jabref (3.8.1+ds-3+deb9u1) stretch; urgency=medium [ gregor herrmann & tony mancill ] * Add patch from upstream commit to fix CVE-2018-1000652: XML External Entity attack. Thanks to Moritz Muehlenhoff for the bug report. (Closes: #921772) -- gregor herrmann <email address hidden> Sun, 10 Feb 2019 20:25:26 +0100