undertow (2.2.5-1) unstable; urgency=medium * New upstream version 2.2.5. -- Markus Koschany Sat, 13 Mar 2021 22:38:51 +0100 undertow (2.2.4-1) unstable; urgency=medium * New upstream version 2.2.4. * Ignore org.codehaus.mojo:exec-maven-plugin. * Ignore jakartaee9 module for now. -- Markus Koschany Fri, 12 Feb 2021 01:33:30 +0100 undertow (2.2.3-1) unstable; urgency=medium * New upstream version 2.2.3. * Declare compliance with Debian Policy 4.5.1. -- Markus Koschany Sat, 12 Dec 2020 21:34:54 +0100 undertow (2.2.2-1) unstable; urgency=medium * New upstream version 2.2.2. -- Markus Koschany Sun, 11 Oct 2020 14:38:18 +0200 undertow (2.2.0-1) unstable; urgency=medium * New upstream version 2.2.0. -- Markus Koschany Mon, 14 Sep 2020 23:36:07 +0200 undertow (2.1.3-1) unstable; urgency=medium * New upstream version 2.1.3. -- Markus Koschany Thu, 04 Jun 2020 22:48:58 +0200 undertow (2.1.1-1) unstable; urgency=medium * New upstream version 2.1.1. * Switch to debhelper-compat = 13. -- Markus Koschany Sun, 17 May 2020 22:00:50 +0200 undertow (2.1.0-1) unstable; urgency=medium * New upstream version 2.1.0. -- Markus Koschany Sun, 03 May 2020 00:56:55 +0200 undertow (2.0.30-1) unstable; urgency=medium * New upstream version 2.0.30. * Declare compliance with Debian Policy 4.5.0. -- Markus Koschany Sat, 21 Mar 2020 01:08:19 +0100 undertow (2.0.29-1) unstable; urgency=medium * New upstream version 2.0.29. -- Markus Koschany Wed, 08 Jan 2020 22:54:07 +0100 undertow (2.0.28-1) unstable; urgency=medium * New upstream version 2.0.28. -- Markus Koschany Sun, 17 Nov 2019 14:41:48 +0100 undertow (2.0.27-1) unstable; urgency=medium * New upstream version 2.0.27. * Declare compliance with Debian Policy 4.4.1. -- Markus Koschany Sun, 20 Oct 2019 17:16:51 +0200 undertow (2.0.26-1) unstable; urgency=medium * New upstream version 2.0.26. -- Markus Koschany Wed, 11 Sep 2019 17:29:42 +0200 undertow (2.0.25-1) unstable; urgency=medium * New upstream version 2.0.25. -- Markus Koschany Mon, 26 Aug 2019 21:15:06 +0200 undertow (2.0.23-1) unstable; urgency=medium * New upstream version 2.0.23. Fixes CVE-2017-12165, CVE-2019-3888, CVE-2019-10184 and CVE-2018-14642. (Closes: #885338, #930349, #911796 ) * Switch to debhelper-compat = 12. * Declare compliance with Debian Policy 4.4.0. -- Markus Koschany Fri, 02 Aug 2019 12:11:14 +0200 undertow (1.4.25-2) unstable; urgency=medium * Team upload. * Depend on libgeronimo-annotation-1.3-spec-java and libservlet3.1-java instead of libtomcat8-java * Standards-Version updated to 4.2.1 * Use salsa.debian.org Vcs-* URLs -- Emmanuel Bourg Mon, 03 Dec 2018 22:37:39 +0100 undertow (1.4.25-1) unstable; urgency=medium * New upstream version 1.4.25 - Fix CVE-2018-1114: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service. (Closes: #897247) - Fix CVE-2017-12196: When using Digest authentication the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server. * Declare compliance with Debian Policy 4.1.4. -- Markus Koschany Sun, 06 May 2018 21:29:28 +0200 undertow (1.4.23-3) unstable; urgency=medium * Rebuild against libjboss-classfilewriter-java >= 1.2.2-2. Fix unsatisfiable dependency. -- Markus Koschany Mon, 26 Mar 2018 20:15:01 +0200 undertow (1.4.23-2) unstable; urgency=medium * Add java9.patch and fix FTBFS with Java 9. (Closes: #893532) * Use source/target 1.9. -- Markus Koschany Sun, 25 Mar 2018 17:06:48 +0200 undertow (1.4.23-1) unstable; urgency=high * New upstream version 1.4.23. - Fix CVE-2017-7559: HTTP Request smuggling vulnerability. (Closes: #885576) -- Markus Koschany Fri, 02 Mar 2018 20:29:02 +0100 undertow (1.4.22-1) unstable; urgency=medium * New upstream version 1.4.22. * Use compat level 11. * Declare compliance with Debian Policy 4.1.3. * Drop websockets-jsr.patch. Not needed anymore. -- Markus Koschany Wed, 17 Jan 2018 