openslp-dfsg (1.2.1-11ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: DoS or code exec via double-free - debian/patches/CVE-2017-17833.patch: fix up local copy of pointer in slpd/slpd_process.c. - CVE-2017-17833 - CVE-2018-12938 -- Marc Deslauriers Fri, 06 Jul 2018 13:15:34 -0400 openslp-dfsg (1.2.1-11) unstable; urgency=high * QA upload from the Security Team * Fix double free as per CVE-2015-5177 -- Alessandro Ghedini Fri, 04 Sep 2015 11:20:40 +0200 openslp-dfsg (1.2.1-10) unstable; urgency=low * QA upload. * Bump Standards-Version to 3.9.5 (no changes needed). * Bump debhelper compatibility level to 9. * Switch to machine-parseable copyright format. * Reorder binary package stanzas in debian/control. * Split common and specific package descriptions into distinct paragraphs so that translations are easier. * Reword package summaries. * Mark slpd and slptool as Multi-Arch:foreign, libslp1 and libslp-dev as Multi-Arch:same. Closes: #755935 * Clean up debian/rules: - Explicitly set DEB_HOST_GNU_TYPE. - Remove unused DEB_BUILD_GNU_SYSTEM and DEB_BUILD_GNU_CPU assignments. - Remove commented out debhelper commands. - Do not pass any argument to update-rc.d via dh_installinit. - Pass --host and --build to configure only when cross-compiling. - Pass --disable-silent-rules to configure, preemptively. - Enable hardening build flags. * Clean up init script: - Update LSB header descriptions. - Add LSB status action support. - Rename debian/init.d to debian/slpd.init. - Add new PIDFILE variable. * Remove unnecessary debian/dirs, dh_installinit takes care of creating the etc/init.d directory. * Remove debian/preinst, as it was wrongly using start-stop-daemon directly, and invoke-rc.d is already being injected by debhelper to stop the daemon on upgrade. * Remove «set -x» from slpd postinst. * Namespace stray debhelper files with «slpd.» in debian/ filenames. * Remove trailing spaces from debian/ files. * Change the libcrypto configure-time checks conditional on whether it is going to be used at build time, so that we can remove the libssl-dev Build-Conflicts. * Add a debian/watch file. * Add a basic symbols file for libslp1. * Fix a typo in slptool's program output message. * Fix a typo in an automake coditional in the code, that was not properly disabling the code (ENABLE_SLPV2_SECURITY → ENABLE_SLPv2_SECURITY). * Fix handling of string-list in common/slp_common.c by not increasing the item pointer past the string-list pointer, and letting '\' only escape the item separator ','. Although not reproduced it should in theory fix CVE-2012-4428. Closes: #687597 -- Guillem Jover Fri, 25 Jul 2014 16:57:05 +0200 openslp-dfsg (1.2.1-9) unstable; urgency=low * QA upload. * Drop 99_auroreconf patch, use dh-autoreconf instead. Ajust build-depends accordingly. * Bump Standards-Version to 3.9.2. * Drop duplicate Section and Priority fields from debian/control. * Move to dh_install instead of dh_movefiles. * Switch to format 3.0 (quilt). * Call make disclean in clean target, stop finishing the cleanup manually. * Enable building of the static lib, and ship it in libslp1-dev. * Stop shipping the .la file. * Bump debhelper compat version to 8. Ajust build-depends accordingly. * Drop build-depends on debconf. * Remove manual calls to ldconfig, debhelper adds them for us. * Stop the debconf abuse, ship a README.Debian with libslp1 instead. Closes: #613472. * Drop now unneeded BSD-specific tricks from debian/rules. -- Regis Boudin Mon, 06 Feb 2012 23:02:46 +0100 openslp-dfsg (1.2.1-8) unstable; urgency=low * Orphan the package, setting maintainer to Debian QA group * Fix CVE-2010-3609 (Closes: #623551, Closes: #621030) -- Moritz Muehlenhoff Mon, 19 Dec 2011 19:09:53 +0100 openslp-dfsg (1.2.1-7.8) unstable; urgency=low * Non-maintainer upload. * Bump debhelper compatibility to 7 * As a consequence of the former, replace deprecated "dh_clean -k" by dh_prep * Fix pending l10n issues. Debconf translations: - Danish (Joe Hansen). Closes: #581056 -- Christian Perrier Sat, 31 Jul 2010 06:35:03 -0400 openslp-dfsg (1.2.1-7.7) unstable; urgency=low * Non-maintainer upload to solve release goal. * Correct init.d script dependencies to make sure slpd starts before slapd (Closes: #279297). * Add homepage link in control file. * Add 'set -e' to libslp1 postrm and postinst, to make sure errors are not ignored. Thanks, lintian, for the warning. * Add ${misc:Depends} as dependency for all binary packages. Thanks, lintian, for the warning. -- Petter Reinholdtsen Tue, 06 Apr 2010 12:00:08 +0200 openslp-dfsg (1.2.1-7.6) unstable; urgency=low * Non-maintainer upload. * debian/libslp1.config, debian/control: Comment out dead code to avoid needing netstat, add a warning about needing pre-depends when/if uncommenting code, and drop depends on net-tools (Closes: #455447, #528739, #534567) * debian/po/de.po: Avoid sexual ambiguity in german translation (Closes: #506107) * debian/patches/*, debian/control, debian/rules: Add debian/patches/01_have_net_if_arp.diff, add quilt patch system, and dump autoreconf results into debian/patches/99_autoreconf.diff (Closes: #394388) * debian/po/es.po: Add updated spanish translation (Closes: #507444) * debian/rules: make clean remove config.{guess,sub} to avoid cluttering the package.diff.gz. -- Andreas Henriksson Thu, 25 Jun 2009 12:50:32 +0200 openslp-dfsg (1.2.1-7.5) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n issues. Debconf translations: - Dutch. Closes: #501377 -- Christian Perrier Wed, 05 Nov 2008 07:18:43 +0100 openslp-dfsg (1.2.1-7.4) unstable; urgency=low * Non-maintainer upload to fix some other pending l10n issues. * Debconf translations: - Swedish. Closes: #483435 - Japanese. Closes: #495231 -- Christian Perrier Tue, 19 Aug 2008 09:46:30 +0200 # For older changelog entries, run 'apt-get changelog libslp1'