Change log for libxstream-java package in Ubuntu
| 1 → 44 of 44 results | First • Previous • Next • Last |
libxstream-java (1.4.19-1ubuntu0.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-41966.patch: XStream serializes Java objects to
XML and back again. Prior versions may allow a remote attacker to
terminate the application with a stack overflow error, resulting in a
denial of service only via manipulation of the processed input stream.
The attack uses the hash code implementation for collections and maps
to force recursive hash calculation causing a stack overflow. This
issue is patched in this version which handles the stack overflow and
raises an InputManipulationException instead. A potential workaround
for users who only use HashMap or HashSet and whose XML refers these
only as default map or set, is to change the default implementation of
java.util.Map and java.util per the code example in the referenced
advisory. However, this implies that your application does not care
about the implementation of the map and all elements are comparable.
(Closes: #1027754)
- CVE-2022-41966
-- Amir Naseredini <email address hidden> Tue, 07 Mar 2023 11:53:30 +0000
Available diffs
libxstream-java (1.4.18-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-41966.patch: XStream serializes Java objects to
XML and back again. Prior versions may allow a remote attacker to
terminate the application with a stack overflow error, resulting in a
denial of service only via manipulation of the processed input stream.
The attack uses the hash code implementation for collections and maps
to force recursive hash calculation causing a stack overflow. This
issue is patched in this version which handles the stack overflow and
raises an InputManipulationException instead. A potential workaround
for users who only use HashMap or HashSet and whose XML refers these
only as default map or set, is to change the default implementation of
java.util.Map and java.util per the code example in the referenced
advisory. However, this implies that your application does not care
about the implementation of the map and all elements are comparable.
(Closes: #1027754)
- CVE-2022-41966
-- Amir Naseredini <email address hidden> Tue, 07 Mar 2023 11:39:13 +0000
Available diffs
libxstream-java (1.4.11.1-1ubuntu0.3) focal-security; urgency=medium
* Merge from Debian.
* SECURITY UPDATE: RCE, DoS, and Obtain Sensitive Information.
- debian/patches/CVE-2021-39154-[1-3].patch: Enable the security
whitelist by default to prevent RCE vulnerabilities. XStream no longer
uses a blacklist because it cannot be secured for general purpose.
- CVE-2021-39139
- CVE-2021-39140
- CVE-2021-39141
- CVE-2021-39144
- CVE-2021-39145
- CVE-2021-39146
- CVE-2021-39147
- CVE-2021-39148
- CVE-2021-39149
- CVE-2021-39150
- CVE-2021-39151
- CVE-2021-39152
- CVE-2021-39153
- CVE-2021-39154
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-41966.patch: XStream serializes Java objects to
XML and back again. Prior versions may allow a remote attacker to
terminate the application with a stack overflow error, resulting in a
denial of service only via manipulation of the processed input stream.
The attack uses the hash code implementation for collections and maps
to force recursive hash calculation causing a stack overflow. This
issue is patched in this version which handles the stack overflow and
raises an InputManipulationException instead. A potential workaround
for users who only use HashMap or HashSet and whose XML refers these
only as default map or set, is to change the default implementation of
java.util.Map and java.util per the code example in the referenced
advisory. However, this implies that your application does not care
about the implementation of the map and all elements are comparable.
(Closes: #1027754)
- CVE-2022-41966
-- Amir Naseredini <email address hidden> Tue, 07 Mar 2023 09:33:10 +0000
Available diffs
libxstream-java (1.4.11.1-1+deb10u4build0.18.04.1) bionic-security; urgency=medium * fake sync from Debian -- Amir Naseredini <email address hidden> Mon, 06 Mar 2023 16:05:36 +0000
Available diffs
| Published in oracular-release |
| Published in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
libxstream-java (1.4.20-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.4.20.
