Change log : yajl package : Ubuntu

2.1.0-5build1

Published in oracular-release on 2024-04-29

Published in noble-release on 2024-04-17

Deleted in noble-proposed (Reason: Moved to noble)

yajl (2.1.0-5build1) noble; urgency=high

  * No change rebuild for 64-bit time_t and frame pointers.

 -- Julian Andres Klode <email address hidden>  Mon, 08 Apr 2024 18:23:59 +0200

Available diffs

diff from 2.1.0-5 (in Debian) to 2.1.0-5build1 (582 bytes)

2.1.0-3ubuntu0.23.04.1

Published in lunar-updates on 2023-12-14

Published in lunar-security on 2023-12-14

yajl (2.1.0-3ubuntu0.23.04.1) lunar-security; urgency=medium

  * SECURITY UPDATE: buffer overread in yajl_string_decode function
    - debian/patches/CVE-2017-16516.patch: don't advance our end pointer until
      we've checked we have enough buffer left and that the unicode escape is
      approaching.
    - CVE-2017-16516
  * SECURITY UPDATE: integer overflow leading to heap memory corruption when
    processing large (~2GB) inputs
    - debian/patches/CVE-2022-24795.patch: catch integer overflow and
      terminate the process with abort().
    - CVE-2022-24795
  * SECURITY UPDATE: memory leak in yajl_tree_parse function
    - debian/patches/CVE-2023-33460.patch: fix memory leak problems by
      releasing requested memory in time.
    - CVE-2023-33460

 -- Fabian Toepfer <email address hidden>  Thu, 14 Dec 2023 13:46:59 +0100

Available diffs

diff from 2.1.0-3build2 (in ~ci-train-ppa-service/ubuntu/4816-deletedppa) to 2.1.0-3ubuntu0.23.04.1 (1.9 KiB)

2.1.0-3ubuntu0.22.04.1

Published in jammy-updates on 2023-12-14

Published in jammy-security on 2023-12-14

yajl (2.1.0-3ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer overread in yajl_string_decode function
    - debian/patches/CVE-2017-16516.patch: don't advance our end pointer until
      we've checked we have enough buffer left and that the unicode escape is
      approaching.
    - CVE-2017-16516
  * SECURITY UPDATE: integer overflow leading to heap memory corruption when
    processing large (~2GB) inputs
    - debian/patches/CVE-2022-24795.patch: catch integer overflow and
      terminate the process with abort().
    - CVE-2022-24795
  * SECURITY UPDATE: memory leak in yajl_tree_parse function
    - debian/patches/CVE-2023-33460.patch: fix memory leak problems by
      releasing requested memory in time.
    - CVE-2023-33460

 -- Fabian Toepfer <email address hidden>  Thu, 14 Dec 2023 14:06:32 +0100

Available diffs

diff from 2.1.0-3build2 (in ~ci-train-ppa-service/ubuntu/4816-deletedppa) to 2.1.0-3ubuntu0.22.04.1 (1.9 KiB)

2.1.0-3ubuntu0.20.04.1

Published in focal-updates on 2023-12-14

Published in focal-security on 2023-12-14

yajl (2.1.0-3ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overread in yajl_string_decode function
    - debian/patches/CVE-2017-16516.patch: don't advance our end pointer until
      we've checked we have enough buffer left and that the unicode escape is
      approaching.
    - CVE-2017-16516
  * SECURITY UPDATE: integer overflow leading to heap memory corruption when
    processing large (~2GB) inputs
    - debian/patches/CVE-2022-24795.patch: catch integer overflow and
      terminate the process with abort().
    - CVE-2022-24795
  * SECURITY UPDATE: memory leak in yajl_tree_parse function
    - debian/patches/CVE-2023-33460.patch: fix memory leak problems by
      releasing requested memory in time.
    - CVE-2023-33460

 -- Fabian Toepfer <email address hidden>  Thu, 14 Dec 2023 14:06:36 +0100

Available diffs

diff from 2.1.0-3 (in Debian) to 2.1.0-3ubuntu0.20.04.1 (2.1 KiB)

2.1.0-5

Superseded in noble-release on 2024-04-17

Published in mantic-release on 2023-07-12

Deleted in mantic-proposed (Reason: Moved to mantic)

yajl (2.1.0-5) unstable; urgency=medium

  * The patch for CVE-2023-33460 turned out to be incomplete.  Fix that.

