[ubuntu/artful-proposed] jbig2dec 0.13-5 (Accepted)

[Jeremy Bicha]

jbig2dec (0.13-5) unstable; urgency=medium

  * Add DEP-3 header to patch 1001.
  * Advertise DEP-3 format in patch headers.
  * Add patches cherry-picked upstream:
    + Fix decoder error on JBIG2 compressed image.
    + Tidy up unused code.
    + Add sanity check on image sizes.
    + refine test for "Denial of Service" images
    + Prevent SEGV due to integer overflow.
    + Prevent integer overflow vulnerability.
    + Bounds check before reading from image source data.
    + Plug leak of parameter info in command-line tool.
    + Fix memory leak in case of error.
    + Make clipping in image compositing handle underflow.
    + Fix double free in error case.
    + Do bounds checking of read data.
    + Do not grow page if page height is known.
    + Fix SEGV due to error code being ignored.
      Closes: Bug#863279; CVE-2017-9216. Thanks to Salvatore Bonaccorso.
    + Allow for symbol dictionary with 0 symbols.
  * Update watch file: Use substitution strings.
  * Stop put aside auto-generated header file during build: No longer
    shipped upstream.
  * Modernize cdbs:
    + Do copyright-check in maintainer script (not during build).
    + Relax to build-depend unversioned on cdbs.
    + Stop build-depend on licensecheck.
  * Declare compliance with Debian Policy 4.1.0.
  * Update copyright info:
    + Use https protocol in file format URL.
    + Fix rename License section AGPL-3 → AGPL-3+.
  * Tighten lintian overrides regarding License-Reference.

Date: 2017-09-23 22:36:04.620971+00:00
Signed-By: Jeremy Bicha <jeremy at bicha.net>
https://launchpad.net/ubuntu/+source/jbig2dec/0.13-5
-------------- next part --------------
Sorry, changesfile not available.