libyaml (0.1.4-2ubuntu0.12.04.4) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via triggered assertion
    - debian/patches/CVE-2014-9130.patch: remove assertion
    - CVE-2014-9130

 -- Steve Beattie <sbeattie@ubuntu.com>  Thu, 08 Jan 2015 18:17:27 -0800

libyaml (0.1.4-2ubuntu0.12.04.3) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow in yaml_parser_scan_uri_escapes
    - debian/patches/CVE-2014-2525.patch: properly handle memory in
      src/scanner.c, src/yaml_private.h.
    - CVE-2014-2525

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 02 Apr 2014 11:44:25 -0400

libyaml (0.1.4-2ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: updated to use upstream commits
      from 0.1.5.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 13 Feb 2014 08:40:49 -0500

libyaml (0.1.4-2ubuntu0.12.04.1) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    large yaml documents
    - debian/patches/CVE-2013-6393.patch: fix integer overflows in
      src/scanner.c, src/api.c.
    - CVE-2013-6393

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 31 Jan 2014 13:09:02 -0500

libyaml (0.1.4-2) unstable; urgency=low

  * Remove extra libyaml-0.so symlink from libyaml-dev.
  * Bump Debhelper compat level to 9.
  * Support multiarch.  (Closes: #653748) (LP: #905630)
  * Use 3.0 (quilt) source format.

 -- Anders Kaseorg <andersk@mit.edu>  Fri, 30 Dec 2011 17:14:52 -0500

libyaml (0.1.4-1) unstable; urgency=low

  * New upstream version 0.1.4.
    + Fixed a bug that prevented an empty mapping being used as a simple
      key.
    + Fixed pointer overflow when calculating the position of a potential
      simple key.
    + Added pkg-config support.  (Closes: #537834)
  * Remove unneded libyaml.la file.  (Closes: #622452)
  * Add libyaml-0-2-dbg package with debugging symbols.
    (Closes: #592747)
  * Bumped standards version to 3.9.2 without further change

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 30 May 2011 22:27:27 -0400

libyaml (0.1.3-1) unstable; urgency=low

  * New upstream version 0.1.3.
    + This release fixes non-standard structure initialization and a
      streaming-related issue.
  * Bump priority from extra to optional.

 -- Anders Kaseorg <andersk@mit.edu>  Sun, 04 Oct 2009 14:07:18 -0400

libyaml (0.1.2-1) unstable; urgency=low

  * New upstream version 0.1.2.
    + Fixed grammar in error messages (from YAML::XS::LibYAML).
    + Rewritten whitespace detection in the scalar analyzer and block
      scalar writers (ported from PyYAML).
    + Fixed emitting folded scalars with trailing breaks; Forced emitting
      of a document end indicator when there is a possibility of ambiguous
      parsing.

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 29 Dec 2008 21:10:48 -0500

libyaml (0.1.1-1) unstable; urgency=low

  * Initial release (Closes: #484381).

 -- Anders Kaseorg <andersk@mit.edu>  Tue, 10 Jun 2008 02:37:34 -0400