 -- John Stamp <email address hidden>  Mon, 10 Jul 2023 15:08:58 -0700

Available diffs

diff from 2.1.0-4 to 2.1.0-5 (944 bytes)

2.1.0-4

Superseded in mantic-release on 2023-07-12

Deleted in mantic-proposed on 2023-07-13 (Reason: Moved to mantic)

yajl (2.1.0-4) unstable; urgency=medium

  [Debian Janitor]
  * Apply multiarch hints.
  * Set debhelper-compat version in Build-Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
  * Drop transition for old debug package migration.
  * Set upstream metadata fields: Repository.

  [John Stamp]
  * Patch CVE-2017-16516 and CVE-2022-24795 (Closes: #1040036)
  * Bump Standards-Version to 4.6.2
  * Bump debhelper compatibility to 13.
  * Update source url in debian/copyright.
  * Don't override dh_strip in debian/rules.  No longer needed.

 -- John Stamp <email address hidden>  Sun, 09 Jul 2023 10:04:53 -0700

Available diffs

diff from 2.1.0-3.1 to 2.1.0-4 (2.2 KiB)

2.1.0-3.1

Superseded in mantic-release on 2023-07-10

Deleted in mantic-proposed on 2023-07-11 (Reason: Moved to mantic)

yajl (2.1.0-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Import upstream patch for CVE-2023-33460. (Closes: #1039984)
  * Fix d/control Homepage field (Closes: #1040034)

 -- Tobias Frost <email address hidden>  Sat, 01 Jul 2023 14:55:44 +0200

Available diffs

diff from 2.1.0-3build2 (in ~ci-train-ppa-service/ubuntu/4816-deletedppa) to 2.1.0-3.1 (1.3 KiB)

2.1.0-3build2

Superseded in mantic-release on 2023-07-03

Published in lunar-release on 2022-10-27

Obsolete in kinetic-release on 2023-11-13

Published in jammy-release on 2022-04-02

Deleted in jammy-proposed (Reason: Moved to jammy)

yajl (2.1.0-3build2) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode <email address hidden>  Fri, 25 Mar 2022 11:01:17 +0100

Available diffs

diff from 2.1.0-3build1 (in Ubuntu) to 2.1.0-3build2 (564 bytes)

2.1.0-3build1

Superseded in jammy-release on 2022-04-02

Deleted in jammy-proposed on 2022-04-03 (Reason: Moved to jammy)

Deleted in impish-proposed on 2022-04-03 (Reason: Moved to jammy)

yajl (2.1.0-3build1) impish; urgency=medium

  * No-change rebuild to build packages with zstd compression.

 -- Matthias Klose <email address hidden>  Thu, 07 Oct 2021 12:27:21 +0200

Available diffs

diff from 2.1.0-3 (in Debian) to 2.1.0-3build1 (324 bytes)

2.1.0-3

Superseded in jammy-release on 2021-10-17

Obsolete in impish-release on 2022-07-23

Obsolete in hirsute-release on 2022-07-23

Obsolete in groovy-release on 2021-12-22

Published in focal-release on 2019-10-18

Obsolete in eoan-release on 2020-12-29

Obsolete in disco-release on 2020-07-14

Deleted in disco-proposed (Reason: moved to release)

yajl (2.1.0-3) unstable; urgency=medium

  [ Jelmer Vernooĳ ]
  * Use secure URI in Vcs control header.
  * Use secure copyright file specification URI.

  [ John Stamp ]
  * Bump debhelper compat to 11.
    - Remove unneeded --parallel argument in debian/rules.
  * Transition to automatic debug packages.
  * Bump Standards-Version to 4.2.1
    - Add Rules-Requires-Root field, and set it to "no".

 -- John Stamp <email address hidden>  Tue, 02 Oct 2018 15:51:58 -0700

Available diffs

diff from 2.1.0-2build1 (in Ubuntu) to 2.1.0-3 (1.5 KiB)

2.1.0-2build1

Superseded in disco-release on 2018-11-10

Obsolete in cosmic-release on 2020-07-13

Published in bionic-release on 2018-04-06

Deleted in bionic-proposed (Reason: moved to release)

yajl (2.1.0-2build1) bionic; urgency=high

  * No change rebuild to pick up -fPIE compiler default

 -- Balint Reczey <email address hidden>  Tue, 03 Apr 2018 12:53:41 +0000

Available diffs

diff from 2.1.0-2 (in Debian) to 2.1.0-2build1 (563 bytes)

2.1.0-2

Superseded in bionic-release on 2018-04-06

Obsolete in artful-release on 2020-07-10

Obsolete in zesty-release on 2018-06-22

Obsolete in yakkety-release on 2018-01-23

Published in xenial-release on 2015-10-22

Obsolete in wily-release on 2018-01-22

Obsolete in vivid-release on 2018-01-18

Deleted in vivid-proposed (Reason: moved to release)

yajl (2.1.0-2) unstable; urgency=medium


  * Change priority to optional (Closes: #758958)

 -- John Stamp <email address hidden>  Sat, 23 Aug 2014 21:09:50 -0700

Available diffs

diff from 2.1.0-1 to 2.1.0-2 (604 bytes)

2.1.0-1

Superseded in vivid-release on 2014-10-25

Obsolete in utopic-release on 2016-11-03

Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release)

yajl (2.1.0-1) unstable; urgency=medium


  * New upstream release.
  * Refresh patches.
  * Update symbols file.
  * Update manpages for json_reformat, json_verify.
  * Minor updates to debian/copyright.
  * Clean up debian/rules
    - Fix up variable assignments
    - Add -fvisibility=hidden to DEB_CFLAGS_MAINT_APPEND so clang doesn't
      export extraneous symbols.
  * Bump Standards-Version to 3.9.5.  No changes needed.
  * Mark libyajl-dev as Multi-Arch: same

 -- John Stamp <email address hidden>  Tue, 29 Apr 2014 17:06:00 -0700

Available diffs

diff from 2.0.4-4 to 2.1.0-1 (30.2 KiB)

2.0.4-4

Superseded in utopic-release on 2014-05-10

Published in trusty-release on 2013-10-18

Obsolete in saucy-release on 2015-04-24

Deleted in saucy-proposed (Reason: moved to release)

yajl (2.0.4-4) unstable; urgency=low


  * Fix cmake configuration to install the lib in the right path
    (Closes: #712082)
  * Update debian/watch file.  Thanks to Bart Martens.

 -- John Stamp <email address hidden>  Wed, 12 Jun 2013 14:05:18 -0700

Available diffs

diff from 2.0.4-3 to 2.0.4-4 (1.2 KiB)

2.0.4-3

Superseded in saucy-release on 2013-06-13

Deleted in saucy-proposed on 2013-06-14 (Reason: moved to release)

yajl (2.0.4-3) unstable; urgency=low


  * Add missing Multi-Arch field for libyajl2 and libyajl2-dbg
    (Closes: #697380)
  * Use versioned copyright format uri in debian/copyright
  * Bump debhelper compat to version 9
  * Rewrite debian/rules using tiny dh style.
  * Bump Standards-Version to 3.9.4.  No further changes needed.
  * Support for cross-compilation (Closes: #702357)
    - Adapt Ian Campbell's patch to use CMakeCross toolchain file when cross
      compiling.

