unzip (5.50-1woody6) oldstable-security; urgency=medium

  * Changed some format strings to use 512 characters at most, as in 5.52-7.
  * Changed also insecure use of strcpy in unix/unix.c, as in upstream 5.52.
  * The above should fix CVE-2005-4667.

 -- Santiago Vila <sanvila@debian.org>  Thu, 16 Mar 2006 17:13:34 +0100

unzip (5.50-1woody5) oldstable-security; urgency=medium

  * Fixed CAN-2005-2475 again. Unpacking of symlinks was broken.
    Patch backported from 5.52-6.

 -- Santiago Vila <sanvila@debian.org>  Wed, 21 Dec 2005 19:54:22 +0100

unzip (5.50-1woody4) oldstable-security; urgency=low

  * Fixed CAN-2005-2475 again. Patch backported from 5.52-5.
  * Changed unzip banner line. This is a modified release.

 -- Santiago Vila <sanvila@debian.org>  Thu, 17 Nov 2005 18:52:22 +0100

unzip (5.50-1woody3) oldstable-security; urgency=medium

  * Fixed toctou vulnerability, CAN-2005-2475.

 -- Santiago Vila <sanvila@debian.org>  Wed,  9 Nov 2005 22:43:40 +0100

unzip (5.50-1woody2) stable-security; urgency=high

  * Fixed "unzip directory traversal revisited" again (Closes: #206439).
    There was still a missing case that the previous patch didn't catch.
    Patch borrowed from unzip-5.50-33.src.rpm.
  * For reference, this is (still) CAN-2003-0282.

 -- Santiago Vila <sanvila@debian.org>  Wed, 20 Aug 2003 22:17:42 +0200

unzip (5.50-1woody1) stable-security; urgency=high

  * Fixed "unzip directory traversal revisited" problem (Closes: #199648).
    A filename containing ".somenonprintablechar." will not unpack
    into .. anymore. Patch borrowed from unzip-5.50-11.src.rpm.
    (CAN-2003-0282)

 -- Santiago Vila <sanvila@debian.org>  Mon,  7 Jul 2003 19:49:08 +0200

unzip (5.50-1) unstable; urgency=low

  * New upstream release.
  * Moved from non-US/main to main. Section: utils.

 -- Santiago Vila <sanvila@debian.org>  Sun, 24 Mar 2002 15:54:12 +0100

unzip (5.42-3) unstable; urgency=low

  * Added support for DEB_BUILD_OPTIONS.

 -- Santiago Vila <sanvila@debian.org>  Sun, 11 Nov 2001 16:25:00 +0100

unzip (5.42-2) unstable; urgency=low

  * Applied a patch from Marcus Brinkmann:
  - Closes: #99699: unzip does not build on the Hurd.
  - Modified debian/rules to support cross-compilation.

 -- Santiago Vila <sanvila@debian.org>  Wed,  6 Jun 2001 16:40:14 +0200

unzip (5.42-1) unstable; urgency=low

  * New upstream release.
  * Changed to Section: non-US.
  * Removed "packaged for Debian" from extended description.

 -- Santiago Vila <sanvila@debian.org>  Thu, 10 May 2001 16:47:41 +0200

unzip (5.41-1) unstable; urgency=low

  * New upstream release, featuring a new BSD-like license and built-in
    encryption support. Moved to non-US/main.
  * Copyright file now generated from LICENSE file.
  * Versioned Conflicts and Replaces.
  * Standards-Version: 3.1.1

 -- Santiago Vila <sanvila@debian.org>  Fri, 18 Aug 2000 19:03:59 +0200

unzip (5.40-1) unstable; urgency=low

  * New upstream release.
  * Removed `email-from-greg'.
  * Fixed URL location in copyright file.
  * Enabled -F option, as suggested by James Aylett.

 -- Santiago Vila <sanvila@ctv.es>  Fri, 22 Oct 1999 10:30:49 +0200

unzip (5.32-1) unstable; urgency=low

  * New upstream release, using pristine source.

 -- Santiago Vila <sanvila@ctv.es>  Tue,  4 Nov 1997 14:19:20 +0100

unzip (5.31-2) unstable; urgency=low

  * Removed debstd dependency.

 -- Santiago Vila <sanvila@ctv.es>  Fri, 17 Oct 1997 17:22:22 +0200

unzip (5.31-1) unstable; urgency=low

  * `copyright' file is generated from COPYING automatically.
  * Distribution unstable, Section non-free.
  * Conflicts and Replaces "unzip-crypt".
  * New upstream release.
  * First libc6 release.
  * Added md5sums.

 -- Santiago Vila <sanvila@ctv.es>  Fri, 12 Sep 1997 19:16:59 +0200

unzip (5.20-3) unstable; urgency=low

  * Changed priority from `extra' to `optional'.
  * Changed section from `misc' to `utils'.
  * Simplified debian/rules a little bit. No debstd yet.
  * Copied `History.520' as is. Added the symlink changelog -> History.520.
  * Added ToDo and BUGS to /usr/doc/unzip.
  * New maintainer.

 -- Santiago Vila <sanvila@ctv.es>  Sun, 16 Feb 1997 19:29:13 +0100

unzip (5.20-2) unstable; urgency=low

  * zipgrep manpage is now installed through the unix/Makefile
  * permissions guaranteed to be set properly for the zipgrep script
    (did not work for those who compiled from the straight sources.)
  * removed several superfluous commands from debian/rules.
  * All changes this revision are courtesy of Santiago Vila.

 -- Stuart Lamble <lamble@yoyo.cc.monash.edu.au>  Wed, 8 Jan 1997 18:48:00 +1100

unzip (5.20-1) unstable; urgency=low

  * new upstream version
  * modified the copyright to include 5.2's COPYING, just in case it's changed.
  * minor modifications to debian/rules
  * added zipgrep (from the zip package).

 -- Stuart Lamble <lamble@yoyo.cc.monash.edu.au>  Wed, 13 Nov 1996 19:35:24 +1100

unzip (5.12-15) unstable; urgency=low

  * received email from the upstream maintainers: unzip can now go into
    the distribution proper. Yippee! :-)
  * added the email in question to the copyright file.

 -- Stuart Lamble <lamble@yoyo.cc.monash.edu.au>  Sat, 19 Oct 1996 18:34:21 +1000

unzip (5.12-14) non-free; urgency=low

  * moved to the 2.1.1.0 source format
  * fixed a typo in the Maintainer field (missing the ">". Oops.)

 -- Stuart Lamble <lamble@yoyo.cc.monash.edu.au>  Sun, 1 Sep 1996 07:36:16 +1000

unzip (5.12-13) non-free; urgency=low

  * new maintainer
  * mods to make the "binary" rule portable to different platforms
  * uses dpkg-name rather than manual moving

 -- Stuart Lamble <lamble@yoyo.cc.monash.edu.au>  Tue, 30 Jul 1996 00:00:00 +0000

unzip (5.12-12) non-free; urgency=low

  * initial release (used 2 to avoid confusion with old unzip)

 -- Carl Streeter <streeter@cae.wisc.edu>  Tue, 5 Sep 1995 00:00:00 +0000

Local variables:
mode: debian-changelog
End: