-2017-7186: invalid Unicode property lookup may cause denial of
service (Closes: #858238)
-- Matthew Vernon <email address hidden> Tue, 21 Mar 2017 22:03:19 +0000
-
pcre3 (2:8.39-2.1) unstable; urgency=high
* Non-maintainer upload.
* CVE-2017-6004: crafted regular expression may cause denial of service
(Closes: #855405)
-- Salvatore Bonaccorso <email address hidden> Fri, 17 Feb 2017 15:56:09 +0100
-
pcre3 (2:8.39-2) unstable; urgency=low
* Update symbols file to reflect compilation with gcc6 (Closes: #811969)
-- Matthew Vernon <email address hidden> Fri, 19 Aug 2016 09:04:15 +0100
-
pcre3 (2:8.39-1) unstable; urgency=medium
[ Ian Jackson ]
* New upstream version (Closes: #832354).
- Drop CVE-2016-1283.patch (now in upstream).
- Adjusted sonames: bumped each minor number where upstream
bumped theirs.
[ Matthew Vernon ]
* Add notes encouraging people to move to pcre2
-- Matthew Vernon <email address hidden> Thu, 28 Jul 2016 16:58:55 +0100
-
pcre3 (2:8.38-3.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2016-1283: heap buffer overflow in handling of duplicate named
groups (Closes: #809706)
-- Salvatore Bonaccorso <email address hidden> Tue, 22 Mar 2016 21:05:13 +0100
-
pcre3 (2:8.38-3) unstable; urgency=low
* Apply Ubuntu patch from Iain Lane (modified by Graham Inggs) to add
symbols files (Closes: #767374)
-- Matthew Vernon <email address hidden> Sun, 28 Feb 2016 11:24:52 +0000
-
pcre3 (2:8.38-2) unstable; urgency=low
* Apply upstream patch to fix workspace overflow for (*ACCEPT) with
deeply nested parentheses (Closes: #815921)
-- Matthew Vernon <email address hidden> Sat, 27 Feb 2016 16:30:35 +0000
-
pcre3 (2:8.38-1) unstable; urgency=low
* New upstream version
-- Matthew Vernon <email address hidden> Tue, 22 Dec 2015 13:37:39 +0000
-
pcre3 (2:8.35-8) unstable; urgency=low
* Remove conflicts with long-vanished pcre{1,2}-dev packages (so new PCRE2 packages can co-exist)
-- Matthew Vernon <email address hidden> Sat, 21 Nov 2015 15:35:13 +0000
-
pcre3 (2:8.35-7.4) unstable; urgency=medium
* Non-maintainer upload.
* Fix copy-and-paste error in Disable_JIT_on_sparc64.patch.
-- John Paul Adrian Glaubitz <email address hidden> Mon, 02 Nov 2015 18:51:13 +0100
-
pcre3 (2:8.35-7.3) unstable; urgency=medium
* Non-maintainer upload.
* Add Disable_JIT_on_sparc64.patch to disable JIT on sparc64. The patch
no_jit_x32_powerpcspe.patch to disable JIT on powerpcspe was already
added in 2:8.35-6 (Closes: #765079).
-- John Paul Adrian Glaubitz <email address hidden> Mon, 02 Nov 2015 15:13:16 +0100
-
pcre3 (2:8.35-7.2) unstable; urgency=low
* Non-maintainer upload (with maintainer's permission).
* Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch.
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-time-loop-for-recursive-reference-within.patch.
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-information-disclosure.patch.
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-compile-for-groups-like-2-0-1999.patch.
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch.
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-overflow-for-named-recursive-back-referen.patch.
