italc (1:2.0.2+dfsg1-2+deb8u1) jessie-security; urgency=medium

  * Porting of libvncserver+libvncclient security patches:
    - CVE-2014-6051: Fix integer overflow in MallocFrameBuffer().
    - CVE-2014-6052: Check for MallocFrameBuffer() return value.
    - CVE-2014-6053: Check malloc() return value on client->server ClientCutText
      message.
    - CVE-2014-6054: Do not accept a scaling factor of zero on
      PalmVNCSetScaleFactor and SetScale client->server messages
    - CVE-2014-6055: Fix multiple stack-based buffer overflows in file transfer
      feature.
    - CVE-2016-9941: Fix heap overflows in the various rectangle fill functions.
    - CVE-2016-9942: Fix heap overflow in the ultra.c decoder.
    - CVE-2018-7225: Uninitialized and potentially sensitive data could be
      accessed by remote attackers because the msg.cct.length in rfbserver.c was
      not sanitized.
    - CVE-2018-15127: heap out-of-bound write vulnerability.
    - CVE-2018-20019: multiple heap out-of-bound write vulnerabilities.
    - CVE-2018-20020: heap out-of-bound write vulnerability inside structure
      in VNC client code.
    - CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
    - CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
    - CVE-2018-20023: Improper Initialization vulnerability in VNC Repeater
      client code.
    - CVE-2018-20024: null pointer dereference that can result DoS.
    - CVE-2018-6307: heap use-after-free vulnerability in server code of
      file transfer extension.
    - CVE-2018-20748: incomplete fix for CVE-2018-20019 oob heap writes.
    - CVE-2018-20749: incomplete fix for CVE-2018-15127 oob heap writes.
    - CVE-2018-20750: incomplete fix for CVE-2018-15127 oob heap writes.
    - CVE-2018-15126: heap use-after-free resulting in possible RCE.
    - CVE-2019-15681: rfbserver: don't leak stack memory to the remote.

 -- Mike Gabriel <sunweaver@debian.org>  Wed, 30 Oct 2019 21:41:30 +0100

italc (1:2.0.2+dfsg1-2) unstable; urgency=medium

  * debian/bin/ica (wrapper):
    + When the -autostart cmdline arg is given, launch iTALC client with the
      most privileged role that is available to the current user.
  * DebConf:
    + Update Japanese translation. Thanks to "victory".
    + Update Russian translation file. Thanks to Yuri Kozlov. (Closes:
      #758791).
    + Update Danish translation file. Thanks to Joe Dalton. (Closes: #758840).
    + Update Spanish translation file. Thanks to Camaleón. (Closes: #759797).
    + Update French translation file. Thanks to Steve Petruzzello. (Closes:
      #760599).
    + Update Portuguese translation file. Thanks to Miguel Figueiredo. (Closes:
      #760718).
    + Update Italian translation file. Thanks to Beatrice Torracca. (Closes:
      #761089).
    + Update German translation file. Thanks to myself ;-). (Closes: #764101).
  * debian/copyright:
    + Rewrite from scratch. Fixes several false or missing license and copyright
      information.