- Fix CVE-2022-41966: (Closes: #1027754)
XStream serializes Java objects to XML and back again. Versions prior to
1.4.20 may allow a remote attacker to terminate the application with a
stack overflow error, resulting in a denial of service only via
manipulation the processed input stream. The attack uses the hash code
implementation for collections and maps to force recursive hash
calculation causing a stack overflow. This issue is patched in version
1.4.20 which handles the stack overflow and raises an
InputManipulationException instead. A potential workaround for users who
only use HashMap or HashSet and whose XML refers these only as default
map or set, is to change the default implementation of java.util.Map and
java.util per the code example in the referenced advisory. However, this
implies that your application does not care about the implementation of
the map and all elements are comparable.
* Declare compliance with Debian Policy 4.6.2.
-- Markus Koschany <email address hidden> Wed, 11 Jan 2023 13:15:53 +0100
Available diffs
- diff from 1.4.19-1 to 1.4.20-1 (15.8 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
libxstream-java (1.4.19-1) unstable; urgency=medium
* New upstream release
- Fixes CVE-2021-43859: Denial of Service when unmarshalling highly
recursive collections or maps
* Standards-Version updated to 4.6.1
-- Emmanuel Bourg <email address hidden> Wed, 25 May 2022 09:11:51 +0200
Available diffs
- diff from 1.4.18-2 to 1.4.19-1 (24.6 KiB)
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
libxstream-java (1.4.18-2) unstable; urgency=medium
* Team upload.
* Depend on libxpp3-java.
Sice mxparser has not been packaged yet we still need to depend on
libxpp3-java in order to not break any reverse-dependencies.
-- Markus Koschany <email address hidden> Mon, 27 Sep 2021 23:24:18 +0200
Available diffs
- diff from 1.4.15-4 to 1.4.18-2 (70.4 KiB)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
libxstream-java (1.4.15-4) unstable; urgency=medium
* Team upload.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse.
* Update pattern for GitHub archive URLs from /<org>/<repo>/tags
page/<org>/<repo>/archive/<tag> -> /<org>/<repo>/archive/refs/tags/<tag>.
* debian/control
- Add Rules-Requires-Root: no
* Add debian/salsa-ci.yml
-- Hideki Yamane <email address hidden> Thu, 01 Jul 2021 20:40:12 +0900
Available diffs
- diff from 1.4.15-3 to 1.4.15-4 (923 bytes)
libxstream-java (1.4.15-3) unstable; urgency=medium
* Team upload.
* debian/patches
- Add 0004-Fix-CVE-2021-29505-from-upstream-commit-Closes-98949.patch to
deal with CVE-2021-29505 (Closes: 98949)
For more detail, see
https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc
-- Hideki Yamane <email address hidden> Thu, 17 Jun 2021 21:45:48 +0900
Available diffs
- diff from 1.4.15-2 to 1.4.15-3 (1.3 KiB)
libxstream-java (1.4.11.1-1~18.04.2) bionic-security; urgency=medium
* Merge from Debian.
* SECURITY UPDATE: Arbitrary code execution.
- debian/patches/CVE-2021-21341-to-CVE-2021-21351.patch: The type
hierarchies for java.io.InputStream, java.nio.channels.Channel,
javax.activation.DataSource and javax.sql.rowsel.BaseRowSet are now
blacklisted as well as the individual types
com.sun.corba.se.impl.activation.ServerTableEntry,
com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator,
sun.awt.datatransfer.DataTransferer$IndexOrderComparator, and
sun.swing.SwingLazyValue. Additionally the internal type
Accessor$GetterSetterReflection of JAXB, the internal types
MethodGetter$PrivilegedGetter and ServiceFinder$ServiceNameIterator of
JAX-WS, all inner classes of javafx.collections.ObservableList and an
internal ClassLoader used in a private BCEL copy are now part of the
default blacklist and the deserialization of XML containing one of the two
types will fail. You will have to enable these types by explicit
configuration, if you need them.