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_regex(). (Closes: #787433)
-- Salvatore Bonaccorso <email address hidden> Fri, 11 Sep 2015 20:04:19 +0200
-
pcre3 (2:8.35-7.1) unstable; urgency=medium
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
-- Matthias Klose <email address hidden> Tue, 04 Aug 2015 20:23:03 +0200
-
pcre3 (2:8.35-7) unstable; urgency=medium
* Apply upstream patch to fix buffer overflow for forward reference
within backward assertion with excess closing parenthesis
(Closes: #790000)
-- Matthew Vernon <email address hidden> Fri, 26 Jun 2015 08:08:55 +0100
-
pcre3 (2:8.35-6) unstable; urgency=low
[ Thorsten Glaser ]
* Re-add patch disabling JIT on powerpcspe and x32 (Closes: #760327)
* Add back missing debian/changelog entries for 1:8.35-3.2 and 1:8.36-1
-- Matthew Vernon <email address hidden> Sat, 13 Jun 2015 11:45:25 +0100
-
pcre3 (2:8.35-5) unstable; urgency=low
* re-enable jit on ppc64el (by dropping the patch that disables it)
(Closes: #786530)
* patch from Frederic Bonnard to fix the watch file (Closes: #785726)
-- Matthew Vernon <email address hidden> Tue, 26 May 2015 08:27:56 +0100
-
pcre3 (2:8.35-3.3+deb8u4) jessie; urgency=medium
* Non-maintainer upload.
* Add 0001-Fixed-an-issue-with-nested-table-jumps.patch.
Fixes issue with nested table jumps. (Closes: #819050)
-- Salvatore Bonaccorso <email address hidden> Fri, 25 Mar 2016 19:58:10 +0100
-
pcre3 (2:8.35-3.3+deb8u2) jessie; urgency=medium
* Non-maintainer upload.
* Add additional CVE references and bug closer to previous changelog.
CVE-2015-2327 fix was included in the previous 2:8.35-3.3+deb8u1 upload.
CVE-2015-8384 different issue than CVE-2015-3210 but fixed with same
commit.
CVE-2015-8388 different issue than CVE-2015-5073 but fixed with same
commit.
Add bug closer to bugs in the BTS retrospectively.
* Add 0001-Fix-compile-time-loop-for-recursive-reference-within.patch.
CVE-2015-2328: Stack-based buffer overflow in compile_regex().
* Add 794589-information-disclosure.patch.
CVE-2015-8382: Fix "pcre_exec does not fill offsets for certain regexps"
leading to information disclosure. (Closes: #794589)
* Add 0001-Fix-buffer-overflow-for-repeated-conditional-when-re.patch.
CVE-2015-8383: Buffer overflow caused by repeated conditional group.
* Add 0001-Fix-named-forward-reference-to-duplicate-group-numbe.patch.
CVE-2015-8385: Buffer overflow caused by forward reference by name to
certain group.
* Add 0001-Fix-buffer-overflow-for-lookbehind-within-mutually-r.patch.
CVE-2015-8386: Buffer overflow caused by lookbehind assertion.
* Add 0001-Add-integer-overflow-check-to-n-code.patch.
CVE-2015-8387: Integer overflow in subroutine calls.
* Add 0001-Fix-overflow-when-ovector-has-size-1.patch.
CVE-2015-8380: Heap-based buffer overflow in pcre_exec. (Closes: #806467)
* Add 0001-Fix-infinite-recursion-in-the-JIT-compiler-when-cert.patch.
CVE-2015-8389: Infinite recursion in JIT compiler when processing
certain patterns.
* Add 0001-Fix-bug-for-classes-containing-sequences.patch.
CVE-2015-8390: Reading from uninitialized memory when processing certain
patterns.
* Add 0001-Fix-run-for-ever-bug-for-deeply-nested-sequences.patch.
CVE-2015-8391: Some pathological patterns causes pcre_compile() to run
for a very long time.
* Add 0001-Fix-buffer-overflow-for-named-references-in-situatio.patch.
CVE-2015-8392: Buffer overflow caused by certain patterns with
duplicated named groups.
* Add 0001-Make-pcregrep-q-override-l-and-c-for-compatibility-w.patch.
CVE-2015-8393: Information leak when running pcgrep -q on crafted
binary.
* Add 0001-Add-missing-integer-overflow-checks.patch.
CVE-2015-8394: Integer overflow caused by missing check for certain
conditions.
* Add 0001-Hack-in-yet-other-patch-for-a-bug-in-size-computatio.patch.
CVE-2015-8381: Heap Overflow in compile_regex().
CVE-2015-8395: Buffer overflow caused by certain references.
(Closes: #796762)
-- Salvatore Bonaccorso <email address hidden> Tue, 29 Dec 2015 09:19:11 +0100
-
pcre3 (2:8.35-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Upstream patch for heap buffer overflow, CVE-2014-8964, taken from
1:8.36-1 (Closes: #770478)
Thanks to Salvatore Bonaccorso for the reminder.
