gpac (0.5.0+svn5324~dfsg1-1+deb8u5) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Security Team.
  * CVE-2019-20161: heap-based buffer overflow in the function
    ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
  * CVE-2019-20162: heap-based buffer overflow in the function
    gf_isom_box_parse_ex() in isomedia/box_funcs.c.
  * CVE-2019-20163: NULL pointer dereference in the function
    gf_odf_avc_cfg_write_bs() in odf/descriptors.c.
  * CVE-2019-20165: NULL pointer dereference in the function
    ilst_item_Read() in isomedia/box_code_apple.c.
  * CVE-2019-20170: invalid pointer dereference in the function
    GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c.
  * CVE-2019-20171: memory leaks in metx_New in
    isomedia/box_code_base.c and abst_Read in
    isomedia/box_code_adobe.c.
  * CVE-2019-20208: dimC_Read in isomedia/box_code_3gpp.c in GPAC
    0.8.0 has a stack-based buffer overflow.
  * CVE-2019-20168: use-after-free in the function
    gf_isom_box_dump_ex() in isomedia/box_funcs.c.
  * CVE-2019-20169: use-after-free in the function trak_Read() in
    isomedia/box_code_base.c.

 -- Sylvain Beucler <beuc@debian.org>  Mon, 20 Jan 2020 13:17:16 +0100

gpac (0.5.0+svn5324~dfsg1-1+deb8u4) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2019-12481, CVE-2019-12482
    NULL pointer dereferences
  * CVE-2019-12483
    heap-based buffer overflow

 -- Thorsten Alteholz <debian@alteholz.de>  Sun, 30 Jun 2019 19:17:06 +0200

gpac (0.5.0+svn5324~dfsg1-1+deb8u3) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2019-11221
    Fix buffer overflow issue when using vsprintf().
  * CVE-2019-11222
    Fix buffer overflow when using the crypt feature with a crafted file.

 -- Thorsten Alteholz <debian@alteholz.de>  Thu, 25 Apr 2019 19:17:06 +0200

gpac (0.5.0+svn5324~dfsg1-1+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2018-20763, CVE-2018-20762, CVE-2018-20761
    CVE-2018-20760, CVE-2018-7752
    Several buffer overflows have been detected in different functions.

 -- Thorsten Alteholz <debian@alteholz.de>  Wed, 27 Feb 2019 19:17:06 +0100

gpac (0.5.0+svn5324~dfsg1-1+deb8u1) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2018-13005: Buffer over-read in urn_Read in isomedia/box_code_base.c
  * Fix CVE-2018-13006: Buffer over-read in hdlr_dump in isomedia/box_dump.c

 -- Brian May <bam@debian.org>  Tue, 17 Jul 2018 17:21:06 +1000

gpac (0.5.0+svn5324~dfsg1-1) unstable; urgency=medium

  * New upstream snapshot.
  * Refresh patches.
  * debian/copyright:
    - Improve copyright and licensing information on src/utils/unicode.c.
      Thanks to bastien ROUCARIES for pointing this out. (Closes: #754732)
    - Update debian/* copyright holders's information.
    - Mention debian/copyright in debian/source/lintian-overrides to
      avoid lintian's license-problem-non-free-RFC error.

 -- Alessio Treglia <alessio@debian.org>  Thu, 31 Jul 2014 14:13:58 +0100

gpac (0.5.0+svn5294~dfsg1-1) unstable; urgency=low

  * New upstream snapshot.
  * Refresh patches.

 -- Alessio Treglia <alessio@debian.org>  Tue, 08 Jul 2014 13:04:26 +0100

gpac (0.5.0+svn5194~dfsg1-4) unstable; urgency=low

  * Drop build-dep on libxmlrpc-c3-dev.

