[jackrabbit] 21/21: Update changelog for 2.10.1-1

Markus Koschany apo-guest at moszumanska.debian.org
Sat Jun 20 22:06:22 UTC 2015 

This is an automated email from the git hooks/post-receive script.

apo-guest pushed a commit to branch master
in repository jackrabbit.

commit db5bd98dd7e2523a16d1eade6fa9f85f770a9353
Author: Markus Koschany <apo at gambaru.de>
Date:   Sat Jun 20 23:19:42 2015 +0200

    Update changelog for 2.10.1-1
---
 debian/changelog | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 286811e..da81c72 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,31 @@
-jackrabbit (2.10.1-1) UNRELEASED; urgency=medium
+jackrabbit (2.10.1-1) unstable; urgency=high
 
   * Team upload.
-  * New upstream release.
+  * Imported Upstream version 2.10.1.
+    - Fix CVE-2015-1833 (Closes: #787316)
+      When processing a WebDAV request body containing XML, the XML parser can
+      be instructed to read content from network resources accessible to the
+      host, identified by URI schemes such as "http(s)" or "file". Depending on
+      the WebDAV request, this can not only be used to trigger internal network
+      requests, but might also be used to insert said content into the request,
+      potentially exposing it to the attacker and others.
+  * Update watch file and track upstream's stable releases.
+  * Update get-orig-source-target. Download the current version.
+  * Drop orig-tar.sh script. We use upstream's tarballs now.
+  * Repack the orig tarball. Change compression from zip to tar.xz.
+  * Remove maven.publishedRules. It is not needed.
+  * Use compat level 9 and require debhelper >= 9.
+  * Declare compliance with Debian Policy 3.9.6.
+  * Use canonical Vcs fields.
+  * wrap-and-sort -sa.
+  * Drop modules.diff because we disable all modules except webdav in
+    libjackrabbit.poms already.
+  * Fix Format field. Add myself to debian/ copyright holders.
+  * Use Files-Excluded mechanism to remove binary files.
+  * Fix lintian warnings dep5-copyright-license-name-not-unique
+    and comma-separated-files-in-dep5-copyright.
 
- -- Markus Koschany <apo at gambaru.de>  Sat, 20 Jun 2015 20:50:22 +0200
+ -- Markus Koschany <apo at gambaru.de>  Sat, 20 Jun 2015 23:14:43 +0200
 
 jackrabbit (2.3.6-1) unstable; urgency=low
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/jackrabbit.git

More information about the pkg-java-commits mailing list