gcab/gcab.changes

-------------------------------------------------------------------
Wed Jul  5 07:49:15 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 1.6:
  + New Features: Allow specifying the allowed compression formats
    at runtime. This would allow us, for example, to disable the
    slightly scary LZX compression format when parsing unknown
    files.
  + Bugfixes: Do not require git when building from a tarball.

-------------------------------------------------------------------
Fri Aug  5 07:09:19 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 1.5:
  + New Features:
    - New gcab_file_set_bytes() API.
    - meson: Register the gcab executable with meson.
  + Bugfixes:
    - Fixed MSZIP compression when deflate algorithm would expand.
      Previous versions of gcab can produce "incorrect" archives
      (when a compressed block is larger than its input). They are
      however supported by gcab itself, and we will keep support
      for it for the foreseeble future.
    - gcab: avoid runtime warnings.
    - Fix coverity warnings.
  + Updated translations.

-------------------------------------------------------------------
Sat Jan 25 14:07:46 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>

- No longer recommend -lang: supplements are in use

-------------------------------------------------------------------
Mon Jan  6 12:20:32 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 1.4:
  + New Features:
    - New GDateTime-based APIs.
    - Allow comping as meson subproject.
  + Bugfixes:
    - build-sys fixes.
    - MacOS/Windows build support.

-------------------------------------------------------------------
Tue Oct  8 08:24:13 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 1.3:
  + New Features: Installed test support.
  + Bugfixes:
    - Fix file corruption on LZX extract.
    - build-sys fixes.
  + Updated translations.

-------------------------------------------------------------------
Sun Dec  9 19:56:55 UTC 2018 - bjorn.lie@gmail.com

- Update to version 1.2:
  + build-sys:
    - Fix installing the includes.
    - Don't require git to build.
  + gcab: Fix regression. Apparently, rewinding should reset the
    CDATA state.
  + Updated translations.
- Drop gcab-fix-installing-the-includes.patch and
  gcab-revert-git-dep.patch: Fixed upstream.

-------------------------------------------------------------------
Fri May 25 17:57:52 UTC 2018 - bjorn.lie@gmail.com

- Add gcab-fix-installing-the-includes.patch: build-sys: fix
  installing the includes (bgo#793388).

-------------------------------------------------------------------
Sat Mar 10 09:17:21 UTC 2018 - jengelh@inai.de

- Update description.

-------------------------------------------------------------------
Wed Feb 28 16:25:37 UTC 2018 - dimstar@opensuse.org

- Modernize spec-file by calling spec-cleaner

-------------------------------------------------------------------
Mon Feb 12 10:28:17 UTC 2018 - bjorn.lie@gmail.com

- Add gcab-revert-git-dep.patch: Revert new dependency on git,
  having a builddependency on git just to able to show version when
  using a git checkout is a bit much (bgo#793406).
- Following the above patch, drop git BuildRequires.

-------------------------------------------------------------------
Fri Feb  9 23:49:52 UTC 2018 - luc14n0@linuxmail.org

- Update to version 1.1:
  + Add git version in --version.
  + Fix list of new symbols in index page.
  + Fix unused declarations.
- Drop fixed upstream patches:
  gcab-meson-build-fixes.patch;
  gcab-folder-simplify_sort_cfiles.patch;
  gcab-doc-fixes.patch.
- Drop intltool BuildRequires: it's no longer a requirement after
  upstream migration to Gettext.
- Add git BuildRequires: new dependency.
- Add a little summary of its content to the main package
  description.

-------------------------------------------------------------------
Tue Jan 23 20:27:11 UTC 2018 - bjorn.lie@gmail.com

- Add gcab-doc-fixes.patch: Two documentation build fixes.
- Add gcab-folder-simplify_sort_cfiles.patch: folder: simplify
  _sort_cfiles(), get rid of warnings.

-------------------------------------------------------------------
Tue Jan 23 16:19:12 UTC 2018 - bjorn.lie@gmail.com

