File: changelog

package info (click to toggle)
openrefine 3.8.7-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 40,864 kB
  • sloc: javascript: 105,631; java: 85,657; xml: 5,917; sh: 615; makefile: 79; python: 71; sql: 60
file content (137 lines) | stat: -rw-r--r-- 5,179 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
 
openrefine (3.8.7-2) unstable; urgency=medium

  * Add missing links to localizer.jar.
    It seems the missing localizer.jar caused errors on non-english systems and
    this change might fix the problem. See #1095034 for more information.

 -- Markus Koschany <apo@debian.org>  Sat, 27 Sep 2025 21:54:09 +0200

openrefine (3.8.7-1) unstable; urgency=medium

  * New upstream version 3.8.7.
    - Fix CVE-2024-49760, CVE-2024-47882, CVE-2024-47881, CVE-2024-47880,
      CVE-2024-47879 and CVE-2024-47878. (Closes: #1086041)
  * Refresh the patches.
  * Add new maven plugins to maven.ignore rules.
  * Add jetty9.patch and revert back to Debian's Jetty9 version. We upgrade to
    Jetty12 in the near future.
  * Declare compliance with Debian Policy 4.7.0.

 -- Markus Koschany <apo@debian.org>  Thu, 02 Jan 2025 18:55:19 +0100

openrefine (3.7.8-1) unstable; urgency=high

  * New upstream version 3.7.8
    - Fix CVE-2024-23833: A jdbc attack vulnerability exists in OpenRefine
      where an attacker may construct a JDBC query which may read files on
      the host filesystem. (Closes: #1064192)
      Thanks to Salvatore Bonaccorso for the report.

 -- Markus Koschany <apo@debian.org>  Sat, 06 Apr 2024 21:45:36 +0200

openrefine (3.7.7-1) unstable; urgency=medium

  * New upstream version 3.7.7.

 -- Markus Koschany <apo@debian.org>  Sun, 03 Dec 2023 11:51:18 +0100

openrefine (3.7.6-1) unstable; urgency=medium

  * New upstream version 3.7.6.

 -- Markus Koschany <apo@debian.org>  Tue, 17 Oct 2023 22:34:25 +0200

openrefine (3.7.5-1) unstable; urgency=medium

  * New upstream version 3.7.5.

 -- Markus Koschany <apo@debian.org>  Fri, 15 Sep 2023 12:37:36 +0200

openrefine (3.7.4-1) unstable; urgency=medium

  * New upstream version 3.7.4
  * Drop CVE-2023-37476.patch. Fixed upstream.
  * Remove log4j-api.patch.
  * Remove no-java-files.patch.
  * Build-Depend on liblocalizer-java.
  * Use and document upstream's appstream meta file.
  * Install upstream's desktop file.
  * Depend on fonts-glyphicons-halflings and replace embedded font files.
  * Add debian/openrefine.lintian-overrides.
  * Ignore Lintian warning embedded-javascript-library and explain why.

 -- Markus Koschany <apo@debian.org>  Fri, 08 Sep 2023 13:55:04 +0200

openrefine (3.6.2-3) unstable; urgency=medium

  * Tighten B-D on commons-io to >= 2.11.0.
  * Fix CVE-2023-37476 and automatically refresh all other patches.
    OpenRefine is a free, open source tool for data processing. A carefully
    crafted malicious OpenRefine project tar file can be used to trigger
    arbitrary code execution in the context of the OpenRefine process if a user
    can be convinced to import it. (Closes: #1041422)
  * Declare compliance with Debian Policy 4.6.2.

 -- Markus Koschany <apo@debian.org>  Fri, 18 Aug 2023 01:37:01 +0200

openrefine (3.6.2-2) unstable; urgency=medium

  * Depend on libjoda-time-java and liboro-java.
    Thanks to Robert Jäschke for the report! (Closes: #1022760)
  * Load the refine configuration before parsing the command line options.
    Thanks to Robert Jäschke for the report! (Closes: #1033355)
  * Symlink commons-lang-2.6 into server directory to fix another
    ClassNotFound exception.

 -- Markus Koschany <apo@debian.org>  Wed, 05 Apr 2023 20:20:17 +0200

openrefine (3.6.2-1) unstable; urgency=medium

  * New upstream version 3.6.2. (Closes: #1022761)
  * Add 3rdparty missing sources. (Closes: #1022760)
    These Javascript files are currently missing from the original sources
    because they are downloaded separately with npm.
  * Tighten dependency on librhino-java to >= 1.7.14. Otherwise there was a
    silent error in the web application which made it unusable.
  * Link titanium-json-ld into webapp directory.

 -- Markus Koschany <apo@debian.org>  Tue, 14 Feb 2023 00:34:16 +0100

openrefine (3.6.1-1) unstable; urgency=medium

  * New upstream version 3.6.1.
  * Refresh all patches except of javalamp patch.
  * Tighten dependency on apache-jena and wikidata toolkit.
  * Depend on liblanguage-detector-java.
  * Add gdata-extension.patch.
  * Declare compliance with Debian Policy 4.6.1.

 -- Markus Koschany <apo@debian.org>  Thu, 29 Sep 2022 23:58:11 +0200

openrefine (3.5.2-2) unstable; urgency=medium

  * Build-depend on libokhttp-java (>= 3.13.1-3~)
  * Tighten dependency on libgoogle-api-client-java.
  * Remove dependency on tomcat9 because the tomcat9-annotations-api is
    apparently not required.
  * Update the Dockerfile and add a README file to document how to build the
    image and run the container. Install both files as examples into
    /usr/share/doc/openrefine/examples.

 -- Markus Koschany <apo@debian.org>  Tue, 08 Mar 2022 13:49:15 +0100

openrefine (3.5.2-1) unstable; urgency=medium

  * Upload to unstable.
  * New upstream version 3.5.2.
   - Remove non-free lavalamp.js file.
   - Enable all extensions.
  * Depend on procps for openrefine script.

 -- Markus Koschany <apo@debian.org>  Sun, 20 Feb 2022 17:03:52 +0100

openrefine (3.5~git20210527-1) experimental; urgency=medium

  * Initial release. (Closes: #986604 )

 -- Markus Koschany <apo@debian.org>  Thu, 02 Sep 2021 06:56:05 +0200