p7zip (16.02+dfsg-6) unstable; urgency=medium * Replace 13-CVE-2017-17969.patch with a version used by recent security update for stretch, which add a range check for another counter variable. -- Robert Luberda Mon, 05 Feb 2018 20:27:45 +0100 p7zip (16.02+dfsg-5) unstable; urgency=medium * Hopefully fix ZIP Shrink: Heap Buffer Overflow (CVE-2017-17969). Thanks to Antoine Beaupré for the initial patch, based on upstream changes in 7Zip 18.00.beta (closes: #888297). * Fix `deprecated use of operator++ on bool variable' g++ warning. * Fix a typo in man page introduced in 09-man-update.patch (closes: #873943). * Bump debhelper's compat level to 11. * Use 'https' URL in debian/watch (lintian). * Standards-Version: 4.1.3. -- Robert Luberda Sun, 28 Jan 2018 23:32:37 +0100 p7zip (16.02+dfsg-4) unstable; urgency=medium * Fix a typo in p7zip script that prevented the `--keep' option from working completely (closes: #868238). * Bump debhelper's compat level to 10. * Standards-Version: 4.0.0. -- Robert Luberda Sat, 15 Jul 2017 07:46:41 +0200 p7zip (16.02+dfsg-3) unstable; urgency=medium * Remove `-pie' from hardening options (closes: #859442). -- Robert Luberda Mon, 10 Apr 2017 23:29:04 +0200 p7zip (16.02+dfsg-2) unstable; urgency=medium * Apply upstream patch to fix nullptr dereference (CVE-2016-9296) (closes: #844344). -- Robert Luberda Sat, 19 Nov 2016 08:52:29 +0100 p7zip (16.02+dfsg-1) unstable; urgency=low * New upstream version. * Remove no longer needed patches introduced in the previous upload. -- Robert Luberda Mon, 15 Aug 2016 12:52:33 +0200 p7zip (15.14.1+dfsg-2) unstable; urgency=high * Fix the heap buffer overflow in HFS handler (CVE-2016-2334) and out of bounds read in UDF handler (CVS-2016-2335) using patches from https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/ (closes: #824160). -- Robert Luberda Sun, 15 May 2016 11:35:38 +0200 p7zip (15.14.1+dfsg-1) unstable; urgency=low * New upstream version. * Add CPP/ANDROID/Lzham/obj/* that contains some pre-compiled object files to Files-Excluded in debian/copyright. * Remove no longer needed patches: CVE-2015-1038.patch, 06-s390.patch, 07-endian-detection.patch, 08-mips.patch, and refresh other patches. * Standards-Version: 3.9.8. -- Robert Luberda Sat, 16 Apr 2016 22:46:11 +0200 p7zip (15.09+dfsg-4) unstable; urgency=low * Upload to unstable. * Mention in README.Debian that p7zip-full is needed for 7z archives compressed with PPMD method (closes: #693509). * Replace `7z' with `7zr' in the short description of p7zip to make in consistent with the description of p7zip-full (closes: #636664). * Switch Vcs-Git to https, and Vcs-Browser to cgit. -- Robert Luberda Sun, 13 Mar 2016 09:54:38 +0100 p7zip (15.09+dfsg-3) experimental; urgency=low * Refactor and enhance the p7zip wrapper script: + update the p7zip script to the version from the contrib directory; + make it call either 7za or 7zr command, whichever one is available; + remove `if [ "$?" != 0 ]' statements, as they won't work with `set -e'; + use the standard error for reporting; + implement the --stdout, --force, --keep options (closes: #656340, LP: #220646, #259239) + update p7zip(1) man page to shortly describe new options and give more details about the script's behavior. * Make p7zip-full package depend on p7zip package to have the p7zip command available