- Update to version 1.0 (CVE-2018-5345):
  + This fixes the security bug known as CVE-2018-5345.
  + New Features:
    - Add a helper executable to create massive compressed
      archives.
    - Add a special binary to use just for fuzzing.
    - Add gcab_cabinet_get_size().
    - Add gcab_file_new_with_bytes().
    - Add gcab_file_set_attributes().
    - Add gcab_file_set_date().
    - Add gcab_folder_get_comptype().
    - Add gcab_folder_get_file_by_name().
    - Add some self tests to test libgcab.
    - Switch to the Meson buildsystem.
  + Bugfixes:
    - Do not return translated errors from libraries.
    - Fix a large memory leak when parsing LZX cab files.
    - Fix a theoretical crash when building the table entries.
    - Replace all the custom typedefd unsigned types with working
      versions.
    - Return detailed errors from gcab_cabinet_get_signature().
    - Use g_autoptr() to fix countless memory leaks when parsing
      corrupt files.
    - Use g_autoptr() to fix several memory leaks on error in the
      library.
    - Use G_DECLARE_FINAL_TYPE to remove lots of C boilerplate.
  + Updated translations.
- Add gcab-meson-build-fixes.patch: Fixes to meson build to match
  the former autotools build.
- Add meson and gtk-doc BuildRequires and use meson, meson_build
  and meson_install macros, following upstreams switch to meson.
- Replace gobject-introspection with
  pkgconfig(gobject-introspection-1.0) BuildRequires: Actually
  build introspection support, split out new sub-package
  typelib-1_0-GCab-1_0.
- Pass docs=true, introspection=true and tests=false to meson,
  only build the features we want.
- No longer delete .la files, meson build does not generate them.

-------------------------------------------------------------------
Tue Jan 23 16:09:51 UTC 2018 - bjorn.lie@gmail.com

- Update to version 0.8 (CVE-2018-5345):
  + This fixes the security bug known as CVE-2018-5345.
  + Always check the return value when writing to the stream.
  + Do not crash when ncbytes is larger than the buffer size.
  + Don't encode timezone in generated files.
  + Don't use version script if unsupported.
  + Explicitly enable C99 support.
  + Fix a few 'Dereference of null pointer' warnings.
  + Fix buffer overrun when generating Huffman codes.
  + Fix builddir != srcdir builds.
  + Fix dependency on generated .h file.
  + Fix invalid return annotation.
  + Fix the calculation of the checksum on big endian machines.
  + Fix -Wimplicit-fallthrough=.
  + Use glib-mkenum's prefixes to avoid sed.
  + Updated translations.
- Minor spec cleanup, use autosetup macro.

-------------------------------------------------------------------
Sat Mar 12 16:10:10 UTC 2016 - zaitor@opensuse.org

- Update to version 0.7:
  + Learn to rewind if needed during extraction (bgo#763377).
  + Fix extraction of files without cdata (bgo#763376).
  + Do not abort with a critical warning if a file has an incorrect
    checksum.
  + Set utf8 flag automatically (bgo#754091).
  + Fix wrong modification date (bgo#753040).
  + Build warning fixes.
  + Updated translations.
- Drop gcab-checksum.patch: Fixed in a different way upstream.

-------------------------------------------------------------------
Mon Mar 30 15:16:56 UTC 2015 - dimstar@opensuse.org

- Update to version 0.6:
  + Fix for the AFL-detected crashes.
  + Add file information getters (get_attributes(), get_date(),
    get_size()).
  + gcab learned --list-details to list files with those
    informations.
  + Fix the file date when creating cab.
  + Build-sys fixes.

-------------------------------------------------------------------
Sat Mar 21 16:48:27 UTC 2015 - schwab@linux-m68k.org

- Add gcab-checksum.patch: fix checksum computation (bgo#746580).

-------------------------------------------------------------------
Mon Mar  9 16:34:49 UTC 2015 - zaitor@opensuse.org

- Update to version 0.5:
  + Fix path traversal: do not escape from output directory.
  + Add gcab_cabinet_get_signature().
  + Build warning fixes.
  + Updated translations.
- Drop gcab-CVE-2015-0552.patch: fixed upstream.

-------------------------------------------------------------------
Tue Jan  6 11:08:14 UTC 2015 - dimstar@opensuse.org

- Add gcab-CVE-2015-0552.patch: Avoid path traversal (boo#911814,
  bgo#742331, CVE-2015-0552).

-------------------------------------------------------------------
Wed Mar  6 20:29:35 UTC 2013 - dimstar@opensuse.org

- Initial package, version 0.4.
Sync from SUSE:SLFO:Main gcab revision 12283ae1195680642d952296708dedfb 2024-05-03 12:42:48 +02:00			`-------------------------------------------------------------------`
			`Wed Jul 5 07:49:15 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 1.6:`
			`+ New Features: Allow specifying the allowed compression formats`
			`at runtime. This would allow us, for example, to disable the`
			`slightly scary LZX compression format when parsing unknown`
			`files.`
			`+ Bugfixes: Do not require git when building from a tarball.`