- CVE-2021-21341
- CVE-2021-21342
- CVE-2021-21343
- CVE-2021-21344
- CVE-2021-21345
- CVE-2021-21346
- CVE-2021-21347
- CVE-2021-21348
- CVE-2021-21349
- CVE-2021-21350
- CVE-2021-21351
-- Eduardo Barretto <email address hidden> Wed, 28 Apr 2021 17:06:48 +0200
Available diffs
libxstream-java (1.4.11.1-1ubuntu0.2) focal-security; urgency=medium
* Merge from Debian.
* SECURITY UPDATE: Arbitrary code execution.
- debian/patches/CVE-2021-21341-to-CVE-2021-21351.patch: The type
hierarchies for java.io.InputStream, java.nio.channels.Channel,
javax.activation.DataSource and javax.sql.rowsel.BaseRowSet are now
blacklisted as well as the individual types
com.sun.corba.se.impl.activation.ServerTableEntry,
com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator,
sun.awt.datatransfer.DataTransferer$IndexOrderComparator, and
sun.swing.SwingLazyValue. Additionally the internal type
Accessor$GetterSetterReflection of JAXB, the internal types
MethodGetter$PrivilegedGetter and ServiceFinder$ServiceNameIterator of
JAX-WS, all inner classes of javafx.collections.ObservableList and an
internal ClassLoader used in a private BCEL copy are now part of the
default blacklist and the deserialization of XML containing one of the two
types will fail. You will have to enable these types by explicit
configuration, if you need them.
- CVE-2021-21341
- CVE-2021-21342
- CVE-2021-21343
- CVE-2021-21344
- CVE-2021-21345
- CVE-2021-21346
- CVE-2021-21347
- CVE-2021-21348
- CVE-2021-21349
- CVE-2021-21350
- CVE-2021-21351
-- Eduardo Barretto <email address hidden> Wed, 28 Apr 2021 15:01:42 +0200
Available diffs
libxstream-java (1.4.11.1-2ubuntu0.1) groovy-security; urgency=medium
* Merge from Debian
* SECURITY UPDATE: Command Injection Vulnerability
- debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids
vulnerability due to improper setup and update security vulnerability
test to test default.
- debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the
local host.
- CVE-2020-26217
- CVE-2020-26259
* SECURITY UPDATE: Server-Side Request Forgery Vulnerability
- debian/patches/CVE-2020-26258.patch: Fix access data streams from an
arbitrary URL.
- CVE-2020-26258
* SECURITY UPDATE: Arbitrary code execution.
- debian/patches/CVE-2021-21341-to-CVE-2021-21351.patch: The type
hierarchies for java.io.InputStream, java.nio.channels.Channel,
javax.activation.DataSource and javax.sql.rowsel.BaseRowSet are now
blacklisted as well as the individual types
com.sun.corba.se.impl.activation.ServerTableEntry,
com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator,
sun.awt.datatransfer.DataTransferer$IndexOrderComparator, and
sun.swing.SwingLazyValue. Additionally the internal type
Accessor$GetterSetterReflection of JAXB, the internal types
MethodGetter$PrivilegedGetter and ServiceFinder$ServiceNameIterator of
JAX-WS, all inner classes of javafx.collections.ObservableList and an
internal ClassLoader used in a private BCEL copy are now part of the
default blacklist and the deserialization of XML containing one of the two
types will fail. You will have to enable these types by explicit
configuration, if you need them.
- CVE-2021-21341
- CVE-2021-21342
- CVE-2021-21343
- CVE-2021-21344
- CVE-2021-21345
- CVE-2021-21346
- CVE-2021-21347
- CVE-2021-21348
- CVE-2021-21349
- CVE-2021-21350
- CVE-2021-21351
* Add a new maven rule to fix FTBFS.
- debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt.
-- Eduardo Barretto <email address hidden> Thu, 29 Apr 2021 11:59:58 +0200
Available diffs
libxstream-java (1.4.15-1ubuntu0.1) hirsute-security; urgency=medium
* Merge from Debian
* SECURITY UPDATE: Arbitrary code execution.
