Change log for ruby-sanitize package in Debian

ruby-sanitize (6.0.2-2) unstable; urgency=medium

  * Team upload
  * No-change source-only upload

 -- Abhijith PA <email address hidden>  Thu, 25 Jan 2024 12:00:39 +0530

Available diffs

• diff from 6.0.2-1 to 6.0.2-2 (296 bytes)

ruby-sanitize (6.0.2-1) unstable; urgency=medium

  * Team upload

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster

  [Abhijith PA]
  * New upstream release
    Fix CVE-2023-36823 (Closes: #1041430)
  * Remove X*-Ruby fields
  * Bump Standards-Version to 4.6.2

 -- Abhijith PA <email address hidden>  Sun, 10 Dec 2023 22:52:54 +0530

Available diffs

• diff from 6.0.0-1.1 to 6.0.2-1 (30.3 KiB)

ruby-sanitize (6.0.0-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Update tests to remove deprecated minitest 'must_be'
  * Forcibly escape content in "unescaped text" elements inside math or svg
    namespaces
  * Always remove `<noscript>` elements (CVE-2023-23627) (Closes: #1030047)

 -- Salvatore Bonaccorso <email address hidden>  Mon, 20 Feb 2023 20:28:45 +0100

Available diffs

• diff from 6.0.0-1 to 6.0.0-1.1 (15.5 KiB)

ruby-sanitize (6.0.0-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 6.0.0
  * Do not depend on ruby-nokogumbo
  * Update years of upstream copyright
  * Update ruby-nokogiri version constraint

 -- Lucas Kanashiro <email address hidden>  Thu, 27 Jan 2022 16:56:32 -0300

Available diffs

• diff from 5.2.3-1 to 6.0.0-1 (3.3 KiB)

ruby-sanitize (5.2.3-1) unstable; urgency=medium

  * Team upload.
  * New upstream release.
    - Fixes issue when using keyword arguments (closes: #996381).
  * d/control: Add Rules-Requires-Root field.
    (Standards-Version): Bump to 4.6.0.
    (Build-Depends): Bump ruby-nokogiri version. Bump ruby-nokogumbo to
    Ruby 3.0 compatible version (causing #996381 as well).
    (Depends): Remove interpreters and use ${ruby:Depends}.
  * d/copyright (Copyright): Update and add team.
  * d/rules: Install upstream changelog.
  * d/upstream/metadata: Add missing fields.

 -- Daniel Leidert <email address hidden>  Wed, 24 Nov 2021 00:34:42 +0100

Available diffs

• diff from 5.2.1-2 to 5.2.3-1 (3.7 KiB)

ruby-sanitize (5.2.1-2) unstable; urgency=medium

  * Team upload
  * Reupload to unstable
  * Add Breaks: ruby-gollum-lib (<< 4.2.7.9-2~)

 -- Pirate Praveen <email address hidden>  Tue, 01 Dec 2020 20:05:08 +0530

Available diffs

• diff from 4.6.6-2.1 to 5.2.1-2 (26.4 KiB)

ruby-sanitize (5.2.1-1) experimental; urgency=medium

  * Team upload

  [ Utkarsh Gupta ]
  * Add salsa-ci.yml

  [ Debian Janitor ]
  * Use secure copyright file specification URI.
  * Bump debhelper from old 11 to 12.
  * Set debhelper-compat version in Build-Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
    Repository-Browse.
  * Update standards version to 4.2.1, no changes needed.

  [ Cédric Boutillier ]
  * Update team name
  * Add .gitattributes to keep unwanted files out of the source package

  [ Pirate Praveen ]
  * New upstream version 5.2.1
  * Drop patches applied upstream
  * Bump minimum version of ruby-nokogumbo ro 2.0~
  * Bump Standards-Version to 4.5.0 (no changes needed)

 -- Pirate Praveen <email address hidden>  Thu, 12 Nov 2020 16:41:09 +0530

ruby-sanitize (4.6.6-2.1~deb10u1) buster-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Rebuild for buster-security

 -- Salvatore Bonaccorso <email address hidden>  Sat, 18 Jul 2020 21:11:58 +0200

ruby-sanitize (4.6.6-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * fix: Don't treat :remove_contents as `true` when it's an Array
  * feat: Remove useless filtered element content by default
  * Fix sanitization bypass in HTML foreign content (CVE-2020-4054)
    (Closes: #963808)

 -- Salvatore Bonaccorso <email address hidden>  Sun, 12 Jul 2020 15:02:54 +0200

Available diffs

• diff from 4.6.6-2 to 4.6.6-2.1 (5.0 KiB)

ruby-sanitize (2.1.0-2+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Inproper filtering by libxml2 leads to HTML injection vulnerability
    (CVE-2018-3740) (Closes: #893610)
  * Drop fix-tests-sanitize.patch patch

 -- Salvatore Bonaccorso <email address hidden>  Wed, 26 Dec 2018 23:32:37 +0100

ruby-sanitize (4.6.6-2) unstable; urgency=medium

  * Team upload.
  * Fix test against Nokogiri 1.10

 -- Antonio Terceiro <email address hidden>  Thu, 07 Feb 2019 18:15:34 -0200

Available diffs

• diff from 4.6.6-1 to 4.6.6-2 (783 bytes)

ruby-sanitize (4.6.6-1) unstable; urgency=medium

  * Team upload
  * New upstream version 4.6.6
  * Bump Standards-Version to 4.2.0 (no changes needed)

 -- Pirate Praveen <email address hidden>  Thu, 23 Aug 2018 15:36:48 +0530

Available diffs

• diff from 2.1.0-2 to 4.6.6-1 (48.7 KiB)

ruby-sanitize (4.6.5-1) experimental; urgency=medium

  * Team upload

  [ Cédric Boutillier ]
  * Remove version in the gem2deb build-dependency
  * Use https:// in Vcs-* fields
  * Use https:// in Vcs-* fields

  [ Pirate Praveen ]
  * New upstream version 4.6.5 (Closes: #893610) (Fixes: CVE-2018-3740)
  * Bump Standards-Version to 4.1.4 (no changes needed)
  * Bump debhelper compatibility level to 11
  * Use salsa.debian.org in Vcs-* fields
  * Update gemwatch url
  * Update dependencies, add Testsuite field
  * Check dependencies during build

 -- Pirate Praveen <email address hidden>  Wed, 13 Jun 2018 16:27:12 +0530

ruby-sanitize (2.1.0-2) unstable; urgency=medium

  * Team upload.
  * Add fix-tests-sanitize.patch
    - Make tests use Debian nokogiri syntax (Closes: #808450)
  * Bump Standards Version (No changes).
  * Fix Vcs-* links to use secure protocol.
  * Bump debhelper compatibility.

 -- Balasankar C <email address hidden>  Thu, 25 Feb 2016 11:34:19 +0530

Available diffs

• diff from 2.1.0-1 to 2.1.0-2 (1.7 KiB)

ruby-sanitize (2.1.0-1) unstable; urgency=low


  * Initial release (Closes: #739114)

 -- Jonas Genannt <email address hidden>  Sat, 15 Feb 2014 23:39:50 +0100