[ubuntu/cosmic-proposed] pcre3 2:8.39-12~18.10 (Accepted)
Matthias Klose
doko at ubuntu.com
Tue Apr 9 08:13:55 UTC 2019
pcre3 (2:8.39-12~18.10) cosmic-proposed; urgency=medium
* SRU: LP: #1823667.
pcre3 (2:8.39-12) unstable; urgency=medium
* Patch from Andrej Shadura <andrew.shadura at collabora.co.uk> to mark one
more STL symbol as optional (Closes: #923743).
pcre3 (2:8.39-11) unstable; urgency=medium
[ Matthias Klose ]
* Mark 2 STL symbols as optional (Closes: #904008)
[ Matthew Vernon ]
* Bump debian/compat to 11 (Closes: #646973)
* Fixes to debian/rules so package builds with dh compat 11
pcre3 (2:8.39-10) unstable; urgency=high
* Update symbols file (Closes: #897834
pcre3 (2:8.39-9) unstable; urgency=medium
* Update symbols file (Closes: #888921)
pcre3 (2:8.39-8) unstable; urgency=medium
* drive ulimit correctly (Closes: #876299)
pcre3 (2:8.39-7) unstable; urgency=low
* increase stack limit before running tests (Closes: #876299)
pcre3 (2:8.39-6) unstable; urgency=medium
* patch from Sergei from MariaDB (via Ondřej Surý) to fix stack frame
size detection (Closes: #878107, #876299)
pcre3 (2:8.39-5) unstable; urgency=medium
* patch from Katsuhiko Nishimra to symbols file to fix FTBFS with gcc7
(Closes: #876046, #853606)
pcre3 (2:8.39-4) unstable; urgency=low
* Remove now-deprecated Pre-Depends on multiarch-support (not needed
since jessie) (Closes: #865987)
pcre3 (2:8.39-3) unstable; urgency=high
* CVE-2017-7186: invalid Unicode property lookup may cause denial of
service (Closes: #858238)
pcre3 (2:8.39-2.1) unstable; urgency=high
* Non-maintainer upload.
* CVE-2017-6004: crafted regular expression may cause denial of service
(Closes: #855405)
pcre3 (2:8.39-2) unstable; urgency=low
* Update symbols file to reflect compilation with gcc6 (Closes: #811969)
pcre3 (2:8.39-1) unstable; urgency=medium
[ Ian Jackson ]
* New upstream version (Closes: #832354).
- Drop CVE-2016-1283.patch (now in upstream).
- Adjusted sonames: bumped each minor number where upstream
bumped theirs.
[ Matthew Vernon ]
* Add notes encouraging people to move to pcre2
pcre3 (2:8.38-3.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2016-1283: heap buffer overflow in handling of duplicate named
groups (Closes: #809706)
pcre3 (2:8.38-3) unstable; urgency=low
* Apply Ubuntu patch from Iain Lane (modified by Graham Inggs) to add
symbols files (Closes: #767374)
pcre3 (2:8.38-2) unstable; urgency=low
* Apply upstream patch to fix workspace overflow for (*ACCEPT) with
deeply nested parentheses (Closes: #815921)
pcre3 (2:8.38-1) unstable; urgency=low
* New upstream version
pcre3 (2:8.35-8) unstable; urgency=low
* Remove conflicts with long-vanished pcre{1,2}-dev packages (so new PCRE2 packages can co-exist)
pcre3 (2:8.35-7.4) unstable; urgency=medium
* Non-maintainer upload.
* Fix copy-and-paste error in Disable_JIT_on_sparc64.patch.
pcre3 (2:8.35-7.3) unstable; urgency=medium
* Non-maintainer upload.
* Add Disable_JIT_on_sparc64.patch to disable JIT on sparc64. The patch
no_jit_x32_powerpcspe.patch to disable JIT on powerpcspe was already
added in 2:8.35-6 (Closes: #765079).
pcre3 (2:8.35-7.2) unstable; urgency=low
* Non-maintainer upload (with maintainer's permission).
* Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch.
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-time-loop-for-recursive-reference-within.patch.
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-information-disclosure.patch.
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-compile-for-groups-like-2-0-1999.patch.
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch.
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-overflow-for-named-recursive-back-referen.patch.
