Changelog
libspring-2.5-java (2.5.6.SEC01-1) unstable; urgency=low
* New upstream release.
- [SECURITY] Include fix for CVE-2009-1190:
Spring Framework Remote Denial of Service Vulnerability
* Refresh all debian/patches to handle Spring linefeed change
* New patch 11_servlet_api_api to handle compat with
Servlet 2.5 and JSP 2.1 API's. Remove MockPageContext
from exclusion list in debian/excludesfiles/mainmock
* Use JRuby 1.1 instead of 1.0:
- debian/classpath-debian: replace jruby1.0 by jruby1.1
- debian/control: change Build-Depends for jruby1.1 package
and Suggest for spring-context package
- debian/patches/10_jruby_11.dpatch: update Spring
source code to be compliant with jruby 1.1
* Now build with testng:
- Add Build-Depends on testng in debian/control
- Add Recommends on testng to spring-test module
- Update debian/excludesfiles/tigermock
- Add this testng.jar to debian/classpath-debian
* debian/watch:
- new upstream releases are not on sf.net anymore
- upstream download site is not checkeable by uscan
(need POST request - form submit - to access to download area)
* debian/README.Debian: complete list of changes regarding upstream modules
* debian/copyright: Debian packaging should be licenced under same licence as
upstream. Clarify Apache 2.0 licence copyright attribution.
-- Damien Raude-Morvan <email address hidden> Wed, 27 May 2009 20:25:01 +0200