 -- John Stamp <email address hidden>  Tue, 04 Jun 2013 09:51:24 -0700

Available diffs

diff from 2.0.4-2 to 2.0.4-3 (2.4 KiB)

2.0.4-2

Superseded in saucy-release on 2013-06-12

Obsolete in raring-release on 2015-04-24

Obsolete in quantal-release on 2015-04-24

yajl (2.0.4-2) unstable; urgency=low


  * Upload to unstable.

 -- John Stamp <email address hidden>  Thu, 26 Jan 2012 17:47:08 -0800

Available diffs

diff from 1.0.12-2 to 2.0.4-2 (58.5 KiB)

1.0.12-2

Superseded in quantal-release on 2012-05-01

Published in precise-release on 2011-11-09

yajl (1.0.12-2) unstable; urgency=low


  * Fix missing backslash that prevented verbose makefiles (Closes: #647445)
  * Use the default build flags from dpkg-buildflags
  * Revert debian/compat to 7
  * Update upstream's copyright date in debian/copyright

 -- John Stamp <email address hidden>  Thu, 03 Nov 2011 19:22:20 -0700

Available diffs

diff from 1.0.12-1ubuntu1 (in Ubuntu) to 1.0.12-2 (989 bytes)

1.0.12-1ubuntu1

Superseded in precise-release on 2011-11-09

yajl (1.0.12-1ubuntu1) precise; urgency=low

  * Restore -DCMAKE_VERBOSE_MAKEFILE=ON.
  * Export the output from dpkg-buildflags.
 -- Colin Watson <email address hidden>   Wed, 02 Nov 2011 15:27:48 -0400

Available diffs

diff from 1.0.12-1 (in Debian) to 1.0.12-1ubuntu1 (938 bytes)

1.0.12-1

Superseded in precise-release on 2011-11-02

yajl (1.0.12-1) unstable; urgency=low
  * New upstream  * Remove non-pic-static-lib.patch. Applied upstream.  * Add misc:Depends to dev and doc packages  * Use source format 3.0 (quilt)  * Bump Standards-Version to 3.9.2. No changes needed.  * Add libyajl1.symbols file  * Transition to multiarch -- John Stamp <email address hidden>  Tue, 19 Jul 2011 10:55:54 -0700

1.0.12-0ubuntu2

Superseded in precise-release on 2011-10-18

Obsolete in oneiric-release on 2015-04-24

Superseded in oneiric-release on 2011-05-24

yajl (1.0.12-0ubuntu2) oneiric; urgency=low

  * Add symbols file.
 -- Matthias Klose <email address hidden>   Mon, 23 May 2011 23:38:12 +0200

Available diffs

diff from 1.0.12-0ubuntu1 to 1.0.12-0ubuntu2 (598 bytes)

1.0.12-0ubuntu1

Superseded in oneiric-release on 2011-05-23

yajl (1.0.12-0ubuntu1) oneiric; urgency=low

  * New upstream version.
 -- Matthias Klose <email address hidden>   Mon, 23 May 2011 23:18:21 +0200

Available diffs

diff from 1.0.8-1 to 1.0.12-0ubuntu1 (7.2 KiB)

1.0.8-1

Superseded in oneiric-release on 2011-05-23

Obsolete in natty-release on 2013-06-04

Obsolete in maverick-release on 2013-03-05

Obsolete in lucid-release on 2016-10-26

yajl (1.0.8-1) unstable; urgency=low

  * New upstream
  * Bump shlibs
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  18 Jan 2010 07:34:47 +0000

Available diffs

diff from 1.0.6+git20090925-1 to 1.0.8-1 (6.3 KiB)

1.0.6+git20090925-1

Superseded in lucid-release on 2010-01-19

yajl (1.0.6+git20090925-1) unstable; urgency=low

  * New upstream
  * Drop README.Debian: upstream removed non-free files
  * Drop relaxed-integer-tests.patch (merged upstream)
  * Update manpages

Ubuntu
yajl package

Change log for yajl package in Ubuntu

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Ubuntuyajl package

Change log for yajl package in Ubuntu

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Ubuntu
yajl package