glib2.0 (2.48.2-0ubuntu4.4) xenial-security; urgency=medium

  * SECURITY REGRESSION: regression in last security update (LP: #1838890)
    - debian/patches/CVE-2019-13012-regression.patch: fix a
      memory leak introduced by the last security update while
      not properly handled the g_file_get_patch function in
      gio/gkeyfilesettingsbackend.c.

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Mon, 05 Aug 2019 12:09:36 -0300

glib2.0 (2.48.2-0ubuntu4.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Not properly restrict directory and file permissions
    - debian/patches/CVE-2019-13012.patch: changes the permissions when
      a directory is created, using 700 instead 777 in
      gio/gkeyfilesettingsbackend.c and changes test to run in a temp
      directory in gio/tests/gsettings.c.
    - CVE-2019-13012

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 03 Jul 2019 15:24:33 -0300

glib2.0 (2.48.2-0ubuntu4.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Less restrictive permissions during copying
    - debian/patches/CVE-2019-12450.patch: limit access to file when
      copying in file_copy_fallback in file gio/gfile.c.
    - CVE-2019-12450

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 05 Jun 2019 13:49:53 -0300

glib2.0 (2.48.2-0ubuntu4.1) xenial-security; urgency=medium

  * SECURITY UPDATE: NULL pointer deference
    - debian/patches/CVE-2018-16428.patch: fix in glib/gmarkup.c,
      glib/tests/Makefile.am,
      glib/tests/markups/fail-51.expected,
      glib/tests/markups/fail-51.gmarkup.
    - CVE-2018-16428
  * SECURITY UPDATE: Read out-of-bounds
    - debian/patches/CVE-2018-16429.patch: fix in glib/gmarkup.c and
      glib/tests/Makefile.am,
      glib/tests/markups/fail-50.expected,
      glib/tests/markups/fail-50.gmarkup.
    - CVE-2018-16429

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Mon, 17 Sep 2018 10:58:18 -0300

glib2.0 (2.48.2-0ubuntu4) xenial; urgency=medium

  * Add a versioned Pre-Depends for dpkg because the libglib2.0-0 -await
    trigger requires a newer dpkg than the one in Ubuntu 14.04. (LP: #1784065)

 -- Brian Murray <brian@ubuntu.com>  Mon, 30 Jul 2018 08:29:26 -0700

glib2.0 (2.48.2-0ubuntu3) xenial; urgency=medium

  * tests-gdatetime-Use-a-real-rather-than-invented-timezone.patch:
    Cherry-pick upstream fix to make glib2.0 build again and tests
    run again with time zone changes.

 -- Julian Andres Klode <juliank@ubuntu.com>  Mon, 16 Jul 2018 11:56:58 +0200

glib2.0 (2.48.2-0ubuntu2) xenial; urgency=medium

  * Convert triggers to noawait (LP: #1780996)

 -- Julian Andres Klode <juliank@ubuntu.com>  Tue, 10 Jul 2018 18:17:29 +0200

glib2.0 (2.48.2-0ubuntu1) xenial; urgency=medium

  * New upstream release (LP: #1637731)
  * debian/patches/0001-Fix-trashing-on-overlayfs.patch: Update with new
    version from the upsstream report to hopefully fix trashing of files in
    directories which are symlinks to different devices. (Closes: #800047)
    (LP: #1638245)

 -- Iain Lane <iain@orangesquash.org.uk>  Thu, 24 Nov 2016 17:39:06 +0000

glib2.0 (2.48.1-1~ubuntu16.04.1) xenial; urgency=medium

  * No-change backport of this stable release from unstable to 16.04 (LP:
    #1581439)

 -- Iain Lane <iain@orangesquash.org.uk>  Fri, 13 May 2016 11:08:45 +0100

glib2.0 (2.48.1-1) unstable; urgency=medium

  * New upstream release.
  * Refresh patches.
  * Drop obsolete Conflicts, Breaks and Replaces from pre-wheezy.
  * Drop obsolete preinst maintainer scripts which cleaned up the
    /usr/share/doc symlinks.
  * Drop version requirement for pkg-config dependency. (Closes: #734479)

 -- Michael Biebl <biebl@debian.org>  Wed, 11 May 2016 01:11:42 +0200

# For older changelog entries, run 'apt-get changelog libglib2.0-0'