- debian/patches/CVE-2021-21341-to-CVE-2021-21351.patch: The type
hierarchies for java.io.InputStream, java.nio.channels.Channel,
javax.activation.DataSource and javax.sql.rowsel.BaseRowSet are now
blacklisted as well as the individual types
com.sun.corba.se.impl.activation.ServerTableEntry,
com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator,
sun.awt.datatransfer.DataTransferer$IndexOrderComparator, and
sun.swing.SwingLazyValue. Additionally the internal type
Accessor$GetterSetterReflection of JAXB, the internal types
MethodGetter$PrivilegedGetter and ServiceFinder$ServiceNameIterator of
JAX-WS, all inner classes of javafx.collections.ObservableList and an
internal ClassLoader used in a private BCEL copy are now part of the
default blacklist and the deserialization of XML containing one of the two
types will fail. You will have to enable these types by explicit
configuration, if you need them.
- CVE-2021-21341
- CVE-2021-21342
- CVE-2021-21343
- CVE-2021-21344
- CVE-2021-21345
- CVE-2021-21346
- CVE-2021-21347
- CVE-2021-21348
- CVE-2021-21349
- CVE-2021-21350
- CVE-2021-21351
-- Eduardo Barretto <email address hidden> Mon, 10 May 2021 15:43:39 +0200
Available diffs
libxstream-java (1.4.15-2) unstable; urgency=high
* Team upload.
* Fix CVE-2021-21341 to CVE-2021-21351:
In XStream there is a vulnerability which may allow a remote attacker to
load and execute arbitrary code from a remote host only by manipulating the
processed input stream.
The type hierarchies for java.io.InputStream, java.nio.channels.Channel,
javax.activation.DataSource and javax.sql.rowsel.BaseRowSet are now
blacklisted as well as the individual types
com.sun.corba.se.impl.activation.ServerTableEntry,
com.sun.tools.javac.processing.JavacProcessingEnvironment$NameProcessIterator,
sun.awt.datatransfer.DataTransferer$IndexOrderComparator, and
sun.swing.SwingLazyValue. Additionally the internal type
Accessor$GetterSetterReflection of JAXB, the internal types
MethodGetter$PrivilegedGetter and ServiceFinder$ServiceNameIterator of
JAX-WS, all inner classes of javafx.collections.ObservableList and an
internal ClassLoader used in a private BCEL copy are now part of the
default blacklist and the deserialization of XML containing one of the two
types will fail. You will have to enable these types by explicit
configuration, if you need them.
-- Markus Koschany <email address hidden> Sat, 03 Apr 2021 19:17:05 +0200
Available diffs
- diff from 1.4.15-1 to 1.4.15-2 (2.9 KiB)
libxstream-java (1.4.11.1-1~18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: Command Injection Vulnerability
- debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids
vulnerability due to improper setup and update security vulnerability
test to test default.
- debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the
local host.
- CVE-2020-26217
- CVE-2020-26259
* SECURITY UPDATE: Server-Side Request Forgery Vulnerability
- debian/patches/CVE-2020-26258.patch: Fix access data streams from an
arbitrary URL.
- CVE-2020-26258
* Add a new maven rule to fix FTBFS.
- debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt.
-- Paulo Flabiano Smorigo <email address hidden> Thu, 28 Jan 2021 14:36:59 +0000
libxstream-java (1.4.11.1-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Command Injection Vulnerability
- debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids
vulnerability due to improper setup and update security vulnerability
test to test default.
- debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the
local host.
- CVE-2020-26217
- CVE-2020-26259
* SECURITY UPDATE: Server-Side Request Forgery Vulnerability
- debian/patches/CVE-2020-26258.patch: Fix access data streams from an
arbitrary URL.
- CVE-2020-26258
* Add a new maven rule to fix FTBFS.
- debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt.
