tnef (1.4.12-1.2) unstable; urgency=medium * Non-maintainer upload by the Wheezy LTS Team. (Closes: #862442) * CVE-2017-8911 An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker. -- Thorsten Alteholz Mon, 29 May 2017 15:03:02 +0200 tnef (1.4.12-1.1) unstable; urgency=medium * Non-maintainer upload by the Wheezy LTS Team. (Closes: #856117) * while fixing the CVEs, upstream introduced a regression fix-regression-1.patch and fix-regression-2.patch take care of that (Closes: #857342) * CVE-2017-6307 An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker. * CVE-2017-6308 An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation. * CVE-2017-6309 An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker. * CVE-2017-6310 An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an attacker. -- Thorsten Alteholz Wed, 29 Mar 2017 19:03:02 +0200 tnef (1.4.12-1) unstable; urgency=low * New upstream release. This release addresses FTBFS with clang instead of gcc by defining free_bodies before it is used. (Closes: #747201, #753540) * debian/control: + Fixed typo in package description. (Closes: #796480) + Bumped debhelper to 9. + Bumped Standards-Version to 3.9.8. + Updated Homepage information. + Add Build-Depends on dh-autoreconf. * Updated watch file to reflect new location of upstream. * Remove TODO from and add AUTHORS to debian/docs. * Updated debian/copyright, removed duplicate license text. * Upstream build system was revised, so debian/rules now calls autoreconf instead of autotools-dev. Added override_dh_auto_test to remove left over file from testing. -- Kevin Coyner Wed, 12 Oct 2016 21:55:41 -0400 tnef (1.4.9-1) unstable; urgency=low * New upstream release. * Simplified debian/rules. -- Kevin Coyner Fri, 27 Apr 2012 19:58:46 +0000 tnef (1.4.8-2) unstable; urgency=low * Bump Standards-Version to 3.9.3 in debian/control. No changes. * Removed unneeded option in debian/rules and fixes FTBFS. (Closes: #666358) -- Kevin Coyner Fri, 27 Apr 2012 18:54:09 +0000 tnef (1.4.8-1) unstable; urgency=low * New upstream release. * debian/control: + Add Build-Depends on quilt. + Bump debhelper to 8. + Bump Standards-Version to 3.9.1. No changes. * Update debian/copyright to be machine readable. * Bump debian/compat to 8. * Add patch to fix man page. (Closes: #619895). Thanks to Pietro Battiston. * Add README.source. -- Kevin Coyner Tue, 19 Apr 2011 14:48:40 +0000 tnef (1.4.7-1) unstable; urgency=low * New upstream release. * Updated Standards-Version to 3.8.4. No changes. * debian/control: + Add ${misc:Depends} to debian/control. + Updated debhelper version to 7.4~. * debian/compat updated from 5 to 7. * Changed dh_clean -k to dh_prep in debian/rules. * Update debian/copyright to reflect changes in author's dates. -- Kevin Coyner Thu, 11 Feb 2010 00:15:08 +0000 tnef (1.4.6-1) unstable; urgency=low * New upstream release. * Updated Standards-Version to 3.8.3. No changes. * Small cleanup of debian/copyright. -- Kevin Coyner Mon, 05 Oct 2009 21:29:36 -0400 tnef (1.4.5-1) unstable; urgency=low * New upstream release (Closes: 457382) * debian/control + Moved Homepage from long description to its own field. + Updated Standards-Version to 3.8.0 + Removed obsolete lines in long description (Closes: #501011) * Converted file encoding of debian/copyright from ISO-8859 to UTF-8. -- Kevin Coyner Sat, 04 Oct 2008 12:38:41 -0400 tnef (1.4.3-2) unstable; urgency=low * debian/control: + Small grammatical change to description + Bumped debhelper version to 5 + Changed to new e-mail address for