libpgjava (42.5.4-1) unstable; urgency=medium * New upstream version 42.5.4. -- Christoph Berg <myon@debian.org> Fri, 17 Feb 2023 18:19:35 +0100 libpgjava (42.5.3-1) unstable; urgency=medium * New upstream version 42.5.3. -- Christoph Berg <myon@debian.org> Thu, 09 Feb 2023 11:26:33 +0100 libpgjava (42.5.1-1) unstable; urgency=medium * New upstream version 42.5.1, fixes CVE-2022-41946. -- Christoph Berg <myon@debian.org> Thu, 24 Nov 2022 12:54:21 +0100 libpgjava (42.5.0-1) unstable; urgency=medium * New upstream version 42.5.0. -- Christoph Berg <myon@debian.org> Fri, 26 Aug 2022 12:06:57 +0200 libpgjava (42.4.2-1) unstable; urgency=medium * New upstream version 42.4.2. -- Christoph Berg <myon@debian.org> Mon, 22 Aug 2022 14:24:18 +0200 libpgjava (42.4.1-1) unstable; urgency=medium * New upstream version 42.4.1 Fixes SQL generated in PgResultSet.refresh() to escape column identifiers so as to prevent SQL injection. (Closes: #1016662, CVE-2022-31197, reported by Sho Kato) Previously, the column names for both key and data columns in the table were copied as-is into the generated SQL. This allowed a malicious table with column names that include statement terminator to be parsed and executed as multiple separate commands. -- Christoph Berg <myon@debian.org> Mon, 08 Aug 2022 14:53:28 +0200 libpgjava (42.4.0-1) unstable; urgency=medium * New upstream version 42.4.0. -- Christoph Berg <myon@debian.org> Tue, 14 Jun 2022 15:18:49 +0200 libpgjava (42.3.6-1) unstable; urgency=medium * New upstream version 42.3.6. -- Christoph Berg <myon@debian.org> Fri, 27 May 2022 14:56:40 +0200 libpgjava (42.3.5-1) unstable; urgency=medium * New upstream version 42.3.5. -- Christoph Berg <myon@debian.org> Fri, 06 May 2022 16:51:03 +0200 libpgjava (42.3.4-1) unstable; urgency=medium * New upstream version 42.3.4. -- Christoph Berg <myon@debian.org> Mon, 02 May 2022 15:56:41 +0200 libpgjava (42.3.3-1) unstable; urgency=medium * New upstream version 42.3.3. https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8 -- Christoph Berg <myon@debian.org> Thu, 17 Feb 2022 13:08:38 +0100 libpgjava (42.3.2-1) unstable; urgency=medium * New upstream version 42.3.2. https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-v7wg-cpwc-24m4 -- Christoph Berg <myon@debian.org> Fri, 04 Feb 2022 10:58:43 +0100 libpgjava (42.3.1-1) unstable; urgency=medium * New upstream version 42.3.1. -- Christoph Berg <myon@debian.org> Wed, 03 Nov 2021 16:53:04 +0100 libpgjava (42.2.24-1) unstable; urgency=medium * New upstream version 42.2.24. -- Christoph Berg <myon@debian.org> Wed, 29 Sep 2021 11:53:54 +0200 libpgjava (42.2.23-1) unstable; urgency=medium * New upstream version 42.2.23. -- Christoph Berg <myon@debian.org> Tue, 27 Jul 2021 17:05:40 +0200 libpgjava (42.2.22-1) unstable; urgency=medium * New upstream version 42.2.22. -- Christoph Berg <myon@debian.org> Wed, 30 Jun 2021 13:35:21 +0200 libpgjava (42.2.20-1) unstable; urgency=medium * New upstream version 42.2.20. * Update watch file for updated -jdbc-src.tar.gz names. * Bump B-D on libscram-java to 2.1. -- Christoph Berg <myon@debian.org> Fri, 23 Apr 2021 18:09:11 +0200 libpgjava (42.2.15-1) unstable; urgency=medium * New upstream version. + Fixes XML External Entitiy (XXE) injection (CVE-2020-13692). https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html * Switch to src tarballs from maven repo, the upstream git repo tarballs need gradle to compile. (https://github.com/pgjdbc/pgjdbc/issues/1440) * Force doc build to be in English. * Remove missing test dependencies: classloader-leak-test-framework: Not packaged junit: Packaged, but mvn doesn't find it jupiter: Missing on older distributions. * Defang package-contains-ancient-file caused by 1970 README.md. * Test both md5 and scram-sha-256 connections. * DH 13. -- Christoph Berg <myon@debian.org> Mon, 10 Aug 2020 13:49:48 +0200 libpgjava (42.2.12-2) unstable; urgency=medium * Team upload. * debian/patches/05-cve-2020-13692.patch: New patch, fixes XML External Entitiy (XXE) injection (CVE-2020-13692, Closes: #962828). https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65 -- Michael Banck <michael.banck@credativ.de> Tue, 23 Jun 2020 16:07:07 +0200 libpgjava (42.2.12-1) unstable; urgency=medium * New upstream version. -- Christoph Berg <myon@debian.org> Thu, 30 Apr 2020 09:49:54 +0200 libpgjava (42.2.11-1) unstable; urgency=medium * New upstream version. -- Christoph Berg <myon@debian.org> Mon, 16 Mar 2020 10:00:13 +0100 libpgjava (42.2.10-1) unstable; urgency=medium * New upstream version. -- Christoph Berg <myon@debian.org> Wed, 19 Feb 2020 11:20:53 +0100 libpgjava (42.2.9-1) unstable; urgency=medium * New upstream version. -- Christoph Berg <myon@debian.org> Wed, 18 Dec 2019 11:47:04 +0100 libpgjava (42.2.8-1) unstable; urgency=medium * New upstream version. * Disable karaf feature, not yet available in Debian. -- Christoph Berg <myon@debian.org> Mon, 16 Sep 2019 15:33:59 +0200 libpgjava (42.2.6-1) unstable; urgency=medium * New upstream version. * Add debian/gitlab-ci.yml. -- Christoph Berg <myon@debian.org> Sat, 27 Jul 2019 23:37:13 +0200 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog libpostgresql-jdbc-java`.
Generated by dwww version 1.15 on Thu May 23 02:23:14 CEST 2024.