-- Paulo Flabiano Smorigo <email address hidden> Wed, 27 Jan 2021 12:57:43 +0000
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
libxstream-java (1.4.15-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.4.15. (Closes: #977624, #977625)
- Fix CVE-2020-26258: A Server-Side Forgery Request can be activated
unmarshalling with XStream to access data streams from an arbitrary URL
referencing a resource in an intranet or the local host.
- Fix CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion
on the local host when unmarshalling as long as the executing process has
sufficient rights.
Thanks to Salvatore Bonaccorso for the report.
* Ignore dependency on libjaxws-java.
-- Markus Koschany <email address hidden> Fri, 18 Dec 2020 01:51:35 +0100
Available diffs
- diff from 1.4.14-1 to 1.4.15-1 (10.6 KiB)
libxstream-java (1.4.14-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.4.14.
- Fix CVE-2020-26217: may allow a remote attacker to run arbitrary shell
commands only by manipulating the processed input stream.
* Switch to debhelper-compat = 13.
* Declare compliance with Debian Policy 4.5.1.
* Ignore org.apache.maven.plugins:maven-antrun-plugin:jar.
-- Markus Koschany <email address hidden> Thu, 19 Nov 2020 20:46:52 +0100
Available diffs
- diff from 1.4.11.1-2 to 1.4.14-1 (52.0 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
libxstream-java (1.4.11.1-2) unstable; urgency=medium * Removed the dependency on libstax-java * Standards-Version updated to 4.5.0 * Use salsa.debian.org Vcs-* URLs -- Emmanuel Bourg <email address hidden> Sun, 05 Apr 2020 23:08:19 +0200
Available diffs
- diff from 1.4.11.1-1 to 1.4.11.1-2 (1.5 KiB)
| Obsolete in cosmic-updates |
| Superseded in bionic-updates |
| Obsolete in cosmic-security |
| Superseded in bionic-security |
| Deleted in cosmic-proposed (Reason: moved to -updates) |
| Deleted in bionic-proposed (Reason: moved to -updates) |
libxstream-java (1.4.11.1-1~18.04) bionic; urgency=medium * Backport for OpenJDK 11. LP: #1814133.
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Obsolete in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
libxstream-java (1.4.11.1-1) unstable; urgency=medium * Team upload. * New upstream version 1.4.11.1. -- Markus Koschany <email address hidden> Sun, 11 Nov 2018 00:04:59 +0100
Available diffs
- diff from 1.4.10-1 to 1.4.11.1-1 (46.1 KiB)
libxstream-java (1.4.7-1ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: handle void type class (LP: #1780844) - d/p/CVE-2017-7957.patch: Prevent deserialization of void. - CVE-2017-7957 -- Dan Streetman <email address hidden> Mon, 09 Jul 2018 15:29:05 -0400
Available diffs
libxstream-java (1.4.8-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: handle void type class (LP: #1780844) - d/p/CVE-2017-7957.patch: Prevent deserialization of void. - CVE-2017-7957 -- Dan Streetman <email address hidden> Mon, 09 Jul 2018 15:21:51 -0400
Available diffs
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
libxstream-java (1.4.10-1) unstable; urgency=medium
* New upstream release
- Removed CVE-2017-7957.patch (fixed upstream)
* Standards-Version updated to 3.9.8
* Switch to debhelper level 10
-- Emmanuel Bourg <email address hidden> Tue, 20 Jun 2017 10:22:33 +0200
Available diffs
- diff from 1.4.9-2 to 1.4.10-1 (107.5 KiB)
libxstream-java (1.4.9-2) unstable; urgency=medium
* Fixed CVE-2017-7957: Attempts to create an instance of the primitive
type 'void' during unmarshalling lead to a remote application crash.