 -- Alessio Treglia <alessio@debian.org>  Mon, 07 Jul 2014 16:41:09 +0100

gpac (0.5.0+svn5194~dfsg1-3) unstable; urgency=low

  * Removed Andres Meja from Uploaders list. Thanks Andres for your
    contributions on the gpac package. Closes: 743529
  * Removed unused BD on libwxgtk2.8-dev. Thanks to Olly Betts
    <olly@survex.com> for pointing this out. Closes: #748715
  
 -- Reinhard Tartler <siretart@tauware.de>  Thu, 29 May 2014 19:57:10 -0400

gpac (0.5.0+svn5194~dfsg1-2) unstable; urgency=low

  * Upload to unstable

 -- Reinhard Tartler <siretart@tauware.de>  Sun, 11 May 2014 19:00:36 -0400

gpac (0.5.0+svn5194~dfsg1-1) experimental; urgency=low

  * New upstream version 0.5.0+svn5194~dfsg:
    - now decodes 10bit HEVC video
  * Add patch to export gf_isom_set_pixel_aspect_ratio. This allows x264
    to link dynamically against libgpac.so.3
  * Refresh patches
  * Upload to unstable

 -- Reinhard Tartler <siretart@tauware.de>  Sun, 06 Apr 2014 12:11:08 -0400

gpac (0.5.0+svn5104~dfsg1-1) experimental; urgency=low

  * New  upstream version 0.5.0+svn5104~dfsg1:
    - src/utils/sha1.c is relicensed under LGPLv2.1, Closes: #730759
  * Don't install modules in multi-arch directories, Closes: #730497
  * Add libusb-1.0.0-dev headers because libfreenect requires this
  * Fix install rule
  * Follow upstream soname bump
    - Drop the symbols file for now until it has been revised thourougly
  * Let binaries produce the correct svn revision
  * Refresh patches
  * Patch and build against libav10, Closes: #739321
  * Bump standards version, no changes necessary

 -- Reinhard Tartler <siretart@tauware.de>  Sat, 22 Feb 2014 18:15:00 +0000

gpac (0.5.0+svn4288~dfsg1-4) unstable; urgency=low

  * Compile with libfreenect support.

 -- Alessio Treglia <alessio@debian.org>  Sun, 06 Oct 2013 21:53:29 +0100

gpac (0.5.0+svn4288~dfsg1-3) unstable; urgency=low

  * Do not fail if dh_auto_clean returns some value different
    from 0. (Closes: #725541)

 -- Alessio Treglia <alessio@debian.org>  Sun, 06 Oct 2013 21:43:12 +0100

gpac (0.5.0+svn4288~dfsg1-2) unstable; urgency=low

  * Upload to unstable

 -- Reinhard Tartler <siretart@tauware.de>  Thu, 15 Aug 2013 18:05:38 +0200

gpac (0.5.0+svn4288~dfsg1-1) experimental; urgency=low

  [ Alessio Treglia ]
  * New upstream snapshot.
  * Refresh patches.
  * Update symbols.
  * Fix Homepage URL. (Closes: #688063)
  * Set get-orig-source back to retrieve sources from SVN.
  * Strip libav stuff out of the tarball, bump DFSG versioning.
  * Don't remove include/gpac/version.h
  * Overwriting include/gpac/version.h is no longer needed as
    buildsystem works now. Upstream's buildsystem has been fixed
    so there is no need to overwrite include/gpac/version.h anymore.
  * Bump Standards.

  [ Reinhard Tartler ]
  * Build against libav 9.

 -- Alessio Treglia <alessio@debian.org>  Wed, 30 Jan 2013 14:41:46 +0000

gpac (0.5.0~dfsg0-1) unstable; urgency=low

  * New stable release.
  * debian/{rules,watch}:
    - Download new stable releases from upstream's website.
  * Refresh patches.

 -- Alessio Treglia <alessio@debian.org>  Sun, 27 May 2012 11:25:44 +0200

gpac (0.4.5+svn4035~dfsg0-1) unstable; urgency=low

  * New upstream snapshot.
  * Small improvements to debian/watch.
  * debian/copyright: Group files by License, try to better organize
    stanzas.

