-
libzstd (1.4.5+dfsg-4ubuntu0.1) groovy-security; urgency=medium
* SECURITY UPDATE: race condition allows attacker to access
world-readable destination file
- debian/patches/0018-fix-file-permissions-on-compression.patch: set
umask in programs/fileio.c, programs/util.c, programs/util.h.
- CVE-2021-24031
- CVE-2021-24032
-- Marc Deslauriers <email address hidden> Wed, 03 Mar 2021 10:41:23 -0500
-
libzstd (1.4.5+dfsg-4) unstable; urgency=medium
[ Andreas Tille ]
* Team upload.
* debhelper-compat 13 (routine-update)
[ Sudip Mukherjee ]
* Disable strict-aliasing to work around bug #957487
Intentionally not closing bug but decreasing severity for the moment.
The bug should be closed by a proper upstream fix and
strict-aliasing should be re-enabled.
-- Andreas Tille <email address hidden> Fri, 07 Aug 2020 20:47:29 +0200
-
libzstd (1.4.5+dfsg-3) unstable; urgency=medium
[ Paul Menzel ]
* debian/changelog: Fix typo in 1.4.5+dfsg-2 changelog
[ Alexandre Mestiashvili ]
* Add patch fixing FTBFS on Alpha, Closes: #962676
thanks to Helmut Grohne <email address hidden>
-- Alexandre Mestiashvili <email address hidden> Mon, 29 Jun 2020 16:10:31 +0200
-
libzstd (1.4.5+dfsg-2) unstable; urgency=medium
* Drop ZSTD_LEGACY_MULTITHREADED_API, since nothing in Debian seem to use it
* Fix FTCBFS: Don't build the shared library during dh_auto_install,
Closes: #962367, thanks to Helmut Grohne <email address hidden>
-- Alexandre Mestiashvili <email address hidden> Sun, 07 Jun 2020 09:31:18 +0200
-
libzstd (1.4.5+dfsg-1) unstable; urgency=medium
* New upstream version 1.4.5+dfsg
* Refresh patches, remove 0019-blhc-workarounds.patch from series
* Update symbols file, add ZDICT_getDictHeaderSize and remove all
ZSTDMT_* symbols, also remove renamed ZSTD_CCtxParam_getParameter and
ZSTD_CCtxParam_setParameter, no reverse dependencies use any of the
removed symbols
* Remove 0018-Alias-renamed-API-symbols.patch since no rdeps use the old
symbols
* Add patch fixing spelling typos
* d/rules: call dh_makeshlibs with -V 'libzstd1 (>= 1.4.5)', since this
version introduces new public symbols
-- Alexandre Mestiashvili <email address hidden> Fri, 05 Jun 2020 10:47:12 +0200
-
libzstd (1.4.4+dfsg-3) unstable; urgency=medium
* Team upload.
* Source only upload.
-- Michael R. Crusoe <email address hidden> Thu, 13 Feb 2020 10:40:13 +0100