libyaml (0.1.4-2+deb7u5) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add CVE-2014-9130.patch.
    CVE-2014-9130: assert failure when processing wrapped strings.
    (Closes: #771366)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 13 Dec 2014 14:44:17 +0100

libyaml (0.1.4-2+deb7u4) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add CVE-2014-2525.patch patch.
    CVE-2014-2525: Heap overflow when parsing YAML tags.
    The heap overflow is caused by not properly expanding a string before
    writing to it in function yaml_parser_scan_uri_escapes in scanner.c.

 -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 20 Mar 2014 16:49:19 +0100

libyaml (0.1.4-2+deb7u3) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Drop libyaml-indent-column-overflow-v2.patch patch.
    This patch causes additional regressions on simple YAML files.
  * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
    Add upstream's patch to guard against overflows in indent and
    flow_level. (Closes: #738587)

 -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 10 Feb 2014 23:02:23 +0100

libyaml (0.1.4-2+deb7u2) stable-security; urgency=high

  * Improved fix for CVE-2013-6393: heap-based buffer overflow when
    parsing YAML tags.  (Closes: #737076)

 -- Anders Kaseorg <andersk@mit.edu>  Thu, 30 Jan 2014 04:07:40 -0500

libyaml (0.1.4-2+deb7u1) stable-security; urgency=low

  * CVE-2013-6393

 -- Moritz Muehlenhoff <jmm@debian.org>  Thu, 23 Jan 2014 21:03:55 +0000

libyaml (0.1.4-2) unstable; urgency=low

  * Remove extra libyaml-0.so symlink from libyaml-dev.
  * Bump Debhelper compat level to 9.
  * Support multiarch.  (Closes: #653748) (LP: #905630)
  * Use 3.0 (quilt) source format.

 -- Anders Kaseorg <andersk@mit.edu>  Fri, 30 Dec 2011 17:14:52 -0500

libyaml (0.1.4-1) unstable; urgency=low

  * New upstream version 0.1.4.
    + Fixed a bug that prevented an empty mapping being used as a simple
      key.
    + Fixed pointer overflow when calculating the position of a potential
      simple key.
    + Added pkg-config support.  (Closes: #537834)
  * Remove unneded libyaml.la file.  (Closes: #622452)
  * Add libyaml-0-2-dbg package with debugging symbols.
    (Closes: #592747)
  * Bumped standards version to 3.9.2 without further change

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 30 May 2011 22:27:27 -0400

libyaml (0.1.3-1) unstable; urgency=low

  * New upstream version 0.1.3.
    + This release fixes non-standard structure initialization and a
      streaming-related issue.
  * Bump priority from extra to optional.

 -- Anders Kaseorg <andersk@mit.edu>  Sun, 04 Oct 2009 14:07:18 -0400

libyaml (0.1.2-1) unstable; urgency=low

  * New upstream version 0.1.2.
    + Fixed grammar in error messages (from YAML::XS::LibYAML).
    + Rewritten whitespace detection in the scalar analyzer and block
      scalar writers (ported from PyYAML).
    + Fixed emitting folded scalars with trailing breaks; Forced emitting
      of a document end indicator when there is a possibility of ambiguous
      parsing.

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 29 Dec 2008 21:10:48 -0500

libyaml (0.1.1-1) unstable; urgency=low

  * Initial release (Closes: #484381).

 -- Anders Kaseorg <andersk@mit.edu>  Tue, 10 Jun 2008 02:37:34 -0400