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_regex(). (Closes: #787433)
pcre3 (2:8.35-7.1) unstable; urgency=medium
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
pcre3 (2:8.35-7) unstable; urgency=medium
* Apply upstream patch to fix buffer overflow for forward reference
within backward assertion with excess closing parenthesis
(Closes: #790000)
pcre3 (2:8.35-6) unstable; urgency=low
[ Thorsten Glaser ]
* Re-add patch disabling JIT on powerpcspe and x32 (Closes: #760327)
* Add back missing debian/changelog entries for 1:8.35-3.2 and 1:8.36-1
pcre3 (2:8.35-5) unstable; urgency=low
* re-enable jit on ppc64el (by dropping the patch that disables it)
(Closes: #786530)
* patch from Frederic Bonnard to fix the watch file (Closes: #785726)
pcre3 (2:8.35-4) experimental; urgency=medium
[ Mattia Rizzolo ]
* Add a libpcre16-3 package with the 16 bit pcre16 library (Closes: 748781).
* Add a libpcre32-3 package with the 32 bit pcre32 library.
[ Matthew Vernon ]
* Adopt this package (Closes: #772994)
pcre3 (2:8.35-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Upstream patch for heap buffer overflow, CVE-2014-8964, taken from
1:8.36-1 (Closes: #770478)
Thanks to Salvatore Bonaccorso for the reminder.
pcre3 (2:8.35-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Update shlibs dependency to 1:8.35 for new symbol introduced in upstream
version 8.35 (Closes: #767907)
* Revert upload of upstream version 8.36 to allow this upload to migrate to
jessie.
pcre3 (1:8.36-1) unstable; urgency=medium
* New upstream release
* Upped shlibs dependency to 8.35 (Closes: #767903)
* Upstream patch for heap buffer overflow, CVE-2014-8964 (Closes: #770478)
pcre3 (1:8.35-3.2) unstable; urgency=low
* Non-maintainer upload with maintainer permission.
* Disable JIT on x32 and powerpcspe (Closes: #760327).
pcre3 (1:8.35-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Enable build hardening flags (closes: #656008).
pcre3 (1:8.35-3) unstable; urgency=medium
Thanks to Simon McVittie for all of the work on this:
* Run tests with VERBOSE=1 so we can see the logs for failing tests
(Closes: #755052)
* Apply part of upstream r1472 to fix undefined behaviour when parsing
{n} or {m,n} quantifiers, which causes mis-parsing and test failures
under gcc 4.9 (Closes: #751828)
pcre3 (1:8.35-2) unstable; urgency=medium
* Build-depends on auto-reconf (Closes: 754540)
pcre3 (1:8.35-1) unstable; urgency=medium
* New upstream release
* Use dh-autoreconf
* Disable JIT on ppc64el (Closes: 751390) (Thanks Erwan Prioul)
pcre3 (1:8.31-5) unstable; urgency=medium
* Previous attempt at detecting JIT support didn't work when cross
compiling. Now runs the host compiler, and doesn't try to run the
output (Closes: 745222)
pcre3 (1:8.31-4) unstable; urgency=medium
* Enable JIT compilation only on architectures where it is supported -
fixes FTBFS on ones where it isn't (Closes: 745114)
* Verbose build logs (Closes: 745069)
pcre3 (1:8.31-3) unstable; urgency=medium
* Enable JIT regex compilation (http://sljit.sourceforge.net/pcre).
Note that this has no effect by default so should not break anything;
to use it you need to pass a flag to pcre_compile_regex()
(Closes: 740954)
* Changed shlibs:Depends to 8.20 as pcre_free_study() is not in older
versions (Closes: 743164)
pcre3 (1:8.31-2) unstable; urgency=low
* Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu
for the patch (Closes: 696217)
pcre3 (1:8.31-1) unstable; urgency=low
* New upstream release
* Applied patch from upstream bugzilla #1287 to fix bug where wrong
value is in re_nsub in some cases (Closes: #686495)
pcre3 (1:8.30-5) unstable; urgency=low
* There is no use in including debug information for the libraries from
the udeb in the debug package; more importantly, because the
installation system isn't multiarch, if they are included they result
in arch specific files in arch independent paths (debug package is
Multi-arch:same). Removed. (Closes: #670018)
pcre3 (1:8.30-4) unstable; urgency=low
* Reluctantly using an epoch, as it seems the funny version number with
extra dots causes problems
* Bumped standard version to 3.9.3. No changes needed
* Converted to use new source format / quilt
* Put back obsolete pcre_info() API that up
* Don't include pcregrep binary in debug package
Thanks to Elimar Riesebieter for the conversion to the new source format.
