-
batik (1.7.ubuntu-8ubuntu1.1) precise-security; urgency=medium
* SECURITY UPDATE: XML external entity information disclosure
- debian/patches/cve_2015_0250.patch: disable external entities in
sources/org/apache/batik/dom/util/SAXDocumentFactory.java.
- Thanks to Debian for the patch backport.
- CVE-2015-0250
-- Marc Deslauriers <email address hidden> Tue, 24 Mar 2015 10:52:23 -0400
-
batik (1.7.ubuntu-8ubuntu1) precise; urgency=low
* Merge from Debian testing (LP: #946158), remaining changes:
+ fix upstream version since we're stuck with this fake upstream version
until the next upstream release
- update debian/rules
* Drop debian/patches/series diff as Debian now has their own version
which works fine
* Mark Vcs-* as XS-Debian-Vcs-*
- update debian/control
batik (1.7-8) unstable; urgency=low
* Fix FTBS with recent openjdk (closes: #643508)
* Bump to newer standards version, no changes required
batik (1.7-7) unstable; urgency=low
* Re-enable all patches that had mistakenly been disabled by switching to
source format 3.0 (quilt) (closes: #604871)
* Already conforms to standards 3.9.1
-- Micah Gersten <email address hidden> Sun, 04 Mar 2012 02:36:50 -0600
-
batik (1.7.ubuntu-6ubuntu1) natty; urgency=low
* Fakesync from Debian unstable. (LP: #681078)
* Add a debian/patches/series file so patches are applied (also reported
in Debian #604871, however since we can't currently sync their version
we should fix it in Ubuntu too).
* Debian changes from 1.7-5 to 1.7-6 are:
[ Vincent Fourmond ]
* Really fix the dependency on java runtime to only pull headless
runtimes
[ Gabriele Giacone ]
* Added Maven support
* Standards-Version to 3.8.4
* Source format 3.0 (quilt)
* Debian changes from 1.7-4 to 1.7-5 are:
[ Vincent Fourmond ]
* Dropped the dependency on openjdk-6-jre, in profit for
openjdk-6-jre-headless, so we won't pull the whole Gtk libraries just
for using fop (closes: #551545).
* Already conforms to standards 3.8.3
* Removing Arnaud Vandyck from Uploaders as he did retire. Many thanks
for your work on batik !
-- Andrew Ross <email address hidden> Wed, 24 Nov 2010 21:37:30 +0000