flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
    EPUB file
    - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
      opf items in GetRelativePathToNcx()
    - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
      opf items in GetRelativePathsToXhtmlDocuments()
    - CVE-2019-13032
  * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
    - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
      always be safe
    - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
      exception
    - CVE-2019-13241
  * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
    - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
      library by checking for EOF
    - CVE-2019-13453

 -- Mike Salvatore <mike.salvatore@canonical.com>  Mon, 01 Jul 2019 15:30:43 -0400

flightcrew (0.7.2+dfsg-6) unstable; urgency=medium

  * [7ccf0ab] debian/patches/reproducible-build: also sort the sources of
    xerces before compiling/linking them.

 -- Mattia Rizzolo <mattia@debian.org>  Tue, 08 Dec 2015 09:35:22 +0000

flightcrew (0.7.2+dfsg-5) unstable; urgency=medium

  * [fb787bf] debian/patches/reproducible-build: also sort the sources of
    zipios before compiling/linking them.

 -- Mattia Rizzolo <mattia@debian.org>  Mon, 07 Dec 2015 18:06:12 +0000

flightcrew (0.7.2+dfsg-4) unstable; urgency=medium

  * [2f174b8] debian/patches/reproducible-build: also sort the sources of
    flightcrew-gui before compiling/linking them.

 -- Mattia Rizzolo <mattia@debian.org>  Sun, 06 Dec 2015 19:42:33 +0000

flightcrew (0.7.2+dfsg-3) unstable; urgency=medium

  * [fba6efa] debian/{control,copyright}: use my @debian.org email address.
  * [c33d445] debian/patch/reproducible-build: add to make the build
    reproducible independent from readdir() order.

 -- Mattia Rizzolo <mattia@debian.org>  Sun, 06 Dec 2015 00:05:50 +0000

flightcrew (0.7.2+dfsg-2) unstable; urgency=medium

  * [56f6b9c] debian/rules: enable parallel building
  * [89b9213] libflightcrew0 → libflightcrew0v5 for the libstdc++6 transition

 -- Mattia Rizzolo <mattia@mapreri.org>  Sat, 29 Aug 2015 17:15:30 +0000

flightcrew (0.7.2+dfsg-1) experimental; urgency=low

  [ Don Armstrong ]
  * Initial packaging (closes: #602781)

 -- Mattia Rizzolo <mattia@mapreri.org>  Thu, 12 Feb 2015 18:11:30 +0100