			`-------------------------------------------------------------------`
			`Fri Aug 5 07:09:19 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 1.5:`
			`+ New Features:`
			`- New gcab_file_set_bytes() API.`
			`- meson: Register the gcab executable with meson.`
			`+ Bugfixes:`
			`- Fixed MSZIP compression when deflate algorithm would expand.`
			`Previous versions of gcab can produce "incorrect" archives`
			`(when a compressed block is larger than its input). They are`
			`however supported by gcab itself, and we will keep support`
			`for it for the foreseeble future.`
			`- gcab: avoid runtime warnings.`
			`- Fix coverity warnings.`
			`+ Updated translations.`

			`-------------------------------------------------------------------`
			`Sat Jan 25 14:07:46 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>`

			`- No longer recommend -lang: supplements are in use`

			`-------------------------------------------------------------------`
			`Mon Jan 6 12:20:32 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 1.4:`
			`+ New Features:`
			`- New GDateTime-based APIs.`
			`- Allow comping as meson subproject.`
			`+ Bugfixes:`
			`- build-sys fixes.`
			`- MacOS/Windows build support.`

			`-------------------------------------------------------------------`
			`Tue Oct 8 08:24:13 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 1.3:`
			`+ New Features: Installed test support.`
			`+ Bugfixes:`
			`- Fix file corruption on LZX extract.`
			`- build-sys fixes.`
			`+ Updated translations.`

			`-------------------------------------------------------------------`
			`Sun Dec 9 19:56:55 UTC 2018 - bjorn.lie@gmail.com`

			`- Update to version 1.2:`
			`+ build-sys:`
			`- Fix installing the includes.`
			`- Don't require git to build.`
			`+ gcab: Fix regression. Apparently, rewinding should reset the`
			`CDATA state.`
			`+ Updated translations.`
			`- Drop gcab-fix-installing-the-includes.patch and`
			`gcab-revert-git-dep.patch: Fixed upstream.`

			`-------------------------------------------------------------------`
			`Fri May 25 17:57:52 UTC 2018 - bjorn.lie@gmail.com`

			`- Add gcab-fix-installing-the-includes.patch: build-sys: fix`
			`installing the includes (bgo#793388).`

			`-------------------------------------------------------------------`
			`Sat Mar 10 09:17:21 UTC 2018 - jengelh@inai.de`

			`- Update description.`

			`-------------------------------------------------------------------`
			`Wed Feb 28 16:25:37 UTC 2018 - dimstar@opensuse.org`

			`- Modernize spec-file by calling spec-cleaner`

			`-------------------------------------------------------------------`
			`Mon Feb 12 10:28:17 UTC 2018 - bjorn.lie@gmail.com`

			`- Add gcab-revert-git-dep.patch: Revert new dependency on git,`
			`having a builddependency on git just to able to show version when`
			`using a git checkout is a bit much (bgo#793406).`
			`- Following the above patch, drop git BuildRequires.`

			`-------------------------------------------------------------------`
			`Fri Feb 9 23:49:52 UTC 2018 - luc14n0@linuxmail.org`

			`- Update to version 1.1:`
			`+ Add git version in --version.`
			`+ Fix list of new symbols in index page.`
			`+ Fix unused declarations.`
			`- Drop fixed upstream patches:`
			`gcab-meson-build-fixes.patch;`
			`gcab-folder-simplify_sort_cfiles.patch;`
			`gcab-doc-fixes.patch.`
			`- Drop intltool BuildRequires: it's no longer a requirement after`
			`upstream migration to Gettext.`
			`- Add git BuildRequires: new dependency.`
			`- Add a little summary of its content to the main package`
			`description.`

			`-------------------------------------------------------------------`
			`Tue Jan 23 20:27:11 UTC 2018 - bjorn.lie@gmail.com`

			`- Add gcab-doc-fixes.patch: Two documentation build fixes.`
			`- Add gcab-folder-simplify_sort_cfiles.patch: folder: simplify`
			`_sort_cfiles(), get rid of warnings.`

			`-------------------------------------------------------------------`
			`Tue Jan 23 16:19:12 UTC 2018 - bjorn.lie@gmail.com`