maintainer + Changed homepage (Closes: #413097) * debian/compat - bumped to 5 * debian/copyright: + Changed to new e-mail address for maintainer + Changed source download address -- Kevin Coyner Sun, 05 Aug 2007 11:10:03 -0400 tnef (1.4.3-1) unstable; urgency=low * New upstream release -- Fix 'unicode string filename' bug -- better handling of files with garbage at the end -- Fix a build error on Solaris 10 -- Kevin Coyner Sun, 17 Sep 2006 21:34:25 -0400 tnef (1.4.1-1) unstable; urgency=low * New upstream release (adds new switch --list-with-mime-types) * Updated Standards-Version to 3.7.2 -- Kevin Coyner Sun, 23 Jul 2006 16:01:29 -0400 tnef (1.4-1) unstable; urgency=low * New upstream release * New maintainer (Closes: #360948) * debian/rules: + small change to ./configure + added rm -rf config.cache + specifically remove config.{sub,guess} after build * debian/copyright: updated copyright info * debian/watch: update to version 3 -- Kevin Coyner Thu, 6 Apr 2006 11:25:16 -0400 tnef (1.3.4-1) unstable; urgency=low * New upstream release -- Florian Ernst Mon, 24 Oct 2005 17:38:12 +0200 tnef (1.3.3-1) unstable; urgency=low * New upstream release, taking over with previous maintainer's consent (Closes: #199800) + includes --maxsize option, thus dropping debian/sizelimit.diff * debian/control: + upgrade debhelper B-D to >=4, adding B-D on autotools-dev + extend long description, adding upstream Homepage * debian/copright: + update upstream homepage + update copyright info * debian/rules: + general cleanup, stripping out all unneeded parts + use HOST and BUILD, auto-update config.{sub,guess} + export compat (now 4) and docs into corresponding files + use DESTDIR for installing + switch to dh_installman * debian/watch: added * Removed various old and empty templates * Standards-Version: 3.6.2 -- Florian Ernst Thu, 22 Sep 2005 14:21:19 +0200 tnef (1.2.3-0.1) unstable; urgency=low * NMU. * New upstream version (closes: #199800). -- Matthias Klose Mon, 29 Dec 2003 09:54:21 +0100 tnef (1.1.4-1) unstable; urgency=low * New upstream version should allegedly fix segfault; changes are fairly minor (with the usual massive amount of changes in auto-*-generated files). It has fixed the segfault in the example file I have, so... closes: #176046 * Remembered to change Maintainer: field in control file this time :-/ -- Nick Phillips Sat, 22 Feb 2003 16:41:28 +1300 tnef (1.1.3-1) unstable; urgency=low * New upstream version, 1.1.2 not packaged for Debian. * Should now handle a greater proportion of TNEF input files. * libgen.h appears no longer to be needed for a clean build, so removed. * Still a segfault bug outstanding upstream. * Not an NMU. -- Nick Phillips Mon, 25 Nov 2002 22:02:34 +1300 tnef (1.1.1-0.1) unstable; urgency=low * NMU. * New upstream version. * Include the `sizelimit' patch found on http://www.mailscanner.info/. Adds options -x --maxsize=. * Remove man page included upstream. * src/tnef.c: #include (closes: #115981). * The attachment, which couldn't be decoded by tnef-0.15, can be decoded with this version (closes: #84348). -- Matthias Klose Thu, 10 Jan 2002 22:31:47 +0100 tnef (1.0.1-1) unstable; urgency=low * Updated upstream release (Closes: #93632) -- Javier Fernandez-Sanguino Pen~a Tue, 8 May 2001 18:08:16 +0200 tnef (0.15-2) unstable; urgency=low * Spelling fixes (Closes: #84347) -- Javier Fernandez-Sanguino Pen~a Sun, 4 Feb 2001 11:32:59 +0100 tnef (0.15-1) unstable; urgency=low * Initial release. -- Javier Fernandez-Sanguino Pen~a Wed, 13 Dec 2000 13:17:53 +0100