freeimage (3.15.1-1.1+deb7u1) wheezy-security; urgency=high

  * CVE-2016-5684: Fix out-of-bounds write vulnerability in the XMP image
    handling functionality; a specially crafted XMP file can cause an arbitrary
    memory overwrite resulting in code execution. (Closes: #839827)

 -- Chris Lamb <lamby@debian.org>  Thu, 06 Oct 2016 11:56:04 +0100

freeimage (3.15.1-1.1) wheezy-security; urgency=high

  * Non-maintainer upload.
  * Fix integer overflow CVE-2015-0852. (Closes: #797165)

 -- Anton Gladky <gladk@debian.org>  Thu, 29 Oct 2015 22:33:32 +0100

freeimage (3.15.1-1) unstable; urgency=low

  [ Evan Broder ]
  * QA upload.
  * New upstream release (closes: 649541, LP: #898825, #898845)
    - Refreshed patches.
      + Abuse dh-autoreconf to generate Makefile.srcs and fipMakefile.srcs
        patches at build time
    - Update debian/freeimage-get-orig-source for the new version.
    - Add new build-dep libraw-dev.
    - Update patch to disable embedded libraries to deal with API changes
      in libpng, libmng, and libraw.
    - Make sure we install symlinks for libfreeimageplus.
    - Use (upstream-supported) CFLAGS instead of COMPILERFLAGS.
  * Switch to source format 3.0 (quilt)
  * Switch to dh(1) and debhelper compat 8
  * Add missing misc:Depends.
  * Include the upstream changelog.
  * Update Debian standards version (no other changes needed).

  [ Stefano Rivera ]
  * Dropped README.source.
  * Updated freeimage (3.9.5) fixes CVE-2011-1167, CVE-2011-0192,
    CVE-2010-2595
  * Override lintian's embedded-library error for libtiff. It wasn't
    extricable.

 -- Evan Broder <evan@ebroder.net>  Tue, 06 Dec 2011 14:31:21 +0200

freeimage (3.10.0-4) unstable; urgency=low

  * Fix copy-pasto in tif_config.h.

 -- Julien Cristau <jcristau@debian.org>  Fri, 29 Oct 2010 22:39:26 +0200

freeimage (3.10.0-3) unstable; urgency=low

  * Don't use embedded copies of various libraries, add build-deps on their
    packaged versions (closes: #595560):
    - libjpeg 6b
    - libmng 1.0.9
    - libopenjpeg 1.2.0
    - libpng 1.2.23
      + CVE-2010-2249, CVE-2010-1205, CVE-2010-0205, CVE-2009-2042,
        CVE-2008-6218, CVE-2008-5907, CVE-2009-0040, CVE-2008-3964,
        CVE-2008-1382
    - openexr 1.6.1
      + CVE-2009-1720, CVE-2009-1721
    - zlib 1.2.3
  * The embedded libtiff copy is still used, because freeimage uses its
    internals and I couldn't figure out how to unentangle this.  Update the
    tiff copy to 3.9.4-5, though:
    CVE-2010-3087, CVE-2010-2483, CVE-2010-2482, CVE-2010-2481, CVE-2010-2443,
    CVE-2010-2233, CVE-2010-2067, CVE-2010-2065, CVE-2010-1411, CVE-2009-2347,
    CVE-2008-2327.
  * Add tiff copyright and license to debian/copyright (closes: #601002)
  * Link with -lm (closes: #558857).
  * Try to avoid arch-specific values in our copy of tif_config.h and
    tiffconf.h (closes: #601762)
  * Set LFS CFLAGS in Makefile.gnu.
  * Orphan package (closes: #595559).

 -- Julien Cristau <jcristau@debian.org>  Fri, 29 Oct 2010 14:46:46 +0200

freeimage (3.10.0-2) unstable; urgency=low

  * Fixed typo in short description of libfreeimage3-dbg.
    (Closes: #518647)
  * Adjusted patched to not need -p0 (Closes: #485251).
  * Made package priority optional.
  * Moved libfreeimage3-dbg package into debug section. 
  * Added debian/README.source.
  * Added watch file.
  * Added myself to Uploaders.
  * Updated Standards-Version.

 -- Michael Koch <konqueror@gmx.de>  Tue, 15 Sep 2009 20:12:53 +0200

freeimage (3.10.0-1) unstable; urgency=low

  * New upstream release. Closes: #471242
  * Added extra freeimage documentation in orig tarball.
  * Added get-orig-source target.
  * Added Homepage field in control file.
  * Removing some unnecessary stuff from rules file.
  * Adding some necessary build dependencies.
  * Adding some modifications to allow for configuring various compiler flags.
  * Fix FTBFS on amd64.
  * Adding debug package.
  * Added DM-Upload-Allowed: yes field.
  * Added Vcs entries.

 -- Andres Mejia <mcitadel@gmail.com>  Thu, 15 May 2008 03:18:00 -0400

freeimage (3.9.3-3) unstable; urgency=low

  * Removed the file FreeImage393.pdf for which sources are apparently
    not available.
  * Added copyright ownner to copyright file.

 -- Federico Di Gregorio <fog@debian.org>  Mon, 07 May 2007 15:35:21 +0200

freeimage (3.9.3-2) unstable; urgency=low

  * Now also build FreeImagePlus.
  * Changed C++ to C/C++ in debian/control.

 -- Federico Di Gregorio <fog@debian.org>  Sun, 22 Apr 2007 21:59:14 +0200

freeimage (3.9.3-1) unstable; urgency=low

  * Initial release (Closes: #419696)

 -- Federico Di Gregorio <fog@debian.org>  Sat, 21 Apr 2007 09:36:44 +0200