-- Ivo De Decker <email address hidden> Sat, 06 Dec 2014 19:58:19 +0100
-
pcre3 (2:8.35-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Update shlibs dependency to 1:8.35 for new symbol introduced in upstream
version 8.35 (Closes: #767907)
* Revert upload of upstream version 8.36 to allow this upload to migrate to
jessie.
-- Ivo De Decker <email address hidden> Sat, 06 Dec 2014 19:21:39 +0100
-
pcre3 (1:8.36-1) unstable; urgency=medium
* New upstream release
* Upped shlibs dependency to 8.35 (Closes: #767903)
* Upstream patch for heap buffer overflow, CVE-2014-8964 (Closes: #770478)
-- Mark Baker <email address hidden> Mon, 24 Nov 2014 22:41:12 +0000
-
pcre3 (1:8.35-3.2) unstable; urgency=low
* Non-maintainer upload with maintainer permission.
* Disable JIT on x32 and powerpcspe (Closes: #760327).
-- Thorsten Glaser <email address hidden> Wed, 12 Nov 2014 14:30:23 +0000
-
pcre3 (1:8.35-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Enable build hardening flags (closes: #656008).
-- Michael Gilbert <email address hidden> Fri, 19 Sep 2014 01:48:23 +0000
-
pcre3 (1:8.35-3) unstable; urgency=medium
Thanks to Simon McVittie for all of the work on this:
* Run tests with VERBOSE=1 so we can see the logs for failing tests
(Closes: #755052)
* Apply part of upstream r1472 to fix undefined behaviour when parsing
{n} or {m,n} quantifiers, which causes mis-parsing and test failures
under gcc 4.9 (Closes: #751828)
-- Mark Baker <email address hidden> Wed, 23 Jul 2014 21:19:41 +0100
-
pcre3 (1:8.35-2) unstable; urgency=medium
* Build-depends on auto-reconf (Closes: 754540)
-- Mark Baker <email address hidden> Sat, 12 Jul 2014 23:03:47 +0100
-
pcre3 (1:8.35-1) unstable; urgency=medium
* New upstream release
* Use dh-autoreconf
* Disable JIT on ppc64el (Closes: 751390) (Thanks Erwan Prioul)
-- Mark Baker <email address hidden> Fri, 11 Jul 2014 19:54:51 +0100
-
pcre3 (1:8.31-5) unstable; urgency=medium
* Previous attempt at detecting JIT support didn't work when cross
compiling. Now runs the host compiler, and doesn't try to run the
output (Closes: 745222)
-- Mark Baker <email address hidden> Wed, 23 Apr 2014 21:00:35 +0100
-
pcre3 (1:8.31-4) unstable; urgency=medium
* Enable JIT compilation only on architectures where it is supported -
fixes FTBFS on ones where it isn't (Closes: 745114)
* Verbose build logs (Closes: 745069)
-- Mark Baker <email address hidden> Fri, 18 Apr 2014 10:06:31 +0100
-
pcre3 (1:8.31-3) unstable; urgency=medium
* Enable JIT regex compilation (http://sljit.sourceforge.net/pcre).
Note that this has no effect by default so should not break anything;
to use it you need to pass a flag to pcre_compile_regex()
(Closes: 740954)
* Changed shlibs:Depends to 8.20 as pcre_free_study() is not in older
versions (Closes: 743164)
-- Mark Baker <email address hidden> Tue, 08 Apr 2014 22:37:58 +0100
-
pcre3 (1:8.31-2) unstable; urgency=low
* Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu
for the patch (Closes: 696217)
-- Mark Baker <email address hidden> Thu, 03 Jan 2013 20:30:05 +0000
-
pcre3 (1:8.31-1) unstable; urgency=low
* New upstream release
* Applied patch from upstream bugzilla #1287 to fix bug where wrong
value is in re_nsub in some cases (Closes: #686495)
-- Mark Baker <email address hidden> Thu, 13 Sep 2012 19:58:45 +0100
-
pcre3 (1:8.30-5) unstable; urgency=low
* There is no use in including debug information for the libraries from
the udeb in the debug package; more importantly, because the
installation system isn't multiarch, if they are included they result
in arch specific files in arch independent paths (debug package is
Multi-arch:same). Removed. (Closes: #670018)
-- Mark Baker <email address hidden> Tue, 01 May 2012 22:38:42 +0100
-
pcre3 (1:8.30-4) unstable; urgency=low
* Reluctantly using an epoch, as it seems the funny version number with
extra dots causes problems
* Bumped standard version to 3.9.3. No changes needed
* Converted to use new source format / quilt
* Put back obsolete pcre_info() API that upstream have dropped (Closes:
#665300, #665356)
* Don't include pcregrep binary in debug package
Thanks to Elimar Riesebieter for the conversion to the new source format.