Date: Mon, 08 Apr 2019 14:41:46 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: Matthew Vernon <matthew at debian.org>
https://launchpad.net/ubuntu/+source/pcre3/2:8.39-12~18.10
-------------- next part --------------
Format: 1.8
Date: Mon, 08 Apr 2019 14:41:46 +0200
Source: pcre3
Binary: libpcre3 libpcre3-udeb libpcrecpp0v5 libpcre3-dev libpcre3-dbg pcregrep libpcre16-3 libpcre32-3
Architecture: source
Version: 2:8.39-12~18.10
Distribution: cosmic-proposed
Urgency: high
Maintainer: Matthew Vernon <matthew at debian.org>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
libpcre16-3 - Old Perl 5 Compatible Regular Expression Library - 16 bit runtime
libpcre3 - Old Perl 5 Compatible Regular Expression Library - runtime files
libpcre3-dbg - Old Perl 5 Compatible Regular Expression Library - debug symbols
libpcre3-dev - Old Perl 5 Compatible Regular Expression Library - development fi
libpcre3-udeb - Old Perl 5 Compatible Regular Expression Library - runtime files (udeb)
libpcre32-3 - Old Perl 5 Compatible Regular Expression Library - 32 bit runtime
libpcrecpp0v5 - Old Perl 5 Compatible Regular Expression Library - C++ runtime fi
pcregrep - grep utility that uses perl 5 compatible regexes.
Closes: 646973 656008 670018 686495 696217 740954 743164 745069 745114 745222 748781 751390 751828 754540 755052 760327 765079 767374 767903 767907 770478 772994 781795 783285 785726 786530 787433 790000 794589 809706 811969 815921 832354 853606 855405 858238 865987 876046 876299 878107 888921 897834 904008 923743
Launchpad-Bugs-Fixed: 1823667
Changes:
pcre3 (2:8.39-12~18.10) cosmic-proposed; urgency=medium
.
* SRU: LP: #1823667.
.
pcre3 (2:8.39-12) unstable; urgency=medium
.
* Patch from Andrej Shadura <andrew.shadura at collabora.co.uk> to mark one
more STL symbol as optional (Closes: #923743).
.
pcre3 (2:8.39-11) unstable; urgency=medium
.
[ Matthias Klose ]
* Mark 2 STL symbols as optional (Closes: #904008)
.
[ Matthew Vernon ]
* Bump debian/compat to 11 (Closes: #646973)
* Fixes to debian/rules so package builds with dh compat 11
.
pcre3 (2:8.39-10) unstable; urgency=high
.
* Update symbols file (Closes: #897834
.
pcre3 (2:8.39-9) unstable; urgency=medium
.
* Update symbols file (Closes: #888921)
.
pcre3 (2:8.39-8) unstable; urgency=medium
.
* drive ulimit correctly (Closes: #876299)
.
pcre3 (2:8.39-7) unstable; urgency=low
.
* increase stack limit before running tests (Closes: #876299)
.
pcre3 (2:8.39-6) unstable; urgency=medium
.
* patch from Sergei from MariaDB (via Ondřej Surý) to fix stack frame
size detection (Closes: #878107, #876299)
.
pcre3 (2:8.39-5) unstable; urgency=medium
.
* patch from Katsuhiko Nishimra to symbols file to fix FTBFS with gcc7
(Closes: #876046, #853606)
.
pcre3 (2:8.39-4) unstable; urgency=low
.
* Remove now-deprecated Pre-Depends on multiarch-support (not needed
since jessie) (Closes: #865987)
.
pcre3 (2:8.39-3) unstable; urgency=high
.
* CVE-2017-7186: invalid Unicode property lookup may cause denial of
service (Closes: #858238)
.
pcre3 (2:8.39-2.1) unstable; urgency=high
.
* Non-maintainer upload.
* CVE-2017-6004: crafted regular expression may cause denial of service
(Closes: #855405)
.
pcre3 (2:8.39-2) unstable; urgency=low
.
