Branches for Precise

Author: Torsten Werner
Revision Date: 2011-08-30 11:47:01 UTC

[ Damien Raude-Morvan ]
* Remove Arnaud Vandyck from Uploaders
* d/control: Drop Depends on any JRE as a Java library don't need to
  depends on a runtime (Java Policy)

[ Torsten Werner ]
* Switch to source format 3.0.
* Update Standards-Version: 3.9.1.
* Remove Barry from Uploaders list.

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.