for the users of p7zip-full (LP: #1156460): + add necessary Depends, Breaks and Replaces; + convert /u/s/d/p7zip-full into a symlink to /u/s/d/p7zip; + install the html documentation into p7zip-full only and update 02-man.patch to mention that. * Add 09-man-update.patch in order to: + update man pages based on the current usage output of the commands; + remove references to the -p{Password} option from the 7zr(1), as the command does not support it (LP: #558609); + mention in 7z(1) that 7z might be slower than 7za (closes: #636667); + reword "the highest compression ratio" phrase to make it referring to the 7z format instead of the 7z programs (closes: #636179). * Reword the packages' descriptions and p7zip(1) man page similarly. * Do not install documentation from fm sub-directory (which describes Windows GUI not available in Debian); skip license.htm as well (to make lintian happy). * Add 10-drop-fm-doc.patch to remove from the html documentation references to files mentioned in the previous entry. Also strip in the documentation the .exe extension from 7z commands (LP: #181402). * No longer install ChangeLog.gz to changelog.gz symlink. * Replace duplicated style.css files with symlinks. * Register html documentation in the doc-base system. * Add 11-README-no-instructions.patch to remove build instructions from the README file. * Acknowledge the 9.20.1~dfsg.1-4.1 NMU (closes: #788734). * Close Ubuntu's 'newer version available' report (LP: #1414569). * Bump Standards-Version to 3.9.7. * Add lintian override for a spelling typo in a word used as a proper name. * Update README.Debian and add a NEWS entry for the dependency changes. -- Robert Luberda Sun, 06 Mar 2016 16:58:28 +0100 p7zip (15.09+dfsg-2) experimental; urgency=low * Hopefully fix FTBFS on various architectures: + add 07-endian-detection.patch to detect byte ordering via macros defined in . + add 08-mips.patch to rename a variable called `mips', as it clashed with a name of preprocessor macro defined on mips and mipsel. -- Robert Luberda Mon, 15 Feb 2016 22:53:55 +0100 p7zip (15.09+dfsg-1) experimental; urgency=low * New upstream version (closes: #778289, LP: #1414569). * Update patches for the new version: + remove most of 01-makefile.patch, especially remove the parts related to multiarch libwgtk2.8-dev, which is no longer used by this package; + fix grammar error (closes: #706005) and update location of html documentation in 02-man.patch; do the same for debian/p7zip*.docs + drop 04-no-strip-by-default.patch; patch empty OPTFLAGS in debian/rules instead; + replace CVE-2015-1038.patch with Fedora's version taken from their p7zip-15.09-10.fc24.src.rpm package; + add 06-s390.patch from Fedora to fix build on s390. * Update 03-include-linux-makefile.patch to include arch-specific makefile on amd64 (closes: #713964) and i386 archs. Both makefiles have compilation of assembler sources enabled, so add build dependency on yasm on those architectures. * Use DEP-5 format for debian/copyright, and add Files-Excluded header into it. * Update debian/watch to allow uscan to repack upstream tarballs. * Provide README.source with reasons of repacking (closes: #705595). -- Robert Luberda Sun, 14 Feb 2016 01:11:20 +0100 p7zip (9.20.1~dfsg.1-5) unstable; urgency=medium * Adopting package (closes: #812125). * Switch to