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 05 Oct 2014 23:05:32 +0200

italc (1:2.0.2+dfsg1-1) unstable; urgency=low

  * New upstream release.
  * debian/watch:
    + Mangle Debian version (due to new +dfsg1 upstream version suffix).
  * debian/rules:
    + Provide get-orig-source rule, repack upstream sources: Remove non-DFSG
      licensed files sha1.c and sha1.h (which upstream directly took from
      RFC 3174.
    + Drop win32 related files when repacking upstream sources via
      get-orig-source.
  * debian/control:
    + Add dbg:packages for iTALC.
    + Bump Standards: to 3.9.5. No changes needed.
    + Add R (italc-client): zenity or kde-baseapps-bin (for ica wrapper
      script).
  * Desktop integration:
    + Update .desktop files. Add .desktop file for imc (iTALC Management
      Console).
    + Use pkexec to launch iTALC Management Console.
  * DebConf:
    + When setting up iTALC roles, ensure that the default group ('root')
      gets used if an empty string is provided as group name.
    + Capture non-existing group names and default to group 'root' instead.
      Also, detect existence of groups correctly, now.
    + Default to "root" group only if previously set iTALC role groups were
      not set or do not exist (anymore).
    + Loop on group input screens if a group does not exist (for
      use_existing_groups == true).
    + Always default to "No" for the delete-group-confirmation-question
      screens.
    + Provide option to system-wide setup XDG autostart for iTALC client
      applet. (Closes: #731476).
    + Reset LogonGroups= in iTALC.conf on every package configuration, so
      DebConf configured groups get placed into iTALC.conf correctly.
    + Update PO files.
  * debian/copyright:
    + Update file to match changes in upstream release.
    + Drop copyright information for removed files ica/x11/common/sha1.{c,h}.
    + Drop copyright information for removed files in ica/win32/.
  * debian/patches:
    + Drop 002_use-v4l-videodev2.patch, 004_x2go-nx-noxdamage.patch,
      021_man-page-patch-in.patch. Applied upstream.
    + Refresh 031_fix-spelling-errors.patch.
    + Update 001_set-static-libdir-and-rpath-for-cmake.patch. Adapt
      block that hard-sets LIB_DIR to /usr/lib/italc.
    + Add 007_use-openssl-sha.patch. Build against openssl/sha.h, don't use
      dropped, non-DFSG licensed files sha1.c and sha1.h.
    + Add 030_fix-man-pages.patch. Fix a hyphen-used-as-minus-sign issue and a
      spelling error.
  * debian/italc-client.prerm:
    + On package purgal, only remove groups if we previously explicitly created
      them as iTALC roles.
  * debian/italc-client.postinst:
    + Ensure that $DISPLAY is unset before evoking the imc -createkeypair
      command.
  * lintian:
    + Drop unused override (spelling-error-in-binary).

 -- Mike Gabriel <sunweaver@debian.org>  Thu, 14 Aug 2014 14:23:53 +0200

italc (1:2.0.1-4) unstable; urgency=low

  * Debconf translation files updated/added:
    + Spanish translation added (thanks to Camaleón). (Closes: #728116).
  * debian/control:
    + Add libpng-dev as build dependency. (Closes: #729675).

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 17 Nov 2013 09:19:39 +0100

italc (1:2.0.1-3) unstable; urgency=low

  * /debian/control:
    + Alioth-canonicalize Vcs-Git: field.
    + Vcs location has moved into debian-edu/pkg-team/ subfolder.
  * /debian/desktop/*.desktop:
    + Add Keywords: field.
  * Debconf translations:
    + Update typo in Japanese translation (thanks to
      »victory«). (Closes: #725724).

 -- Mike Gabriel <sunweaver@debian.org>  Wed, 09 Oct 2013 00:45:33 +0200

italc (1:2.0.1-2) unstable; urgency=low

  * Review of translatable text elements by the Enlish i18n team. (Closes:
    #719778).
  * /debian/copyright:
    + Add block for Files: /debian/*.
  * Debconf translation files updated/added:
    + Russian translation (thanks to Yuri Kozlov). (Closes: #721993).
    + Danish translation (thanks to Joe Dalton). (Closes: #722131).
    + Czech translation (thanks to Michal Šimůnek). (Closes: #722141).
    + Japanese translation (thanks to »victory«). (Closes: #723754).
    + Italian translation (thanks to Beatrice Torracca). (Closes: #723863).
    + Portuguese translation (thanks to Miguel Figueiredo). (Closes: #724018).
    + French translation (thanks to Steve Petruzzello). (Closes: #724485).
    + German translation (thanks to Helge Kreutzmann for reviewing my own
      translation effort). (Closes: #724025).

 -- Mike Gabriel <sunweaver@debian.org>  Tue, 24 Sep 2013 21:27:50 +0200

italc (1:2.0.1-1) unstable; urgency=low

  * New upstream version.
  * /debian/italc-client.lintian-overrides:
    + Silence lintian about a false-positive spelling error report.
  * /debian/copyright:
    + Update and review and explicitly add OpenSSL exception.
  * Update patches, drop patch 011_qt-signals.patch (applied by upstream).

