Import of release 1.0.5

1 files changed, 17 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 6177fc7..67dfd34 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+2009-07-02  Henning Makholm  <henning@makholm.net>
+
+	* Version 1.0.5
+	* Fix various bugs if extracted part of image contains pixels with
+	  negative canvas-based coordinates. Thanks to J\"orgen Grahn for
+	  reporting these. (Debian bug #533361).
+	* One of the fixed bugs was a buffer overrun which would allow a
+	  remote attacker to execute arbitrary if he could trick a user
+	  into converting an appropriately crafted XCF file with either
+	  the -C or the -O option. CVE-2009-2175.
+	* Fix another bug with interpretation of -C flag, which would
+	  convert the *intersection* of the visible layers rather than
+	  their *union*, as intended. Did I ever test this stuff?
+	* Minor manpage fixes; -C description should be less confusing now.
+	* Apply patch from Marcus Alanen for easier RPM packaging:
+	  $(DESTDIR) honored in Makefile's install target, spec file added.
+
 2006-05-14  Henning Makholm  <henning@makholm.net>
 
 	* Version 1.0.4