-
xdg-utils (1.1.3-1ubuntu2) cosmic; urgency=medium
* Use perl's decode() to ensure we don't pass invalid UTF-8 to D-Bus, as
doing so triggers an assertion from libdbus which makes us crash. LP:
#1743216 (Debian #910070, Upstream #108121)
-- Iain Lane <email address hidden> Tue, 02 Oct 2018 11:11:16 +0100
-
xdg-utils (1.1.3-1ubuntu1) cosmic; urgency=low
* Merge from Debian Sid (LP: #1779529). Remaining changes:
- Add debian/xdg-utils.links:
+ Symlink /usr/bin/xdg-open to /usr/bin/browse (LP: #1624022)
* Drop lp779156-lubuntu.diff:
- Lubuntu no longer uses LXDE and Sylpheed.
* Drop CVE-2017-18266*.patch:
- The fixes were applied upstream.
* Drop proper-lxqt-handling.patch:
- Proper LXQt support was merged upstream.
xdg-utils (1.1.3-1) unstable; urgency=medium
* New upstream release.
- Avoid argument injection vulnerability in open_envvar.
Fixes CVE-2017-18266, closes: #898317.
* Remove 01-open-lxqt.patch applied by upstream.
* Fix word expansion on KDE in xdg-email. Closes: #898999.
* Bump debhelper and standards version, no modifications for this.
xdg-utils (1.1.2-2) unstable; urgency=medium
* Update Vcs for salsa.debian.org.
* 01-open-lxqt.patch: Fix support in LXQt, which isn't the same as LXDE.
Closes: #884436.
-- Simon Quigley <email address hidden> Sun, 01 Jul 2018 01:59:06 -0500
-
xdg-utils (1.1.2-1ubuntu3) cosmic; urgency=medium
* SECURITY UPDATE: Argument-injection attack
- debian/patches/CVE-2017-18266.patch: fix in xdg-open.in.
- debian/patches/CVE-2017-18266-final.patch: fix autotest and
refactoring the vulnerability fix.
- CVE-2017-18266
-- <email address hidden> (Leonidas S. Barbosa) Fri, 18 May 2018 11:38:06 -0300
-
xdg-utils (1.1.2-1ubuntu2) bionic; urgency=medium
* Add proper support for LXQt; don't treat it the same as LXDE.
- proper-lxqt-handling.patch (LP: #1701783)
* Refresh lp779156-lubuntu.diff.
-- Simon Quigley <email address hidden> Fri, 09 Feb 2018 19:34:00 -0600
