Author: micove
Revision Date: 2015-07-02 23:32:31 UTC

* New upstream release.
* Check if DEB_HOST_ARCH_CPU is i386 instead of i486. (Closes: 751800)
  - In i386/hurd-i386/kfreebsd-i386 don't default to only building the
    "broken" decoder.
* Override lintian error libmpg123-0: shlib-with-non-pic-code in i386.
  - Previous fix reintroduces all decoders and skips the "bad" one. The
    faster decoders use optimizations with non-pic code.
* Update the watch file to verify the cryptographic signatures.
* Bump Standards-Version to 3.9.6 (no changes needed).

Author: micove
Revision Date: 2015-07-02 23:32:31 UTC

* New upstream release.
* Check if DEB_HOST_ARCH_CPU is i386 instead of i486. (Closes: 751800)
  - In i386/hurd-i386/kfreebsd-i386 don't default to only building the
    "broken" decoder.
* Override lintian error libmpg123-0: shlib-with-non-pic-code in i386.
  - Previous fix reintroduces all decoders and skips the "bad" one. The
    faster decoders use optimizations with non-pic code.
* Update the watch file to verify the cryptographic signatures.
* Bump Standards-Version to 3.9.6 (no changes needed).

Author: Sebastian Ramacher
Revision Date: 2014-08-31 11:51:27 UTC

* Team upload.

[ Alessio Treglia ]
* Update symbols file to prevent FTBFS on arm64.
  Thanks to Will Newton for pointing this out. (Closes: #758227)

[ Sebastian Ramacher ]
* debian/control: Remove ${shlibs:Depends} from libmpg123-dev's Depends.

Author: Sebastian Ramacher
Revision Date: 2014-08-31 11:51:27 UTC

* Team upload.

[ Alessio Treglia ]
* Update symbols file to prevent FTBFS on arm64.
  Thanks to Will Newton for pointing this out. (Closes: #758227)

[ Sebastian Ramacher ]
* debian/control: Remove ${shlibs:Depends} from libmpg123-dev's Depends.

Author: William Grant
Revision Date: 2014-05-02 11:54:24 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: William Grant
Revision Date: 2014-05-02 11:54:24 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: William Grant
Revision Date: 2013-12-20 16:15:46 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: William Grant
Revision Date: 2013-12-20 16:15:46 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: William Grant
Revision Date: 2013-10-16 20:10:20 UTC

debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: William Grant
Revision Date: 2013-10-16 20:10:20 UTC

debian/libmpg123-0.symbols: Add arm64 and ppc64el as 64-bit arches.

Author: micove
Revision Date: 2012-09-05 03:31:20 UTC

* New upstream release.
  - Fix regression from 1.14.1 in parsing of bad free format streams.
    (Closes: #677148)
  - Fix resync logic to properly work again (used to prematurely end stream
    on bad headers).
  - Fix multiple seek regressions.

Author: micove
Revision Date: 2012-09-05 03:31:20 UTC

* New upstream release.
  - Fix regression from 1.14.1 in parsing of bad free format streams.
    (Closes: #677148)
  - Fix resync logic to properly work again (used to prematurely end stream
    on bad headers).
  - Fix multiple seek regressions.

Author: Alessio Treglia
Revision Date: 2012-06-22 09:48:18 UTC

Fresh snapshot from upstream.

Author: Steve Langasek
Revision Date: 2011-12-06 20:32:51 UTC

releasing version 1.12.1-3.2ubuntu1

Author: Micah Gersten
Revision Date: 2011-05-29 21:25:22 UTC

Fake sync due to mismatching orig tarball (LP: #784775).

Author: Lorenzo De Liso
Revision Date: 2010-09-06 00:14:21 UTC

* Merge from debian unstable, remaining changes:
  - debian/control: Remove libartsc0-dev from build depends.

Author: Lorenzo De Liso
Revision Date: 2010-09-06 00:14:21 UTC

* Merge from debian unstable, remaining changes:
  - debian/control: Remove libartsc0-dev from build depends.

Author: Scott Ritchie
Revision Date: 2010-03-31 14:56:30 UTC

* New upstream release
  * Direct request from upstream for compatibility purposes
  * Also unifies the large/small file support issues we had earlier

Author: Scott Ritchie
Revision Date: 2009-09-14 04:58:49 UTC

* New upstream release
  - Includes a fix for a regression in forward seeking

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:20:59 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/libmpg123/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:20:59 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/libmpg123/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Andreas Wenning
Revision Date: 2009-01-29 19:55:44 UTC

* Remove arts from dependencies. (LP: #320915)
  - debian/control: Remove libartsc0-dev from build depends.

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:24:44 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/libmpg123/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:24:44 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/libmpg123/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Daniel Kobras
Revision Date: 2008-07-06 18:46:38 UTC

* src/libmpg123/id3.c: Apply upstream fix for out-of-bounds error in
  id3 parser.
* debian/mpg123.postinst: Output auto-detection is no good as long as
  output-specific wrappers are still listed as alternatives with higher
  priority. Remove alternative setting for all wrapper scripts, therefore.
  Closes: #391669
* debian/mpg123-wrapper.in: Call mpg123 binary with exec to avoid stray
  shell process as suggested by Shane Wegner.