(Closes: #861521)
-- Emmanuel Bourg <email address hidden> Tue, 02 May 2017 16:52:35 +0200
Available diffs
- diff from 1.4.9-1 to 1.4.9-2 (1.6 KiB)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
libxstream-java (1.4.9-1) unstable; urgency=medium
* New upstream release
- Fixes CVE-2016-3674: XML External Entity vulnerability (Closes: #819455)
- Ignore the new xstream-jmh module
- Updated the Maven rules
* No longer build the xstream-benchmark module (never used in Debian)
* Build with maven-debian-helper
* Depend on libcglib-nodep-java instead of libcglib3-java
* Standards-Version updated to 3.9.7 (no changes)
* Use secure Vcs-* fields
* Updated the old references to codehaus.org
-- Emmanuel Bourg <email address hidden> Tue, 29 Mar 2016 12:05:49 +0200
Available diffs
- diff from 1.4.8-1 to 1.4.9-1 (91.5 KiB)
| Superseded in yakkety-release |
| Published in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
libxstream-java (1.4.8-1) unstable; urgency=medium * New upstream release * Added a patch to compile with Java 7 * Moved the package to Git -- Emmanuel Bourg <email address hidden> Wed, 29 Apr 2015 17:53:25 +0200
Available diffs
- diff from 1.4.7-2 to 1.4.8-1 (26.5 KiB)
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
libxstream-java (1.4.7-2) unstable; urgency=medium * Depend on libcglib3-java instead of libcglib-java * Standards-Version updated to 3.9.6 (no changes) -- Emmanuel Bourg <email address hidden> Mon, 29 Sep 2014 19:53:09 +0200
Available diffs
- diff from 1.4.7-1 to 1.4.7-2 (1.1 KiB)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
libxstream-java (1.4.7-1) unstable; urgency=low
* New upstream release
- Fixes CVE-2013-7285 (Closes: #734821)
- Added a dependency on libjdom2-java
* Standards-Version updated to 3.9.5 (no changes)
* Use XZ compression for the upstream tarball
* Build depend on debhelper >= 9
* debian/copyright: Updated to the Copyright Format 1.0
-- Emmanuel Bourg <email address hidden> Wed, 12 Mar 2014 14:06:33 +0100
Available diffs
- diff from 1.4.4-1 to 1.4.7-1 (127.4 KiB)
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
libxstream-java (1.4.4-1) unstable; urgency=low * New upstream release * Update Standards-Version: 3.9.4 (no changes) * Use canonical URLs for the Vcs-* fields * debian/rules: Improved the clean target to allow rebuilds -- Emmanuel Bourg <email address hidden> Tue, 02 Jul 2013 22:38:00 +0200
Available diffs
- diff from 1.4.2-1 to 1.4.4-1 (34.2 KiB)
libxstream-java (1.4.2-1) unstable; urgency=low
[ tony mancill ]
* Remove Michael Koch from Uploaders (Closes: #654106)
* Update Standards-Version: 3.9.3.
[ Damien Raude-Morvan ]
* New upstream release:
- Add Build-Depends on libstax-java, libwoodstox-java, libstax2-api-java
and libkxml2-java (and Suggests).
* Use maven-ant-helper for build:
- Add Build-Depends on maven-ant-helper.
- New debian/build.xml.
- Drop patch on MANIFEST.MF update and use jh_manifest.
- Add Build-Depends on javahelper.
* Add myself as Uploader.
-- Damien Raude-Morvan <email address hidden> Mon, 28 May 2012 23:14:16 +0200
Available diffs
- diff from 1.3.1-7 (in Ubuntu) to 1.4.2-1 (343.8 KiB)
libxstream-java (1.3.1-7) unstable; urgency=low * Switch to source format 3.0. * Update Standards-Version: 3.9.1. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 17 Oct 2011 11:13:04 +0000
Available diffs
- diff from 1.3.1-6 to 1.3.1-7 (994 bytes)
| Superseded in precise-release |
| Obsolete in oneiric-release |
| Superseded in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
| Obsolete in lucid-release |
libxstream-java (1.3.1-6) unstable; urgency=low
[ Onkar Shinde ]
* debian/control
- Add quilt build dependency.
* debian/rules
- Include patchsys-quilt.mk rule.