 -- Alessio Treglia <alessio@debian.org>  Tue, 15 May 2012 19:37:01 +0200

gpac (0.4.5+svn4019~dfsg0-3) unstable; urgency=low

  * Move the header <gpac/configuration.h> into the multiarch
    path. (Closes: #669999)

 -- Alessio Treglia <alessio@debian.org>  Mon, 23 Apr 2012 10:10:10 +0200

gpac (0.4.5+svn4019~dfsg0-2) unstable; urgency=low

  * Upload to unstable.
  * Blacklist gf_dvb_get_freq_from_url on non-Linux architectures.

 -- Alessio Treglia <alessio@debian.org>  Fri, 20 Apr 2012 15:11:23 +0200

gpac (0.4.5+svn4019~dfsg0-1) experimental; urgency=low

  * New upstream snapshot.
  * Add symbols file, ABI should be stable now.

 -- Alessio Treglia <alessio@debian.org>  Fri, 20 Apr 2012 12:36:11 +0200

gpac (0.4.5+svn4002~dfsg0-1) experimental; urgency=low

  * Merge with upstream snapshot svn4002.
  * Bump SONAME.

 -- Alessio Treglia <alessio@debian.org>  Fri, 06 Apr 2012 11:00:34 +0200

gpac (0.4.5+svn3950~dfsg0-1) experimental; urgency=low

  * Merge new upstream snapshot.
  * Update repackaging:
    - Include modules/widgetman/*, which are now dual-licensed.
    - Strip more unneeded code.
  * Drop {dfsg,soname-fix}.patch patches, not needed anymore.
  * Refresh patches.
  * Correct team's name.
  * Update debian/copyright.
  * Bump debhelper requirement.
  * Bump Standards.

 -- Alessio Treglia <alessio@debian.org>  Tue, 06 Mar 2012 23:52:07 +0100

gpac (0.4.5+svn3912~dfsg1-1) experimental; urgency=low

  * Merge upstream latest nightly build.
  * Refresh patches.

 -- Alessio Treglia <alessio@debian.org>  Sat, 11 Feb 2012 18:46:42 +0100

gpac (0.4.5+svn3462~dfsg0-1) unstable; urgency=low

  * Merge upstream SVN snapshot svn3462:
    - DASH: SPTS don't need '-dash-ts-prog' option (+doc added)
    - support in the player for BaseURL as source as specified in
      latest draft and generated by MP4Box
    - Fixed bug in edit list rewrite when concatenating
    - Added simple osd module for perf monitoring (cpu/mem/fps)
    - Fixed some crashes when destroying objects/services before their
      creation is completed (stress mode)
    - Fixed event firing for secondary scenes and
      exported createVRMLfromString
    - Only notify fractionChanged when it actually changes
    - Commented full AAC file scan for duration
    - Made DX module store its YUV config (speeds up startup)
    - Added option to avoid unloading modules
    - use gf_esd_get_textual_description() instead of (incomplete) switches
    - Fixed UPnP detection and removed extension loading
  * Drop xulrunner-dev, gpac doesn't build against it.
  * Revise repackaging and debian/rules' get-orig-source target.
  * Refresh patches.
  * Configure with --enable-debug.
  * Add -O2 to CFLAGS, use -O0 when optimizations are disabled.
  * Implement DEB_BUILD_OPTIONS' noopt flag.
  * Install modules in multiarch path.
  * Split gpac and install modules into new gpac-modules-base package.
  * Add -DBG packages.

 -- Alessio Treglia <alessio@debian.org>  Sat, 11 Feb 2012 17:35:15 +0100

gpac (0.4.5+svn3450~dfsg3-1) unstable; urgency=low

  * Initial release. (Closes: #636350)

 -- Andres Mejia <amejia@debian.org>  Sat, 04 Feb 2012 00:12:54 +0100