the `3.0 (quilt)' source format. * Bump debhelper compatibility level to v9 and use minimised debian/rules. * Refresh patches with gbp pq import/export. Removed 03_respect-umask.diff as it was never applied. * Add 03-include-linux-makefile.patch to have makefile.machine include makefile.linux_any_cpu_gcc_4.X instead of playing with the makefiles in debian/rules. * Add 05-hardening-flags.patch to support $(CPPFLAGS) and not to override $(CXXFLAGS) and $(CFLAGS). This enables hardening builds (closes: #682167). * debian/control: + remove conflicts & replaces added in 4.39.dfsg.1-1 (10 years ago); + add Vcs-Git and Vcs-Browser fields; + bump Standards-Version to 3.9.6. -- Robert Luberda Sun, 31 Jan 2016 12:20:37 +0100 p7zip (9.20.1~dfsg.1-4.2) unstable; urgency=medium * Non-maintainer upload. * Delay creation of symlinks to prevent arbitrary file writes (CVE-2015-1038) (Closes: #774660) -- Ben Hutchings Sun, 31 May 2015 23:45:58 +0100 p7zip (9.20.1~dfsg.1-4.1) unstable; urgency=low * Non-maintainer upload. * Stop building unpackaged 7zG binary and eliminate dependency on libwxgtk2.8-dev. (Closes: #748639) -- Olly Betts Mon, 19 May 2014 17:39:26 +1200 p7zip (9.20.1~dfsg.1-4) unstable; urgency=low * Acknowledge NMU. Thanks to Gregor Herrmann. * debian/control: bump Standards-Version to 3.9.2. * debian/rules: add build-* targets. -- Mohammed Adnène Trojette Sun, 08 Jan 2012 14:17:13 +0100 p7zip (9.20.1~dfsg.1-3.1) unstable; urgency=low * Non-maintainer upload. * Fix "p7zip FTBFS with multiarch libwxgtk2.8-dev": fix from peter green: adjust 01_makefile.patch to the multiarched libwxgtk2.8-dev, and add appropriate build dependencies. (Closes: #652446) -- gregor herrmann Sat, 31 Dec 2011 16:09:00 +0100 p7zip (9.20.1~dfsg.1-3) unstable; urgency=low * debian/patches: + fix 7zr.1 and 7za.1 ambiguous sentence. (Closes: #636174) * debian/control: + fix p7zip-full's description - wrong reference to p7zip. (Closes: #636186) - capitalise Nautilus, uppercase GUI. (Closes: #636172) - missing comma. (Closes: #636178) + fix p7zip's description accordingly. -- Mohammed Adnène Trojette Wed, 03 Aug 2011 12:43:08 +0200 p7zip (9.20.1~dfsg.1-2) unstable; urgency=low * Upload to unstable. -- Mohammed Adnène Trojette Tue, 28 Jun 2011 17:05:01 +0200 p7zip (9.20.1~dfsg.1-1) experimental; urgency=low * New upstream release (Closes: #620619) * debian/control + bump Standards-Version to 3.9.1. + update and improve description. (Closes: #545871, #612770) * manpages + add supported formats. (Closes: #570427) -- Mohammed Adnène Trojette Fri, 01 Apr 2011 21:20:22 +0200 p7zip (9.04~dfsg.1-1) unstable; urgency=low * New upstream release. * Bump Standards-Version to 3.8.2. -- Mohammed Adnène Trojette Sat, 27 Jun 2009 16:20:41 +0200 p7zip (4.65~dfsg.1-1) unstable; urgency=low * New upstream release. * Remove wx2.8 Build-Depends added by mistakes (7zG is not yet intended to be built). * Use dh_clean without -k. -- Mohammed Adnène Trojette Sat, 14 Feb 2009 20:12:27 +0100 p7zip (4.61~dfsg.1-1) experimental; urgency=low * New upstream release: + use BCJ /BCJ2 filters for executables. (Closes: #506657) -- Mohammed Adnène Trojette Thu, 04 Dec 2008 23:34:59 +0100 p7zip (4.58~dfsg.1-1) unstable; urgency=low * New upstream release. * debian/control: + bump Standards-Version to 3.8.0. + bump build-dependency on debhelper 