Bug#945831: RFS: libonig/6.9.4-1 --
Hi!
On Fri, Nov 29, 2019 at 02:16:34PM +0100, Jörg Frings-Fürst wrote:
> Package name : libonig
> Version : 6.9.4-1
> Changes since the last upload:
>
> * Neu upstream release.
> - Refresh symbols file and add Build-Depends-Package field.
> - Remove upstream applied patches:
> + 0105-CVE-2019-13224.patch
> + 0110-CVE-2019-13225.patch
> - Refresh debain/copyright.
> - Fixes CVE-2019-19204: heap-buffer-overflow in fetch_interval_quantifier
> due to double PFETCH (Closes: #945313).
> - Fixes CVE-2019-19203: heap-buffer-overflow in gb18030_mbc_enc_len
> (Closes: #945312).
> - Fixes CVE-2019-19012: Out of bounds read in mbc_to_code()
> (Closes: #944959).
> - Fixes CVE-2019-16163: Stack Exhaustion Problem (Closes: #939988).
> - Fixes CVE-2019-19246: heap-based buffer over-read in str_lower_case_match.
> * debian/watch:_Correct typo.
> * Declare compliance with Debian Policy 4.4.1.1 (No changes needed).
> * Switch to debhelper-compat:
> - debian/control: change to debhelper-compat (=12)
> - remove debian/compat
> * debian/control:
> - Add Rules-Requires-Root: binary-targets.
Is there a reason for binary-targets? None of the binary packages ship any
files with non-standard owner, and I don't see anything else that would
require fakeroot. Also, I've tried building the package with R³: no, and it
seems to build ok. Am I missing something?
Meow!
--
⢀⣴⠾⠻⢶⣦⠀ A MAP07 (Dead Simple) raspberry tincture recipe: 0.5l 95% alcohol,
⣾⠁⢠⠒⠀⣿⡁ 1kg raspberries, 0.4kg sugar; put into a big jar for 1 month.
⢿⡄⠘⠷⠚⠋⠀ Filter out and throw away the fruits (can dump them into a cake,
⠈⠳⣄⠀⠀⠀⠀ etc), let the drink age at least 3-6 months.
Reply to: