debian/changelog: describe upstream changes more clearly
Emphasize that these changes were cherry-picked from upstream.
Focus on the new behavior instead of just saying how the old version
misbehaved.
diff --git a/debian/changelog b/debian/changelog
index 0c67ae1..9a7cce5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,23 +1,24 @@
xz-utils (5.0.0-2.1) stable; urgency=low
- * liblzma:
- - If asked to compress a zero-length buffer,
- lzma_easy_buffer_encode() and lzma_stream_buffer_encode() would
- write a Block with an empty LZMA2 stream, which unxz and liblzma
- versions before 5.0.2 cannot read.
- - lzma_stream_encoder() leaked memory.
- - lzma_index_init() would segfault on allocation failure.
- * xz and scripts:
- - "xz -v -v --list" would read and try to free() uninitialized
- memory, continuing past the end of an on-stack array, when
- describing certain corrupted XZ files.
- - The exit status from xzdiff did not reflect whether the two
- compressed files being compared differed. Closes: #635501.
- Thanks to Peter Pallinger.
- - The Czech “xz --help” output uses a more correct term for files
- with holes. Closes: #605762. Thanks to Petr Hubený.
- - The Italian translation for “Unknown file format type” had an
- extra ‘N’.
+ * Fixes from upstream:
+ * liblzma:
+ - lzma_easy_buffer_encode() and lzma_stream_buffer_encode()
+ avoid writing Blocks with empty compressed data that xz and
+ liblzma versions before 5.0.2 cannot read.
+ - Plugs a memory leak in lzma_stream_encoder().
+ - lzma_index_init() returns NULL instead of segfaulting on
+ allocation failure.
+ * "xz -v -v --list" does not free() filter options unless the
+ filter options array has been initialized. This prevents
+ reading and free()ing pointers from past the end of an on-stack
+ array when one of the listed files has an unmeaningful Block
+ header size.
+ * The exit status from “xzdiff foo.xz bar.xz” reflects whether
+ files differ. Thanks to Peter Pallinger. Closes: #635501.
+ * The Czech “xz --help” output uses a more correct term for files
+ with holes. Thanks to Petr Hubený. Closes: #605762.
+ * The Italian diagnostic for an invalid --format argument lost an
+ extra 'N'.
* debian/rules: "chmod +x tests/test_scripts.sh" for new xzdiff
tests.
* debian/symbols: Bump minimal versions for lzma_easy_buffer_encode