* Update symbols file to reflect compilation with gcc6 (Closes: #811969)
.
pcre3 (2:8.39-1) unstable; urgency=medium
.
[ Ian Jackson ]
* New upstream version (Closes: #832354).
- Drop CVE-2016-1283.patch (now in upstream).
- Adjusted sonames: bumped each minor number where upstream
bumped theirs.
.
[ Matthew Vernon ]
* Add notes encouraging people to move to pcre2
.
pcre3 (2:8.38-3.1) unstable; urgency=medium
.
* Non-maintainer upload.
* CVE-2016-1283: heap buffer overflow in handling of duplicate named
groups (Closes: #809706)
.
pcre3 (2:8.38-3) unstable; urgency=low
.
* Apply Ubuntu patch from Iain Lane (modified by Graham Inggs) to add
symbols files (Closes: #767374)
.
pcre3 (2:8.38-2) unstable; urgency=low
.
* Apply upstream patch to fix workspace overflow for (*ACCEPT) with
deeply nested parentheses (Closes: #815921)
.
pcre3 (2:8.38-1) unstable; urgency=low
.
* New upstream version
.
pcre3 (2:8.35-8) unstable; urgency=low
.
* Remove conflicts with long-vanished pcre{1,2}-dev packages (so new PCRE2 packages can co-exist)
.
pcre3 (2:8.35-7.4) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix copy-and-paste error in Disable_JIT_on_sparc64.patch.
.
pcre3 (2:8.35-7.3) unstable; urgency=medium
.
* Non-maintainer upload.
* Add Disable_JIT_on_sparc64.patch to disable JIT on sparc64. The patch
no_jit_x32_powerpcspe.patch to disable JIT on powerpcspe was already
added in 2:8.35-6 (Closes: #765079).
.
pcre3 (2:8.35-7.2) unstable; urgency=low
.
* Non-maintainer upload (with maintainer's permission).
* Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch.
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-time-loop-for-recursive-reference-within.patch.
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-information-disclosure.patch.
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-compile-for-groups-like-2-0-1999.patch.
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch.
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-overflow-for-named-recursive-back-referen.patch.
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_regex(). (Closes: #787433)
.
pcre3 (2:8.35-7.1) unstable; urgency=medium
.
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
.
pcre3 (2:8.35-7) unstable; urgency=medium
.
* Apply upstream patch to fix buffer overflow for forward reference
within backward assertion with excess closing parenthesis
(Closes: #790000)
.
pcre3 (2:8.35-6) unstable; urgency=low
.
[ Thorsten Glaser ]
* Re-add patch disabling JIT on powerpcspe and x32 (Closes: #760327)
* Add back missing debian/changelog entries for 1:8.35-3.2 and 1:8.36-1
.
pcre3 (2:8.35-5) unstable; urgency=low
.
* re-enable jit on ppc64el (by dropping the patch that disables it)
(Closes: #786530)
* patch from Frederic Bonnard to fix the watch file (Closes: #785726)
.
pcre3 (2:8.35-4) experimental; urgency=medium
.
[ Mattia Rizzolo ]
* Add a libpcre16-3 package with the 16 bit pcre16 library (Closes: 748781).
* Add a libpcre32-3 package with the 32 bit pcre32 library.
.
[ Matthew Vernon ]
* Adopt this package (Closes: #772994)
.
pcre3 (2:8.35-3.3) unstable; urgency=medium
.
* Non-maintainer upload.
* Upstream patch for heap buffer overflow, CVE-2014-8964, taken from
1:8.36-1 (Closes: #770478)
Thanks to Salvatore Bonaccorso for the reminder.
.
pcre3 (2:8.35-3.2) unstable; urgency=medium
.
* Non-maintainer upload.
* Update shlibs dependency to 1:8.35 for new symbol introduced in upstream
version 8.35 (Closes: #767907)
* Revert upload of upstream version 8.36 to allow this upload to migrate to
jessie.
.
pcre3 (1:8.36-1) unstable; urgency=medium
.
* New upstream release
* Upped shlibs dependency to 8.35 (Closes: #767903)
* Upstream patch for heap buffer overflow, CVE-2014-8964 (Closes: #770478)
.
pcre3 (1:8.35-3.2) unstable; urgency=low
.
* Non-maintainer upload with maintainer permission.
