Change logs for xymon source package in Focal

xymon (4.3.30-1) unstable; urgency=medium

  [ Axel Beckert ]
  * Retroactively add bug report number to previous changelog entry.
  * Import new upstream bugfix release 4.3.30.
    + Drop 63_netstat-ant-vs-ipv6-address-truncating.patch, fixed
      upstream.

  [ Andreas Henriksson ]
  * Add patch to fix reproducible build on merged-usr vs non-merged
    systems. (Closes: #915957)

 -- Axel Beckert <email address hidden>  Sun, 08 Sep 2019 19:57:38 +0200

xymon (4.3.29-1) unstable; urgency=high

  * Import new upstream release.
    + Fixes multiple security vulnerabilities:
      - CVE-2019-13451: service overflows histlogfn in history.c.
      - CVE-2019-13452: service overflows histlogfn in reportlog.c.
      - CVE-2019-13273: srdb overflows dbfn in csvinfo.c.
      - CVE-2019-13274: reflected XSS in csvinfo.c.
      - CVE-2019-13455: htmlquoted(hostname) overflows msgline in
        acknowledge.c.
      - CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c.
      - CVE-2019-13485: hostname overflows selfurl in history.c.
      - CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in
        svcstatus.c.
    + Drop patches applied upstream:
      - 00_htmlcontenttype.patch
      - 39_kfreebsd-makefile.patch
      - 66_apache2.4.patch
      - 84_fix_compilation_on_GNU_Hurd.patch
      - 90_fix-spelling-errors.patch
    + Refresh update patches where necessary:
      - 24_hobbitclient-tmpfs.patch
      - 51_hardening-buildflags.patch
      - 87_fix_logfetch_FTBFS_with_glibc_2.26.patch
    + Add new build-dependency libtirpc-dev.
  * Declare compliance with Debian Policy 4.4.0. (No changes needed.)
  * Bump debhelper compatibility level to 12.
    + Replace debian/compat with a versioned b-d on debhelper-compat.

 -- Axel Beckert <email address hidden>  Wed, 24 Jul 2019 01:18:17 +0200