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:37:03 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Stefan Lesicnik
Revision Date: 2009-05-01 09:37:03 UTC

* SECURITY UPDATE: Integer signedness error in the store_id3_text function
  in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause
  a denial of service (out-of-bounds memory access) and possibly execute
  arbitrary code via an ID3 tag with a negative encoding value. (LP: 370031).
 - src/id3.c: Inline patch from upstream SVN rev 1920.
 - http://www.mpg123.org/cgi-bin/viewvc.cgi/tags/1.7.2/?view=log
 - CVE-2009-1301

Author: Daniel Kobras
Revision Date: 2007-09-19 21:24:32 UTC

* New upsteam version.
  + Includes fix for VPATH builds from 0.66-1.
* debian/rules: Guard against multiple invocations of configure target
  during build. Fixes failure when building twice in a row. Closes: #442680
* debian/rules: Include optimised builds on i386. Closes: #433693
* debian/rules: Remove obsolete touch commands needed only when patching
  configure.ac.

Author: Daniel Kobras
Revision Date: 2007-06-11 23:31:30 UTC

* New upstream version.
  + src/debug.h, src/httpget.c: Debug macro fixes merged upstream.
* src/Makefile.am, src/Makefile.in: Fix custom preprocessing directive
  for asm files during VPATH builds.
* debian/rules: Fix incorrect quoting in clean target that prevented
  reaping of build stamps. Closes: #424580
* debian/rules: Man page moved to man1. Make sure to copy from new
  location.

Author: Daniel Kobras
Revision Date: 2007-02-05 23:18:31 UTC

src/httpget.c: Fix potential denial of service attack on premature
end-of-file from HTTP server (CVE-2007-0578). Patch taken from upstream's
0.64 release. Closes: #409296

Author: Daniel Kobras
Revision Date: 2006-10-01 17:21:19 UTC

debian/rules: When generating $pkgname.mime, don't point to master
file but copy over its contents. Closes: #390450

Author: Daniel Kobras
Revision Date: 2006-01-16 18:03:38 UTC

* Makefile: In linux-nas target, only link with libaudio, but not with
  its dependent libs.
* Makefile: Likewise, in linux-*-esd targets remove explicit audiofile
  linkage.
* Makefile: Use double rather than single quotes in OBJECTS definitions
  to fix multi-line OBJECTS with recent implementations of GNU make.
* Makefile: Sprinkle some extra spaces after macro definitions to
  placate gcc with recent GNU make.
* httpget.c: Do not forget to pass the target URL when using an HTTP
  proxy. Closes: #311049
* mpg123.c: Resync buffers when interrupted by Ctrl-c to clean out
  remaining cruft. Also cures long delays when skipping songs in
  buffered mode. Closes: #154509, #280034
* mpg123.h: Complete fix from 0.59r-2 and remove external declaration
  esdserver variable from mpg123.h. There's no need for it to be global.
  Fixes build of linux-esd with recent gcc.
* mpg123.1: Correct description of -s option for mono input.
  Closes: #326038
* debian/control: Remove build-dependency on xlibs-dev because we no
  longer link with libXau and libXt directly. Closes: #346937
* debian/control: Likewise, remove libaudiofile-dev build-dependency.
* debian/control: Follow name change from nas-dev to libaudio-dev in
  build dependencies.
* debian/rules: Define ARCH from dpkg-architecture rather than from
  obsolete dpkg option.

Author: Daniel Kobras
Revision Date: 2005-05-08 19:37:18 UTC

* httpget.c: Fix integer overflows in http parser, introduced by
  security patch for CAN-2004-0982.
* httpget.c: Ensure minimum size of receive buffer to fix regression
  in 0.59r-18, caused by patch for CAN-2004-0982. Closes: #294801

Author: Daniel Kobras
Revision Date: 2005-01-05 17:18:30 UTC

* layer2.c: Fix off-by-one error in boundary check introduced in -18.
  Thanks to Jeremy Huddleston for noticing.
* layer1.c: Use proper parameter range in stereo test.

Author: Daniel Kobras
Revision Date: 2004-09-07 15:57:57 UTC

* layer2.c: Fix buffer overflow in layer2 decoder (CVE ID CAN-2004-0805).
* Makefile: Fix compiler options to build for generic targets on ARM,
  but optimise for xscale. Closes: #261255
* README.3DNOW, dct36_3dnow.s, dct64_3dnow.s, decode_3dnow.s,
  decode_i386.c, equalizer_3dnow.s, getcpuflags.s, layer3.c, mpg123.c,
  mpg123.h, tabinit.c, debian/rules: Apply patch by KIMURA Takuhiro and
  Syuuhei Kashiyama to fix errors in 3dnow-optimised decoding.
  Thanks to Alberto Garcia for the patch-merging. Closes: #242212
* debian/prerm: De-register mp3-decoder alternative. Closes: #222982
* debian/changelog: Convert to utf8.
* debian/control: Bump standards version.