21:11:59 +0100 undertow (1.4.21-2) unstable; urgency=medium * Add websockets-jsr.patch and implement a yet unsupported new method introduced by the recent update of libtomcat8-java to version 8.5.24. Thanks to Adrian Bunk for the report. (Closes: #883357) * Declare compliance with Debian Policy 4.1.2. -- Markus Koschany Sun, 03 Dec 2017 20:49:51 +0100 undertow (1.4.21-1) unstable; urgency=medium * New upstream version 1.4.21. * Declare compliance with Debian Policy 4.1.1. -- Markus Koschany Thu, 02 Nov 2017 14:14:55 +0100 undertow (1.4.20-1) unstable; urgency=medium * New upstream version 1.4.20. * Tighten build-dependency on jboss-xnio. * Add no-wildfly.patch and don't require the wildfly openssl dependency. * Declare compliance with Debian Policy 4.1.0. -- Markus Koschany Tue, 19 Sep 2017 19:58:15 +0200 undertow (1.4.18-1) unstable; urgency=medium * New upstream version 1.4.18. - Fixes CVE-2017-2666 and CVE-2017-2670. (Closes: #864405) * Declare compliance with Debian Policy 4.0.0. * Use https for Format field. * Ignore zanata-maven-plugin. * Ignore karaf submodule. * Add libmaven-bundle-plugin-java to B-D. * Remove lintian-overrides file. -- Markus Koschany Thu, 29 Jun 2017 18:05:28 +0200 undertow (1.4.8-1) unstable; urgency=medium * New upstream version 1.4.8. -- Markus Koschany Fri, 23 Dec 2016 00:17:42 +0100 undertow (1.4.7-1) unstable; urgency=medium * New upstream version 1.4.7. -- Markus Koschany Sun, 18 Dec 2016 00:12:45 +0100 undertow (1.4.6-1) unstable; urgency=medium * New upstream version 1.4.6. -- Markus Koschany Mon, 28 Nov 2016 22:46:45 +0100 undertow (1.4.4-1) unstable; urgency=medium * New upstream version 1.4.4. -- Markus Koschany Sat, 29 Oct 2016 18:29:08 +0200 undertow (1.4.3-1) unstable; urgency=medium * New upstream version 1.4.3. - Fixes CVE-2016-7046. (Closes: #838600) Thanks to Salvatore Bonaccorso for the report. * Switch to compat level 10. * debian/watch: Use version=4. -- Markus Koschany Fri, 23 Sep 2016 19:18:11 +0200 undertow (1.4.1-1) unstable; urgency=medium * New upstream version 1.4.1. * Ignore org.wildfly.openssl:wildfly-openssl. -- Markus Koschany Fri, 09 Sep 2016 02:21:45 +0200 undertow (1.4.0-1) unstable; urgency=medium * Imported Upstream version 1.4.0. -- Markus Koschany Fri, 05 Aug 2016 12:14:46 +0200 undertow (1.3.23-1) unstable; urgency=medium * Imported Upstream version 1.3.23. * Declare compliance with Debian Policy 3.9.8. * Drop JettyALPNClientProvider.patch. Fixed upstream. -- Markus Koschany Sun, 05 Jun 2016 17:47:27 +0200 undertow (1.3.21-1) unstable; urgency=medium * Imported Upstream version 1.3.21. * Remove http2 test suite from libundertow-java.poms and maven.rules. * Add JettyALPNClientProvider.patch and fix multiple compilation errors. -- Markus Koschany Sun, 10 Apr 2016 20:12:33 +0200 undertow (1.3.19-1) unstable; urgency=medium * Imported Upstream version 1.3.19. * Declare compliance with Debian Policy 3.9.7. -- Markus Koschany Sun, 20 Mar 2016 19:17:54 +0100 undertow (1.3.16-1) unstable; urgency=medium * Imported Upstream version 1.3.16. * Vcs-Git: Use https. -- Markus Koschany Sat, 30 Jan 2016 17:03:04 +0100 undertow (1.3.11-1) unstable; urgency=medium * debian/rules: Do not execute dh_auto_test to prevent a FTBFS due to a bug in maven-compiler-plugin 3.2. (Closes: #808691) * Imported Upstream version 1.3.11. -- Markus Koschany Thu, 24 Dec 2015 19:56:00 +0100 undertow (1.3.7-1) unstable; urgency=medium * Imported Upstream version 1.3.7. -- Markus Koschany Fri, 27 Nov 2015 19:40:51 +0100 undertow (1.3.5-1) unstable; urgency=medium * Imported Upstream version 1.3.5. * Change homepage field to undertow.io. -- Markus Koschany Mon, 16 Nov 2015 17:25:21 +0100 undertow (1.3.4-1) unstable; urgency=medium * Initial release (Closes: #767001) -- Markus Koschany Mon, 02 Nov 2015 17:57:08 +0100