-- Mark Baker <email address hidden> Fri, 23 Mar 2012 22:34:54 +0000
-
pcre3 (8.30..-3) unstable; urgency=low
* configure: fixed libpcreposix version (this is not the same bug as the
previous one, though it's in the same few lines)
-- Mark Baker <email address hidden> Thu, 22 Mar 2012 19:45:03 +0000
-
pcre3 (8.30..-2) unstable; urgency=low
* configure: Correct library version so soname is libpcre.so.3 instead
of .2 (Closes: #664983)
* Horrible version number is because of NMU of "8.30.really8.12-1.1";
this will sort between that and 8.31-1
-- Mark Baker <email address hidden> Thu, 22 Mar 2012 17:52:35 +0000
-
pcre3 (8.30.really8.12-1.1) unstable; urgency=low
* Non-maintainer upload.
* Revert broken 8.30-1 upload to 8.12-4
-- Raphael Geissert <email address hidden> Wed, 21 Mar 2012 20:28:23 -0600
-
pcre3 (8.30-1) unstable; urgency=low
* New upstream release (Closes:#664166)
-- Mark Baker <email address hidden> Wed, 21 Mar 2012 21:03:39 +0000
-
pcre3 (8.12-4) unstable; urgency=low
* Multi-arch support. Thanks Steve Langasek for patch (Closes: 634250)
-- Mark Baker <email address hidden> Mon, 18 Jul 2011 21:59:44 +0100
-
pcre3 (8.12-3) unstable; urgency=low
* debian/rules: Increased shlib version to 8.10 (Closes: #612942, #613227, #613469, #614012, #615019) -- Mark Baker <email address hidden> Sun, 20 Feb 2011 12:46:44 +0000
-
pcre3 (8.12-2) unstable; urgency=low
* Include changes from Stéphane's NMU (including fix for bug 581202) that were accidentally omitted in previous release. * debian/control: -dbg package should be section debug, priority extra -- Mark Baker <email address hidden> Tue, 08 Feb 2011 20:38:49 +0000
-
pcre3 (8.12-1) unstable; urgency=low
* New upstream release (Closes: #554242) -- Mark Baker <email address hidden> Mon, 07 Feb 2011 23:53:42 +0000
-
pcre3 (8.02-1.1) unstable; urgency=low
* Non-maintainer upload.
* Add explicit Breaks to applications using libpcre-ocaml, to allow
proper upgrades from lenny (Closes: #581202)
* Add debian/watch
* Add debian/source/format
* Remove duplicate fields spotted by Lintian
* Promote XC-Package-Type field to Package-Type
-- Stéphane Glondu <email address hidden> Sat, 31 Jul 2010 16:05:27 -0400
-
pcre3 (8.02-1) unstable; urgency=low
* New upstream release
-- Mark Baker <email address hidden> Fri, 07 May 2010 21:18:05 +0100
-
pcre3 (7.8-3) unstable; urgency=low
* debian/rules: Install main library in /lib (Closes: 350468, #549608)
* debian/pcre-config.1: Minor formatting changes (thanks Alexander
Peslyak) (Closes: 338658)
* Makefile.am,Makefile.in: Added libpcre.la to LDADD for various things;
apparently this will make it cross-build successfully (Closes: 492565)
* debian/control: Added ${misc:Depends} to dependencies for all the
binary packages
* debian/rules: Don't ignore errors from make distclean
-- Mark Baker <email address hidden> Wed, 07 Oct 2009 00:05:25 +0100
-
pcre3 (7.8-2) unstable; urgency=low
* debian/rules: Bumped shlib version to 7.7 because of new feature in
that version (Closes: #500987)
-- Mark Baker <email address hidden> Sun, 05 Oct 2008 17:06:46 +0100
