1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150
|
ruby-rails-html-sanitizer (1.6.2-1) unstable; urgency=medium
* Re-upload to unstable. (Closes: #1093926)
-- Utkarsh Gupta <utkarsh@debian.org> Wed, 05 Mar 2025 14:59:05 +0530
ruby-rails-html-sanitizer (1.6.2-1~exp1) experimental; urgency=medium
* Team upload
* New upstream version 1.6.2
* Refresh packaging files with dh_make_ruby -w
* Bump Standards-Version to 4.7.0 (no changes needed)
* Experimental build against ruby-nokogiri 1.17
-- Cédric Boutillier <boutil@debian.org> Tue, 14 Jan 2025 00:58:44 +0100
ruby-rails-html-sanitizer (1.4.4-1) unstable; urgency=medium
* Team upload
* New upstream release (Closes: #1027153)
- Fix CVE-2022-23517 CVE-2022-23518 CVE-2022-23519 CVE-2022-23520
* Drop 0001-tests-skip-failing.patch patch
* debian/control
- Set Standards-Version: 4.6.2
- Replace ruby | ruby-interpreter with ${ruby:Depends}
- Drop XB-Ruby-Versions and XB-Ruby-Versions
-- Abhijith PA <abhijith@debian.org> Sun, 05 Feb 2023 11:54:51 +0530
ruby-rails-html-sanitizer (1.4.2-2) unstable; urgency=medium
* Team upload.
* Switch to gem-install layout for bundle --local compatibility
-- Pirate Praveen <praveen@debian.org> Mon, 24 Jan 2022 00:51:08 +0530
ruby-rails-html-sanitizer (1.4.2-1) unstable; urgency=medium
* Team upload.
* New upstream release
* debian/patches
- Refresh patch
- Drop cherry-picked patches from upstream
* debian/control
- Set Standards-Version: 4.6.0
-- Hideki Yamane <henrich@debian.org> Mon, 30 Aug 2021 00:28:10 +0900
ruby-rails-html-sanitizer (1.3.0-2) unstable; urgency=medium
* Team upload.
[ Debian Janitor ]
* Remove unnecessary Team Upload line in changelog.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse.
[ Pirate Praveen ]
* Tighten dependency on ruby-loofah (for backports)
[ Cédric Boutillier ]
* [ci skip] Update team name
* [ci skip] Add .gitattributes to keep unwanted files out of the source
package
[ Hideki Yamane ]
* debian/patches
- Fix test failure (Closes: #982723)
* debian/control
- Set Standards-Version: 4.5.1
- Bump to debhelper-compat (= 13)
-- Hideki Yamane <henrich@debian.org> Sat, 12 Jun 2021 12:51:53 +0900
ruby-rails-html-sanitizer (1.3.0-1) unstable; urgency=medium
* New upstream version.
* debian/compat:
- Drop, rely on debhelper-compat package.
* debian/control:
- Add Build-Dependency on debhelper-compat.
- Bump Standards-Version to 4.5.0.
- Use my debian.org mail address.
- Declare that the build doesn't need root.
* debian/patches:
- Add patch to skip failing tests, as these assume the vendored version of
libxml provided via nokogiri. That is not the case in Debian.
* debian/rules:
- Make the build verbose.
* debian/watch:
- Use gemwatch.debian.net service.
[ Utkarsh Gupta ]
* Add salsa-ci.yml
-- Georg Faerber <georg@debian.org> Tue, 04 Feb 2020 18:15:36 +0000
ruby-rails-html-sanitizer (1.0.4-1) unstable; urgency=medium
* New upstream release.
* debian/compat: Bump debhelper compatibility level to 11.
* debian/control:
- Bump required debhelper version to >= 11~.
- Bump Standards-Version to 4.1.3 (no changes needed).
- Use salsa.debian.org in Vcs-* fields.
- Add myself as Uploader.
- Require ruby-loofah >= 2.2.2~.
* debian/copyright:
- Use HTTPS in link to copyright format specification.
- Add missing Debian packaging authors.
* debian/patches: Drop patch to skip failing specs, fixed upstream.
* debian/watch: Use version 4 and HTTPS in link to gemwatch service.
-- Georg Faerber <georg@riseup.net> Fri, 23 Mar 2018 13:42:07 +0100
ruby-rails-html-sanitizer (1.0.3-2) unstable; urgency=medium
* Team upload.
[ Cédric Boutillier ]
* Bump debhelper compatibility level to 9
* Use https:// in Vcs-* fields
* Bump Standards-Version to 3.9.7 (no changes needed)
[ Christian Hofstaedtler ]
* Drop ruby-rails from Depends, as no lib code actually loads rails;
makes the dependency cycle a little less bad.
-- Christian Hofstaedtler <zeha@debian.org> Sat, 05 Mar 2016 04:24:42 +0100
ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high
* New upstream release. Contains fixes for several XSS vulnerabilities:
CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814)
* debian/ruby-tests.rake: re-enable test that was disabled
* 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized
HTML is XSS-free but does not match the exact content expected by the
upstream test suite. I suspect that is due to Nokogiri not using its own
patched version of libxml2 in Debian, but can't be sure of that yet.
Also, the same tests would already fail on 1.0.2 if enabled.
-- Antonio Terceiro <terceiro@debian.org> Tue, 26 Jan 2016 19:36:51 -0200
ruby-rails-html-sanitizer (1.0.2-1) unstable; urgency=medium
* Initial release (Closes: #784326)
* Disabled a test as it required gems which have Rails > 4.2.0 in its
dependency chain
-- Balasankar C <balasankarc@autistici.org> Tue, 05 May 2015 13:07:22 +0530
|