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 12 Aug 2013 15:52:25 +0200

italc (1:2.0.0-4) unstable; urgency=low

  * /debian/control:
    + Fix lintian: <bin:package>: data.tar.xz-member-without-dpkg-pre-depends.
  * /debian/italc-client.{config,templates}:
    + Make italc preseedable/configurable via debconf.
  * /debian/rules:
    + Now really fix the .ts file update and trigger the .qm build after
      configure of libitalccore.
    + Make sure .qm files shipped by upstream get moved out of the way before
      build and get restored properly during clean up.
    + Auto-configure iTALC.conf through debconf.
  * Update documentation file: README.setup.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 12 Aug 2013 12:07:52 +0200

italc (1:2.0.0-3) unstable; urgency=low

  * /debian/control:
    + italc-client: Add adduser to Depends: field. (Closes: #707836).
  * /debian/rules:
    + Re-build .ts and .qm files during build time to incorporate
      latest translation fixes.
  * Lintian issues:
    + Fix duplicate-in-relation-field in source build-depends: libxrandr-dev,
      libxrandr-dev.
    + Fix unneeded-build-dep-on-quilt.
    + Fix spelling-error-in-binary usr/bin/italc neccessary necessary.
    + Fix spelling-error-in-binary usr/lib/italc/libItalcCore.so neccessary
      necessary.
    + Fix spelling-error-in-manpage usr/share/man/man1/ica.1.gz neccessary
      necessary.
    + Fix hyphen-used-as-minus-sign usr/share/man/man1/ica.1.gz.
    + Fix hyphen-used-as-minus-sign usr/share/man/man1/imc.1.gz.
  * Update patches.
  * Provide file italc-client.desktop. (Closes: #666428).
  * Provide file italc-master.desktop. (Closes: #666429).
  * Add patch: 006_inject-buildtype-from-outside.patch. Inject the build
    type (actually the BUILD_CPU) from /debian/rules. Avoid the detection
    code from upstream as it only covers x86 and x86_64. (Closes: #718745).
  * Provide documentation: README.setup. (Closes: #511387).

 -- Mike Gabriel <sunweaver@debian.org>  Sun, 11 Aug 2013 03:11:55 +0200

italc (1:2.0.0-2) unstable; urgency=low

  * /debian/control:
    + Drop B-D: linux-libc-dev
    + Limit B-D: libv4l-dev to [linux-any].
    + Update long-descs: replace phrase »pupil« by »student«.

 -- Mike Gabriel <sunweaver@debian.org>  Sat, 11 May 2013 00:06:51 +0200

italc (1:2.0.0-1) unstable; urgency=low

  * New upstream release (Closes: #640200, #672636).
  * Package becomes team-maintained (debian-edu-pkg-team@l.alioth.d.o).
  * Raise compat level to 7.
  * Use multi-line fields in /debian/control.
  * Add build-dependencies: libpam0g-dev, linux-libc-dev, and cmake.
    Also add-in build-dependencies found in x11vnc Debian package. Add
    build-dependency: libv4l-dev.
  * Add Vcs-* lines to /debian/control.
  * Make /debian/copyright DEP-5 compliant.
  * Drop outdated README.Debian, include upstream documentation files in
    package.
  * Drop lintian overrides from former package versions.
  * New binary package: italc-management-console.
  * Add quilt (>= 0.46-7~) as build dependency. Include CDBS rule
    patchsys-quilt.
  * Add patch: 001_set-static-libdir-and-rpath-for-cmake.patch, adapt to
    new iTALC library name: libItalcCore.so, rename binary package libitalc to
    libitalccore. As libItalcCore.so is private/unversioned, we use RPATH to
    build/find <LIB_DIR>/italc/libItalcCore.so.
  * Add patch: 002_use-v4l-videodev2.patch, support building with v4l2 support
    if present.
  * Add patch: 003_rename-plugin-dir.patch, change name of iTalc plugin
    directory.
  * Add patch: 004_x2go-nx-noxdamage.patch, handle iTALC in X2Go sessions in
    the same way as in NX sessions.
  * Grab man page from upstream Git: imc.8.
  * Contribute man page: italc_auth_helper.1, no man page available for
    italc_auth_helper by upstream.
  * Add build-dependency: gcj-jdk. This triggers the java-build of the iTALC
    JavaViewer which then gets integrated into the iTALC client.
  * Add patch: 011_qt-signals.patch.
  * Add patch: 021_man-page-patch-in.patch, update upstream man pages, apply
    similar changes to italc_auth_helper.1 provided by us.
  * Drop man page options that are not available in iTALC 2.x anymore, add
    those that have been added. Fixing non-up-to-date upstream version of man
    pages for ica.1 and italc.1.
  * Install italc_auth_helper setuid root (via dpkg-statoverride).
  * Provide default iTALC.conf configuration file.
  * Install italc-* system groups by default (italc-admins, italc-supporters,
    italc-teachers, italc-students).
  * Create iTALC key pairs for roles: admin, supporter, teacher during package
    configuration.
  * Add patch: 005_gcc47-ftbfs.patch. Fixes FTBFS with gcc-4.7.
  * Harden package build.
  * Bump Standards version to 3.9.4.

 -- Mike Gabriel <sunweaver@debian.org>  Fri, 03 May 2013 13:23:05 +0200

italc (1:1.0.13-1.3) unstable; urgency=low

  * Non maintainer upload.
  * Fix build failure with GCC 4.7. Closes: #667203.

 -- Matthias Klose <doko@debian.org>  Fri, 04 May 2012 08:37:15 +0200

italc (1:1.0.13-1.2) unstable; urgency=low

  * Non-maintainer upload.
  * Build-Depend on libjpeg-dev, not libjpeg62-dev (closes: #642838)

 -- Julien Cristau <jcristau@debian.org>  Sun, 29 Jan 2012 18:08:29 +0100

italc (1:1.0.13-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Apply patch from Felix Geyer to fix FTBFS when compiled with
    -Werror=format-security (Closes: #643411)
  * Set urgency to medium due to rc bug fix

 -- Alexander Reichle-Schmehl <tolimar@debian.org>  Sun, 04 Dec 2011 12:08:19 +0100

italc (1:1.0.13-1) unstable; urgency=low

  * Added a watch file for italc
  * Imported Upstream version 1.0.13 (Closes: #597759)
  * Acknowlege NMU of David Paleino, thanks. (Closes: #504970)
  * Link to GPL-2 as italc is using this version, according to COPYING
  * Removed dh_desktop call as it is deprecated
  * Add some more overrides
  * Bump standards version to 3.9.1 - no further changes needed
  * Switch to 3.0 (quilt) packaging
  * Add some more info to the short description

 -- Patrick Winnertz <winnie@debian.org>  Fri, 11 Feb 2011 14:50:22 +0100

italc (1:1.0.9-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fixed FTBFS with GCC 4.4, missing #include. Thanks to
    Martin Michlmayr (Closes: #504970)
  * italc-client.lintian-overrides and italc-master.lintian-overrides
    added

 -- David Paleino <dapal@debian.org>  Mon, 21 Dec 2009 15:02:56 +0100

italc (1:1.0.9-1) unstable; urgency=low

  * New upstream release (Closes: #508049)

 -- Patrick Winnertz <winnie@debian.org>  Tue, 17 Mar 2009 11:40:06 +0100

italc (1:1.0.9~rc3-1) unstable; urgency=low

  * Package new upstream version
    - upstream ported the code to qt4.4 (Closes: #481974)

 -- Patrick Winnertz <winnie@debian.org>  Tue, 17 Jun 2008 13:46:54 +0200

italc (1:1.0.8-1) unstable; urgency=low

  * Fix FTBFS by switching from openssl to libssl-dev build-dep. 
    Thanks to Laurent Bigonville <bigon@bigon.be> (Closes: #477022)
  * Packaging new upstream version.
  * 

 -- Patrick Winnertz <winnie@debian.org>  Tue, 13 May 2008 10:54:16 +0200

italc (1:1.0.7-2) unstable; urgency=low

  * Fix FTBFS on amd64 (Closes: #472439)
    + Add patch from upstream

 -- Patrick Winnertz <winnie@debian.org>  Thu, 27 Mar 2008 16:10:54 +0100

italc (1:1.0.7-1) unstable; urgency=low

  * New upstrem release. 

 -- Patrick Winnertz <winnie@debian.org>  Mon, 17 Mar 2008 10:13:42 +0100

italc (1:1.0.6-1) unstable; urgency=low

  * Move Homepage Header from Package Section into global Section.
  * Add the forgotten libitalc.install in order to install the lib correctly.
    Patch ica/Makefile.am and ima/Makefile.am in order to show
    the new place of the lib (Closes: #460889)

 -- Patrick Winnertz <winnie@debian.org>  Tue, 12 Feb 2008 14:47:20 +0100

italc (1:1.0.4-1) unstable; urgency=low

  * New upstream version
  * Add options for dh_shlibdeps to debian/rules to prevent a ftbfs
  * Added new package libitalc to control since now both
    applications needs this lib.
  * Changed my maintainer address.
  * Add compiler flags to rules
  * Modified menu file to fit into the new layout
  * Add Homepage: tag and remove Homepage from description
  * use new standard-version (3.7.3)

 -- Patrick Winnertz <winnie@debian.org>  Wed, 05 Dec 2007 16:28:26 +0100

italc (1:1.0.2-2) unstable; urgency=low

  * Upload of the package to unstable

 -- Patrick Winnertz <patrick.winnertz@skolelinux.org>  Wed, 16 May 2007 13:45:10 +0200

italc (1:1.0.2-1) experimental; urgency=low

  * Packaging new upstream release
  * FTBFS Bug on kfreeBSD send to upstream and this is fixed in 
    this version now. (Closes: #414096)

 -- Patrick Winnertz <patrick.winnertz@skolelinux.org>  Tue, 10 Apr 2007 15:29:41 +0200

italc (1:1.0.0-1) experimental; urgency=low

  * Packaging new upstream version.
    Must use epoch since 1.0.0 seems to be lesser than 1.0.0.0~rc2
  * Added build dependency libxtst-dev
  * Modified rules:
    - Removed build of icon, since this is now upstream
    - Added --with-linux to enable build on kfreeBSD. Thanks to Cyril
    Brulebois. (Closes: #414096)

 -- Patrick Winnertz <patrick.winnertz@skolelinux.org>  Sat, 24 Mar 2007 15:44:11 +0100

italc (1.0.0.0~rc2-1) experimental; urgency=low

  * Packaging new upstream release
  * Adopting this package from Steffen Joeris with his acceptance
  * Increasing the debhelper level to 5
  * Adding the build-depends: 
     - libqt4-dev 
     - zlib1g-dev
     - libjpeg62-dev 
     - openssl
  * italc-master now has a dependency against italc-client, since
    the client server (ica ) also have to run on the master.
  * Updated Copyright file, since some files were removed
  * Removed build depends libxaw7-dev, libqt3-mt-dev, libssl-dev, libxtst-dev
    since they are obsolete
  * Removed patches since upstream adopted them
  * Added README.Debian to make key creation easier for local administrators

 -- Patrick Winnertz <patrick.winnertz@skolelinux.org>  Wed, 27 Dec 2006 20:16:04 +0100

italc (0.9.6.2-3) unstable; urgency=low

  * Change build-depends against libxaw8-dev to libxaw7-dev
    (Closes: #370197)
  * Expand 20-configure.patch to adjust to newer X libraries
    Thanks to Peter Eisentraut
  * Bump standard version to 3.7.2
  * Provide the italc-keygen program which is needed for
    the key generation to enable the connection
    Thanks to Patrick Winnertz for some further skolelinux packaging
  * Fix spelling error in descriptions (Closes: #363282, #363979)
  * Upload sponsored by Morten Werner Olsen.

 -- Steffen Joeris <steffen.joeris@skolelinux.de>  Sun,  4 Jun 2006 13:23:38 +0200

italc (0.9.6.2-2) unstable; urgency=low

  [ Steffen Joeris ]
  * Include patch to prevent italc to segfault on architectures
    where the size of a pointer is greater than the size of
    an integer, such as ia64. (Closes: #340684)
    Thanks to Dann Frazier.

  [ Florian Ragwitz ]
  * Removed build-dep on xlibs-dev, which is deprecated now, and depend on the
    individual libraries we need.

 -- Florian Ragwitz <rafl@debian.org>  Mon,  9 Jan 2006 15:51:40 +0100

italc (0.9.6.2-1) unstable; urgency=low

  * Initial release (Closes: #338678)

 -- Steffen Joeris <steffen.joeris@skolelinux.de>  Sat, 12 Nov 2005 00:20:36 +0100