* Disable JIT on x32 and powerpcspe (Closes: #760327).
.
pcre3 (1:8.35-3.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Enable build hardening flags (closes: #656008).
.
pcre3 (1:8.35-3) unstable; urgency=medium
.
Thanks to Simon McVittie for all of the work on this:
.
* Run tests with VERBOSE=1 so we can see the logs for failing tests
(Closes: #755052)
* Apply part of upstream r1472 to fix undefined behaviour when parsing
{n} or {m,n} quantifiers, which causes mis-parsing and test failures
under gcc 4.9 (Closes: #751828)
.
pcre3 (1:8.35-2) unstable; urgency=medium
.
* Build-depends on auto-reconf (Closes: 754540)
.
pcre3 (1:8.35-1) unstable; urgency=medium
.
* New upstream release
* Use dh-autoreconf
* Disable JIT on ppc64el (Closes: 751390) (Thanks Erwan Prioul)
.
pcre3 (1:8.31-5) unstable; urgency=medium
.
* Previous attempt at detecting JIT support didn't work when cross
compiling. Now runs the host compiler, and doesn't try to run the
output (Closes: 745222)
.
pcre3 (1:8.31-4) unstable; urgency=medium
.
* Enable JIT compilation only on architectures where it is supported -
fixes FTBFS on ones where it isn't (Closes: 745114)
* Verbose build logs (Closes: 745069)
.
pcre3 (1:8.31-3) unstable; urgency=medium
.
* Enable JIT regex compilation (http://sljit.sourceforge.net/pcre).
Note that this has no effect by default so should not break anything;
to use it you need to pass a flag to pcre_compile_regex()
(Closes: 740954)
* Changed shlibs:Depends to 8.20 as pcre_free_study() is not in older
versions (Closes: 743164)
.
pcre3 (1:8.31-2) unstable; urgency=low
.
* Build -dev package as Multi-arch: same. Thanks Steve Langasek / Ubuntu
for the patch (Closes: 696217)
.
pcre3 (1:8.31-1) unstable; urgency=low
.
* New upstream release
* Applied patch from upstream bugzilla #1287 to fix bug where wrong
value is in re_nsub in some cases (Closes: #686495)
.
pcre3 (1:8.30-5) unstable; urgency=low
.
* There is no use in including debug information for the libraries from
the udeb in the debug package; more importantly, because the
installation system isn't multiarch, if they are included they result
in arch specific files in arch independent paths (debug package is
Multi-arch:same). Removed. (Closes: #670018)
.
pcre3 (1:8.30-4) unstable; urgency=low
.
* Reluctantly using an epoch, as it seems the funny version number with
extra dots causes problems
* Bumped standard version to 3.9.3. No changes needed
* Converted to use new source format / quilt
* Put back obsolete pcre_info() API that up
* Don't include pcregrep binary in debug package
.
Thanks to Elimar Riesebieter for the conversion to the new source format.
Checksums-Sha1:
110036af1d2641556dabbc713d349a7818bead44 2133 pcre3_8.39-12~18.10.dsc
a2e9fa607f32ba4dc18804b7c7e7c76a5463b179 26490 pcre3_8.39-12~18.10.debian.tar.gz
637ab6f41d1369159669cbec62d9663f1ec5956e 6623 pcre3_8.39-12~18.10_source.buildinfo
Checksums-Sha256:
c7b0105852951e97146552b94415558d3bff3f49eb9b6115fd4f158e71cd5728 2133 pcre3_8.39-12~18.10.dsc
a8f2932f70e621be538d7e024f6a4e8dc2219e0b8e65aa499862507057816bf1 26490 pcre3_8.39-12~18.10.debian.tar.gz
525f4cba29134fd56b3baa17f3a4a34eb84c5ab5eeccacd5b5115a199d8d4815 6623 pcre3_8.39-12~18.10_source.buildinfo
Files:
b7a6625d23fbfa836f4b7665395e1b7e 2133 libs optional pcre3_8.39-12~18.10.dsc
3e152f58a9e989af1189a8551efa751a 26490 libs optional pcre3_8.39-12~18.10.debian.tar.gz
834eb81022b9c1ed0213052ea9b6ef89 6623 libs optional pcre3_8.39-12~18.10_source.buildinfo
More information about the Cosmic-changes
mailing list