* debian/patches/01_fix_classpath.diff
- Add appropriate jar files in classpath using manifest attribute.
(LP: #457660)
* debian/patches/series
- Create new and include the new patch added.
* debian/README.source
- Add to comply with policy.
[ Michael Koch ]
* Added myself to Uploaders.
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 17 Nov 2009 17:46:26 +0000
Available diffs
- diff from 1.3.1-5 to 1.3.1-6 (1.4 KiB)
libxstream-java (1.3.1-5) unstable; urgency=low * Switch to default-jdk * Build-Depends: replace cglib2.1 with cglib (Closes: #550613) * Bump Standards-Version to 3.8.3 * Bump dh compat to 7
Available diffs
- diff from 1.3.1-1ubuntu3 to 1.3.1-5 (1.9 KiB)
libxstream-java (1.3.1-1ubuntu4) karmic-proposed; urgency=low * Add maven POM. LP: #461090. -- Matthias Klose <email address hidden> Mon, 26 Oct 2009 16:44:26 +0100
Available diffs
libxstream-java (1.3.1-1ubuntu3) karmic; urgency=low * debian/rules: Set JAVA_HOME to match with default-jdk -- Thierry Carrez <email address hidden> Fri, 21 Aug 2009 11:34:27 +0200
Available diffs
- diff from 1.3.1-1ubuntu2 to 1.3.1-1ubuntu3 (511 bytes)
| Superseded in karmic-release |
libxstream-java (1.3.1-1ubuntu2) karmic; urgency=low
* debian/control:
- Build-depend on default-jdk (LP: #416377)
- Bump minimal runtime dependency to java5-runtime-headless (LP: #416401)
-- Thierry Carrez <email address hidden> Thu, 20 Aug 2009 16:06:29 +0200
Available diffs
- diff from 1.3.1-1ubuntu1 to 1.3.1-1ubuntu2 (797 bytes)
| Superseded in karmic-release |
libxstream-java (1.3.1-1ubuntu1) karmic; urgency=low
* debian/control: Set libxstream-java runtime dependency on
"default-jre-headless | java2-runtime-headless" (LP: #387884)
-- Thierry Carrez <email address hidden> Thu, 18 Jun 2009 14:44:21 +0200
Available diffs
- diff from 1.3.1-1 to 1.3.1-1ubuntu1 (727 bytes)
libxstream-java (1.3.1-1) unstable; urgency=low * New upstream release * Minor cleanups -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 29 Apr 2009 12:02:47 +0100
Available diffs
- diff from 1.3-4 to 1.3.1-1 (86.6 KiB)
libxstream-java (1.3-4) unstable; urgency=low
* Fix java bytecode / java runtime version mismatch by setting -source
and -target to 1.5 (Closes: #503789)
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 05 Nov 2008 10:38:22 +0000
Available diffs
- diff from 1.3-3build1 to 1.3-4 (640 bytes)
libxstream-java (1.3-3build1) intrepid; urgency=low * Rebuild to recover the binaries Soyuz ate -- Emmet Hikory <email address hidden> Mon, 13 Oct 2008 22:14:48 +0900
Available diffs
- diff from 1.3-3 to 1.3-3build1 (294 bytes)
libxstream-java (1.3-3) unstable; urgency=low * Really move package to main.
Available diffs
- diff from 1.3-1 to 1.3-3 (837 bytes)
libxstream-java (1.3-1) unstable; urgency=low * New upstream release * Add myself to Uploaders * Bump Standards-Version to 3.7.3 * Remove patches/encoding.diff - not required -- Ubuntu Archive Auto-Sync <email address hidden> Sun, 04 May 2008 15:02:46 +0100
libxstream-java (1.2.2-1) unstable; urgency=low * initial version (Closes: #453149) -- Michael Bienia <email address hidden> Wed, 13 Feb 2008 18:19:38 +0000
| 1 → 44 of 44 results | First • Previous • Next • Last |