7. * debian/compat: set compatibility level to 7. * Don't use hyphen as a minus in man pages. -- Mohammed Adnène Trojette Sat, 21 Jun 2008 15:29:00 +0200 p7zip (4.57~dfsg.1-1) unstable; urgency=low * New upstream release. * debian/control: + add Homepage field. + bump Standards-Version to 3.7.3. + tighten description to tell about /usr/bin/p7zip. * debian/copyright converted to Unicode encoding. * debian/patches: + 03_fix_FTBFS_GNU-kFreeBSD.diff: removed, included upstream. + 02_man.patch: refreshed and fixed link to DOCS. (Closes: #452084) * Don't install /usr/share/p7zip/ which is empty. * Install 7zr to /usr/lib/p7zip and use a wrapper to call it so as to have -sfx option working. -- Mohammed Adnène Trojette Fri, 21 Dec 2007 16:41:17 +0100 p7zip (4.55~dfsg.1-2) unstable; urgency=low * Bump debhelper compatibility to 5. * Our Makefile is called makefile. (Closes: #442697) -- Mohammed Adnène Trojette Sun, 16 Sep 2007 23:19:51 +0200 p7zip (4.55~dfsg.1-1) unstable; urgency=low * New upstream release. -- Mohammed Adnène Trojette Fri, 14 Sep 2007 22:42:17 +0200 p7zip (4.53~dfsg.1-1) unstable; urgency=low * New upstream release -- Mohammed Adnène Trojette Tue, 11 Sep 2007 16:39:29 +0200 p7zip (4.51~dfsg.1-2) unstable; urgency=low * Our clean rule is clean, not distclean! * 04_no_strip_by_default.diff: don't strip binaries by default. (Closes: #437736) * Don't install License.txt. -- Mohammed Adnène Trojette Tue, 14 Aug 2007 22:35:09 +0200 p7zip (4.51~dfsg.1-1) unstable; urgency=low * New upstream release * Fix FTBFS on GNU/kFreeBSD (Closes: #430357) + patch courtesy from Petr Salinger. * Suggest p7zip-full instead of Recommend-ing it. (Closes: #435592) * Install 7za to /usr/lib/p7zip and use a wrapper to call it so as to have -sfx option working. (Closes: #435556) * Fix lintian warnings: + don't hide clean target errors. + don't install DOCS/License.txt. -- Mohammed Adnène Trojette Sat, 04 Aug 2007 21:27:22 +0200 p7zip (4.47~dfsg.1-1) unstable; urgency=low * New upstream version: + refresh patches. -- Mohammed Adnène Trojette Fri, 08 Jun 2007 10:33:32 +0200 p7zip (4.45~dfsg.1-2) unstable; urgency=low * Install 7zCon.sfx so enable SFX archives too. -- Mohammed Adnène Trojette Sat, 28 Apr 2007 01:31:22 +0200 p7zip (4.45~dfsg.1-1) unstable; urgency=low * New upstream version: + (new -b command to benchmark). + if -t is not specified, try to autodetect format using file extension. + all the Codecs are now linked in 7z.so and no more stored in Codecs/. * Add AES code license to debian/copyright. * Suggests: p7zip-rar. * Refresh 01_makefile.patch. * Update debian/rules with new makefile name. * p7zip-full.install: bin/Formats no longer exists. -- Mohammed Adnène Trojette Sat, 21 Apr 2007 23:00:15 +0200 p7zip (4.44~dfsg.1-2) unstable; urgency=low * Correct path to HTML documentation in manpage. (Closes: #411491) * 03_respect-umask.diff: + new patch from Joshua Rodman + not applied currently + don't always create world-writable directories. (Ref: #413829) -- Mohammed Adnène Trojette Tue, 10 Apr 2007 00:28:08 +0200 p7zip (4.44~dfsg.1-1) experimental; urgency=low * New upstream version. * Refresh patches and escape hyphens in manpages. -- Mohammed Adnène Trojette Sat, 27 Jan 2007 01:30:00 +0100 p7zip (4.43~dfsg.1-2) unstable; urgency=low * Improve description wording. (Closes: #391066, #404081, #404092) * Correct manpages: 02_man.patch and debian/p7zip.1 + replace {DEST_SHARE_DOC} with /usr/share/doc/p7zip. (Closes: #404096) + improve "SEE ALSO" section by adding references to other tools and by ordering them alphabetically (Closes: #403968) + correct title and NAME. (Closes: #404095) -- Mohammed Adnène Trojette Tue, 26 Dec 2006 20:13:19 +0100 p7zip (4.43~dfsg.1-1) unstable; urgency=low * New upstream release. * Refresh debian/patches. -- Mohammed Adnène Trojette Mon, 25 Sep 2006 00:14:37 +0200 p7zip (4.42.dfsg.1-3) unstable; urgency=low * Include improvements to Robert Millan's wrapper script. (Closes: #379397) * Correct watch file to use . -- Mohammed Adnène Trojette Tue, 19 Sep 2006 02:15:01 +0200 p7zip (4.42.dfsg.1-2) unstable; urgency=low * Backup makefile.machine before replacing it and restore it after build. * Put ${file} between quotes for the case the filename contains spaces. * Pop all patches first in clean target so that it does not fail. Thanks Ingo Saitz for pointing these. -- Mohammed Adnène Trojette Thu, 29 Jun 2006 00:01:56 +0200 p7zip (4.42.dfsg.1-1) unstable; urgency=low * New upstream version (Closes: #369284) * Switch to quilt patch management + changes to debian/rules + build-depend on quilt * debian/script/p7zip: correct typo on file extension * [asac@debian.org] - removed version from Recommends of p7zip-full -- Mohammed Adnène Trojette Sun, 4 Jun 2006 10:43:06 +0200 p7zip (4.39.dfsg.1-3) unstable; urgency=low * debian/rules: 7z is in /usr/lib/p7zip, not /usr/lib/p7zip-full. -- Mohammed Adnène Trojette Mon, 29 May 2006 18:29:25 +0200 p7zip (4.39.dfsg.1-2) unstable; urgency=low * Bump Standards-Version to 3.7.2 (no changes needed) * Remove link to p7zip-rar from debian/p7zip.1 -- Mohammed Adnène Trojette Mon, 1 May 2006 02:34:52 +0200 p7zip (4.39.dfsg.1-1) unstable; urgency=low * New upstream release - introduces 7zr, a light version of 7za * debian/control: - now p7zip only provides 7zr (Closes: #343513) - p7zip recommends p7zip-full, much more similar to the old p7zip - p7zip-full conflicts and replaces old p7zip versions * debian/patches: - 01_makefile.dpatch: removed from diff.gz; remove non-free targets like Rar2.9 - 02_man.dpatch: removed from diff.gz; adds 7zr.1 and other corrections * debian/copyright: correct copyright according to d-d-a suggestions * debian/rules: - move all dh_installed stuff to debian/p7zip{,-full}.install -- Mohammed Adnène Trojette Tue, 11 Apr 2006 14:50:16 +0200 p7zip (4.33.dfsg-1) unstable; urgency=low * New upstream release * Move p7zip from /usr/share to /usr/bin - modify debian/install - write debian/p7zip.1 * debian/README.Debian: document directory exclusion * patches/01_add_help_switch: 7z --help works now (Closes: #353235) -- Mohammed Adnène Trojette Fri, 10 Feb 2006 20:54:59 +0100 p7zip (4.30.dfsg-1) unstable; urgency=low * New upstream release -- Mohammed Adnène Trojette Sun, 27 Nov 2005 12:44:34 +0100 p7zip (4.29.dfsg-3) unstable; urgency=low * Drop p7zip-rar suggestion - debian/control * Add a link to a p7zip-rar package not in Debian - debian/README.Debian - 7z.1 manpage -- Mohammed Adnène Trojette Sun, 20 Nov 2005 10:53:52 +0100 p7zip (4.29.dfsg-2) unstable; urgency=low * Precise the use of -so switch in manual pages and -h output (Closes: #323932) * Add a gzip-like CLI wrapper