libyaml (0.1.4-3ubuntu3) trusty; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow in yaml_parser_scan_uri_escapes
    - debian/patches/CVE-2014-2525.patch: properly handle memory in
      src/scanner.c, src/yaml_private.h.
    - CVE-2014-2525

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 02 Apr 2014 11:38:05 -0400

libyaml (0.1.4-3ubuntu2) trusty; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: use upstream commits from 0.1.5.
    - debian/patches/libyaml-string-overflow.patch: removed
    - debian/patches/libyaml-node-id-hardening.patch: removed
    - debian/patches/libyaml-indent-column-overflow-v2.patch: removed

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 13 Feb 2014 09:02:35 -0500

libyaml (0.1.4-3ubuntu1) trusty; urgency=medium

  * Merge from Debian. Remaining changes:
    - debian/{rules,control}: build-depend on dh-autoreconf and use it.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 31 Jan 2014 13:13:53 -0500

libyaml (0.1.4-3) unstable; urgency=high

  * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags.
    (Closes: #737076)

 -- Anders Kaseorg <andersk@mit.edu>  Wed, 29 Jan 2014 20:11:48 -0500

libyaml (0.1.4-2ubuntu1) trusty; urgency=low

  * debian/{rules,control}: build-depend on dh-autoreconf and use it.

 -- Adam Conrad <adconrad@ubuntu.com>  Thu, 12 Dec 2013 01:29:25 -0700

libyaml (0.1.4-2build1) quantal; urgency=low

  * Rebuild for new armel compiler default of ARMv5t.

 -- Colin Watson <cjwatson@ubuntu.com>  Fri, 05 Oct 2012 10:49:29 +0100

libyaml (0.1.4-2) unstable; urgency=low

  * Remove extra libyaml-0.so symlink from libyaml-dev.
  * Bump Debhelper compat level to 9.
  * Support multiarch.  (Closes: #653748) (LP: #905630)
  * Use 3.0 (quilt) source format.

 -- Anders Kaseorg <andersk@mit.edu>  Fri, 30 Dec 2011 17:14:52 -0500

libyaml (0.1.4-1) unstable; urgency=low

  * New upstream version 0.1.4.
    + Fixed a bug that prevented an empty mapping being used as a simple
      key.
    + Fixed pointer overflow when calculating the position of a potential
      simple key.
    + Added pkg-config support.  (Closes: #537834)
  * Remove unneded libyaml.la file.  (Closes: #622452)
  * Add libyaml-0-2-dbg package with debugging symbols.
    (Closes: #592747)
  * Bumped standards version to 3.9.2 without further change

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 30 May 2011 22:27:27 -0400

libyaml (0.1.3-1) unstable; urgency=low

  * New upstream version 0.1.3.
    + This release fixes non-standard structure initialization and a
      streaming-related issue.
  * Bump priority from extra to optional.

 -- Anders Kaseorg <andersk@mit.edu>  Sun, 04 Oct 2009 14:07:18 -0400

libyaml (0.1.2-1) unstable; urgency=low

  * New upstream version 0.1.2.
    + Fixed grammar in error messages (from YAML::XS::LibYAML).
    + Rewritten whitespace detection in the scalar analyzer and block
      scalar writers (ported from PyYAML).
    + Fixed emitting folded scalars with trailing breaks; Forced emitting
      of a document end indicator when there is a possibility of ambiguous
      parsing.

 -- Anders Kaseorg <andersk@mit.edu>  Mon, 29 Dec 2008 21:10:48 -0500

libyaml (0.1.1-1) unstable; urgency=low

  * Initial release (Closes: #484381).

 -- Anders Kaseorg <andersk@mit.edu>  Tue, 10 Jun 2008 02:37:34 -0400
