Change logs for libonig source package in Focal

libonig (6.9.4-1) unstable; urgency=medium

  * Neu upstream release.
    - Refresh symbols file and add Build-Depends-Package field.
    - Remove upstream applied patches:
      + 0105-CVE-2019-13224.patch
      + 0110-CVE-2019-13225.patch
    - Refresh debain/copyright.
    - Fixes CVE-2019-19204: heap-buffer-overflow in fetch_interval_quantifier
        due to double PFETCH (Closes: #945313).
    - Fixes CVE-2019-19203: heap-buffer-overflow in gb18030_mbc_enc_len
        (Closes: #945312).
    - Fixes CVE-2019-19012: Out of bounds read in mbc_to_code()
        (Closes: #944959).
    - Fixes CVE-2019-16163: Stack Exhaustion Problem (Closes: #939988).
    - Fixes CVE-2019-19246: heap-based buffer over-read in str_lower_case_match.
  * debian/watch:_Correct typo.
  * Declare compliance with Debian Policy 4.4.1.1 (No changes needed).
  * Switch to debhelper-compat:
    - debian/control: change to debhelper-compat (=12)
    - remove debian/compat
  * debian/control:
    - Add Rules-Requires-Root: no.
  * Remove outdated debian/NEWS.Debian.

 -- Jörg Frings-Fürst <email address hidden>  Sun, 22 Dec 2019 16:00:46 +0100

libonig (6.9.2-1) unstable; urgency=medium

  * New upstream release:
    - Refresh symbols file.
    - Refresh debian/patches/0100-source_typos.patch.
  * Rewrite debain/watch.
  * New debian/patches/0105-CVE-2019-13224.patch and
      debian/patches/0110-CVE-2019-13225.patch (Closes: #931878):
    - Fixes CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c.
    - Fixes CVE-2019-13225 A NULL Pointer Dereference in match_at()
       in regexec.c.
  * Declare compliance with Debian Policy 4.4.0 (No changes needed).
  * Migrate to debhelper 12:
    - Change debian/compat to 12.
    - Bump minimum debhelper version in debian/control to >= 12.
    - debian/rules: Remove obsolete dh_install --fail-missing.

 -- Jörg Frings-Fürst <email address hidden>  Fri, 12 Jul 2019 10:39:37 +0200