script to /usr/share/p7zip thanks to Robert Millan (Closes: #334106) -- Mohammed Adnène Trojette Mon, 17 Oct 2005 13:06:26 +0000 p7zip (4.29.dfsg-1) unstable; urgency=low * New upstream release -- Mohammed Adnène Trojette Sat, 8 Oct 2005 00:18:00 +0200 p7zip (4.27.dfsg-1) unstable; urgency=low * New upstream release (Closes: #330828) - "echo foo | 7z a dummy -si -so" no more segfaults but causes an error (Closes: #324449) * In -w[path], path is optionnal. - corrected manual pages (Closes: #325736) - corrected --help output * Add a link in manual pages to a list of methods (Closes: #325737) * Correct FSF address -- Mohammed Adnène Trojette Fri, 30 Sep 2005 10:29:42 +0000 p7zip (4.20-2) unstable; urgency=low * Bump Standards-Version to 3.6.2 * Recompile against new gcc and g++ versions * Included patch for GNU/kFreeBSD provided by Robert Millan [applied by asac@debian.org] (Closes: 322195) -- Mohammed Adnène Trojette Thu, 11 Aug 2005 01:45:00 +0200 p7zip (4.20-1) unstable; urgency=low * New upstream release - compile with -fPIC flag * Update to manpages and -h output (Closes: #311993) -- Mohammed Adnène Trojette Tue, 7 Jun 2005 23:01:29 +0200 p7zip (4.18-2) unstable; urgency=low * debian/rules: compile p7zip with -fPIC. Closes: #309734 -- Mohammed Adnène Trojette Wed, 18 May 2005 12:08:00 +0200 p7zip (4.18-1) unstable; urgency=low * First upload to unstable: - many thanks to my sponsor Alexander Sack (asac@debian.org) * New upstream release. Closes: #306912 - fixes some symlinks issues (Closes: #295643) - preserve unix file attributes (Closes: #297329) - libs are no more called dll but so * debian/7z*.1: removed to use upstream manpages * debian/rules: Call 7z with exec * debian/README.Debian: update due to upstream changes -- Mohammed Adnène Trojette Fri, 12 May 2005 23:46:00 +0200 p7zip (4.14.01-1) experimental; urgency=low * New upstream release. Closes: #293788 -- Mohammed Adnène Trojette Sat, 5 Feb 2005 22:22:22 +0200 p7zip (4.14-2) experimental; urgency=low * Corrected copyright * debian/rules : corrected shell script in /usr/bin. Closes: #292321 -- Mohammed Adnène Trojette Sun, 23 Jan 2005 21:44:35 +0200 p7zip (4.14-1) experimental; urgency=low * New upstream release -- Mohammed Adnène Trojette Fri, 1 Jan 2005 21:23:35 +0200 p7zip (4.13-2) experimental; urgency=low * Codecs are back to their initial dll name. Closes: #286673, Closes: #290613 -- Mohammed Adnène Trojette Tue, 21 Dec 2004 21:18:45 +0200 p7zip (4.13-1) experimental; urgency=low * New upstream release -- Mohammed Adnène Trojette Thu, 16 Dec 2004 21:18:45 +0200 p7zip (4.12-2) experimental; urgency=low * Now, 7z and its codecs are also compiled (7za 7z, zip, gzip, bzip2 and tar formats) * Added some docs (Manual in html) * Added a mention to LZMA compression algorithm. Closes: #284703 -- Mohammed Adnène Trojette Thu, 12 Dec 2004 14:22:54 +0200 p7zip (4.12-1) experimental; urgency=low * New upstream release * At last, p7zip is in Debian. Closes: #265329 -- Mohammed Adnène Trojette Thu, 18 Nov 2004 23:29:54 +0200 p7zip (4.10-1) experimental; urgency=low * New upstream release * Now both big and little endian computers are supported -- Mohammed Adnène Trojette Sat, 30 Oct 2004 21:14:50 +0200 p7zip (0.90-1) unstable; urgency=low * Initial Release. -- Mohammed Adnène Trojette Sun, 15 Aug 2004 20:49:27 +0200