-
batik (1.7+dfsg-5+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the LTS team.
* Fix CVE-2017-5662: XXE information disclosure. (Closes: #860566)
* Fix CVE-2018-8013: information disclosure when deserializing a subclass of
AbstractDocument. (Closes: #899374)
-- Markus Koschany <email address hidden> Wed, 30 May 2018 18:25:57 +0200
-
batik (1.7+dfsg-5) unstable; urgency=medium
[ tony mancill ]
* Team upload.
* Update homepage URL to https://xmlgraphics.apache.org/batik/ in
debian/control and debian/copyright. (Closes: #771539)
* Add debian/patches/cve_2015_0250.patch to disable external XML entity
resolution (information disclosure). This addresses CVE-2015-0250.
(Closes: #780897)
[ Emmanuel Bourg ]
* Replaced the Build-Id in the manifests with a constant value
to make the build reproducible.
-- tony mancill <email address hidden> Sat, 21 Mar 2015 15:24:17 -0700
-
batik (1.7+dfsg-4) unstable; urgency=low
* Team upload.
[ Jakub Adam ]
* Add OSGi metadata to JAR manifests.
[ Markus Koschany ]
* debian/rules: Set JAVA_HOME_DIRS to /usr/lib/jvm/default-java,
build-depend on default-jdk and not on openjdk6-jdk |
openjdk-7-jdk anymore. Fixes FTBFS with pbuilder-satisfydepends-classic.
(Closes: #725461)
* Bump Standards-Version to 3.9.4, no changes.
* Bump compat level to 9 and require debhelper >= 9.
* Use canonical VCS-URI.
* Remove Michael Koch from Uploaders. (Closes: #653996)
* libatik-java: Drop all jre/jdk dependencies. Recommend default-jre instead.
* Run wrap-and-sort -sa
* Add DEP-3 header to all patches.
-- Markus Koschany <email address hidden> Mon, 14 Oct 2013 12:49:09 +0200
-
batik (1.7+dfsg-3) unstable; urgency=low
* Team upload.
* Fix too strict Java JRE dependency. (Closes: #678612)
-- Niels Thykier <email address hidden> Sat, 23 Jun 2012 15:04:32 +0200