			`- Update to version 1.0 (CVE-2018-5345):`
			`+ This fixes the security bug known as CVE-2018-5345.`
			`+ New Features:`
			`- Add a helper executable to create massive compressed`
			`archives.`
			`- Add a special binary to use just for fuzzing.`
			`- Add gcab_cabinet_get_size().`
			`- Add gcab_file_new_with_bytes().`
			`- Add gcab_file_set_attributes().`
			`- Add gcab_file_set_date().`
			`- Add gcab_folder_get_comptype().`
			`- Add gcab_folder_get_file_by_name().`
			`- Add some self tests to test libgcab.`
			`- Switch to the Meson buildsystem.`
			`+ Bugfixes:`
			`- Do not return translated errors from libraries.`
			`- Fix a large memory leak when parsing LZX cab files.`
			`- Fix a theoretical crash when building the table entries.`
			`- Replace all the custom typedefd unsigned types with working`
			`versions.`
			`- Return detailed errors from gcab_cabinet_get_signature().`
			`- Use g_autoptr() to fix countless memory leaks when parsing`
			`corrupt files.`
			`- Use g_autoptr() to fix several memory leaks on error in the`
			`library.`
			`- Use G_DECLARE_FINAL_TYPE to remove lots of C boilerplate.`
			`+ Updated translations.`
			`- Add gcab-meson-build-fixes.patch: Fixes to meson build to match`
			`the former autotools build.`
			`- Add meson and gtk-doc BuildRequires and use meson, meson_build`
			`and meson_install macros, following upstreams switch to meson.`
			`- Replace gobject-introspection with`
			`pkgconfig(gobject-introspection-1.0) BuildRequires: Actually`
			`build introspection support, split out new sub-package`
			`typelib-1_0-GCab-1_0.`
			`- Pass docs=true, introspection=true and tests=false to meson,`
			`only build the features we want.`
			`- No longer delete .la files, meson build does not generate them.`

			`-------------------------------------------------------------------`
			`Tue Jan 23 16:09:51 UTC 2018 - bjorn.lie@gmail.com`

			`- Update to version 0.8 (CVE-2018-5345):`
			`+ This fixes the security bug known as CVE-2018-5345.`
			`+ Always check the return value when writing to the stream.`
			`+ Do not crash when ncbytes is larger than the buffer size.`
			`+ Don't encode timezone in generated files.`
			`+ Don't use version script if unsupported.`
			`+ Explicitly enable C99 support.`
			`+ Fix a few 'Dereference of null pointer' warnings.`
			`+ Fix buffer overrun when generating Huffman codes.`
			`+ Fix builddir != srcdir builds.`
			`+ Fix dependency on generated .h file.`
			`+ Fix invalid return annotation.`
			`+ Fix the calculation of the checksum on big endian machines.`
			`+ Fix -Wimplicit-fallthrough=.`
			`+ Use glib-mkenum's prefixes to avoid sed.`
			`+ Updated translations.`
			`- Minor spec cleanup, use autosetup macro.`

			`-------------------------------------------------------------------`
			`Sat Mar 12 16:10:10 UTC 2016 - zaitor@opensuse.org`

			`- Update to version 0.7:`
			`+ Learn to rewind if needed during extraction (bgo#763377).`
			`+ Fix extraction of files without cdata (bgo#763376).`
			`+ Do not abort with a critical warning if a file has an incorrect`
			`checksum.`
			`+ Set utf8 flag automatically (bgo#754091).`
			`+ Fix wrong modification date (bgo#753040).`
			`+ Build warning fixes.`
			`+ Updated translations.`
			`- Drop gcab-checksum.patch: Fixed in a different way upstream.`

			`-------------------------------------------------------------------`
			`Mon Mar 30 15:16:56 UTC 2015 - dimstar@opensuse.org`

			`- Update to version 0.6:`
			`+ Fix for the AFL-detected crashes.`
			`+ Add file information getters (get_attributes(), get_date(),`
			`get_size()).`
			`+ gcab learned --list-details to list files with those`
			`informations.`
			`+ Fix the file date when creating cab.`
			`+ Build-sys fixes.`

			`-------------------------------------------------------------------`
			`Sat Mar 21 16:48:27 UTC 2015 - schwab@linux-m68k.org`

			`- Add gcab-checksum.patch: fix checksum computation (bgo#746580).`

			`-------------------------------------------------------------------`
			`Mon Mar 9 16:34:49 UTC 2015 - zaitor@opensuse.org`

			`- Update to version 0.5:`
			`+ Fix path traversal: do not escape from output directory.`
			`+ Add gcab_cabinet_get_signature().`
			`+ Build warning fixes.`
			`+ Updated translations.`
			`- Drop gcab-CVE-2015-0552.patch: fixed upstream.`

			`-------------------------------------------------------------------`
			`Tue Jan 6 11:08:14 UTC 2015 - dimstar@opensuse.org`

			`- Add gcab-CVE-2015-0552.patch: Avoid path traversal (boo#911814,`
			`bgo#742331, CVE-2015-0552).`

			`-------------------------------------------------------------------`
			`Wed Mar 6 20:29:35 UTC 2013 - dimstar@opensuse.org`

			`- Initial package, version 0.4.`