jruby (1.5.6-9+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2019-16201, CVE-2019-16254, CVE-2019-16255 and CVE-2017-17742.
    Several security vulnerabilities were found in Ruby that also affected
    Debian's JRuby package, a pure-Java implementation of Ruby. Attackers were
    able to call arbitrary Ruby methods, cause a denial-of-service or inject
    input into HTTP response headers when using the WEBrick module.

 -- Markus Koschany <apo@debian.org>  Mon, 09 Dec 2019 21:33:31 +0100

jruby (1.5.6-9+deb8u1) jessie-security; urgency=medium

  * Non-maintainer upload by the Debian LTS Team.
  * Fix FTBFS.
  * Fix CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076,
    CVE-2018-1000077, CVE-2018-1000078. (Closes: #895778)
  * Fix CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324,
    CVE-2019-8325. (Closes: #925987)

 -- Abhijith PA <abhijith@debian.org>  Fri, 17 May 2019 10:23:45 +0530

jruby (1.5.6-9) unstable; urgency=medium

  * Team upload.
  * Build-depend on openjdk-7-jdk >= 7u71-2.5.3 (closes: #759947).
    This version restores the "apt" tool.
    - Thank you to Michael Gilbert for the patch.

 -- tony mancill <tmancill@debian.org>  Sat, 01 Nov 2014 19:55:32 -0700

jruby (1.5.6-8) unstable; urgency=medium

  [ tony mancill ]
  * Team upload.
  * Recommend "ri" instead of "ri1.8" (ruby interpreter)
  * Use DH9 instead of version 6.
  * Rebuild against a non-broken joda-time. (Closes: #729171)
  * Bump Standards-Version to 3.9.6 (no changes).

  [ Emmanuel Bourg ]
  * Removed the build dependency on libemma-java

 -- tony mancill <tmancill@debian.org>  Mon, 27 Oct 2014 23:27:54 -0700

jruby (1.5.6-7) unstable; urgency=low

  * Team upload.
  * Provide maven artifacts. (Closes: #737424).

 -- Miguel Landaeta <nomadium@debian.org>  Sun, 02 Feb 2014 21:37:46 -0300

jruby (1.5.6-6) unstable; urgency=low

  * Team upload.

  [ tony mancill ]
  * Apply patch to set FD_CLOEXEC correctly using F_SETFD not F_SETFL.
    - Thank you to Guillem Jover. (Closes: #696283)

  [ gregor herrmann ]
  * Apply all changes from the Ubuntu package:
    - Depend on default-jre.
    - Add patch 0011-java7-compat.patch. Fix build issue with OpenJDK 7.
      Thanks, Julian Taylor.
    - Add patch 0012-nailgun.patch. Use unversioned nailgun.jar.
      Thanks, Julian Taylor.
      Change re the Ubuntu version: nailgun.jar instead of nailgun-0.9.0.jar.
      (Closes: #713159)
  * debian/control: use canonical URLs for Vcs-*.
  * Declare compliance with Debian Policy 3.9.5.

 -- gregor herrmann <gregoa@debian.org>  Fri, 01 Nov 2013 17:55:29 +0100

jruby (1.5.6-5) unstable; urgency=medium

  * Team upload.
  * Add patch for CVE-2012-5370: Use PerlHash instead of MurmurHash
    (that is vulnerable to DoS attacks). (Closes: #694694)
    [Patch adapted from 5e4aab28 upstream]

 -- Martin Quinson <mquinson@debian.org>  Tue, 11 Dec 2012 21:22:36 +0100

jruby (1.5.6-4) unstable; urgency=medium

  * Team upload.
  * Add patch for CVE-2011-4838 (Closes: #686867)
    - Thanks to Moritz Muehlenhoff

 -- tony mancill <tmancill@debian.org>  Thu, 20 Sep 2012 13:36:31 -0700

jruby (1.5.6-3) unstable; urgency=low

  [Miguel Landaeta]
  * Team upload.
  * Switch to default-jdk. (Closes: #655823).

  [tony mancill]
  * Bump Standards-Version to 3.9.2 (no changes).
  * Address lintian warning in d/copyright (update path to GPL-2).

 -- Miguel Landaeta <miguel@miguel.cc>  Sat, 14 Jan 2012 14:13:54 -0430

jruby (1.5.6-2) unstable; urgency=high

  * Add workaround for strange dpkg-source error. (Closes: #643516)

 -- Torsten Werner <twerner@debian.org>  Tue, 04 Oct 2011 22:24:31 +0200

jruby (1.5.6-1) unstable; urgency=low

  * New upstream version (Closes: #636554)
  * Document licenses and copyright holders of code in
    jruby-launcher-1.0.3-java.gem.
  * Change debian/watch to read tags from github. Remove get-orig-source
    target from debian/rules because we mirror the github repo in our repo.
  * Use cdbs to build the package.

 -- Torsten Werner <twerner@debian.org>  Tue, 20 Sep 2011 21:17:04 +0200

jruby (1.5.1+dfsg4-2) unstable; urgency=low

  * Use yecht-ruby.jar for building.

 -- Torsten Werner <twerner@debian.org>  Sun, 18 Sep 2011 19:24:44 +0200

jruby (1.5.1+dfsg4-1) unstable; urgency=low

  * Remove bundled yecht.jar from orig tarball.
  * Move package to main.

 -- Torsten Werner <twerner@debian.org>  Sun, 18 Sep 2011 00:01:11 +0200

jruby (1.5.1+dfsg3-1) unstable; urgency=low

  * Remove bundled jnr-netdb.jar from orig tarball.
  * Add Depends: libjffi-jni.

 -- Torsten Werner <twerner@debian.org>  Sat, 17 Sep 2011 17:34:12 +0200

jruby (1.5.1+dfsg2-1) experimental; urgency=low

  * Remove bundled jnr-posix.jar from orig tarball.

 -- Torsten Werner <twerner@debian.org>  Wed, 14 Sep 2011 20:32:31 +0200

jruby (1.5.1+dfsg1-1) experimental; urgency=low

  * Replace more prebuilt jars by Build-Depends.
  * Modify 0002-jruby_home-is-at-a-specific-location-on-Debian.patch to avoid
    test failures.
  * Add get-orig-source target.
  * Clean more files in clean target.
  * Clean up debian/copyright.
  * Do not build InvokeDynamicSupport.java because it requires some backport
    (jsr292-mock.jar) from Java7.
  * Replace rdocs by a symlink and add Recommends: ri1.8.
  * Add a patch for the unversioned jarjar.jar.

 -- Torsten Werner <twerner@debian.org>  Tue, 13 Sep 2011 22:43:35 +0200

jruby (1.5.1-1) unstable; urgency=low

  [ Hideki Yamane ]
  * use already packaged jar files to build jruby.
    add "Build-Depends: libasm3-java, libcommons-logging-java, libjarjar-java,
    libjoda-time-java, junit4, libemma-java, libbsf-java, libjline-java, bnd,
    libconstantine-java" (Closes: #581390)

  [ Torsten Werner ]
  * New upstream release
  * Changed Maintainer to pkg-java-maintainers with the agreement of Sebastien.
  * Add Sebastien and myself to the Uploaders list.
  * Add Vcs headers to debian/control.
  * Remove bin/jruby in clean target.
  * Convert patches to dep3 format.
  * Remove unneeded jar files from orig tarball.
  * Define JAVA_HOME and set it to default-java.
  * Run tests during build.
    - Upgrade Build-Depends: ant to ant-optional.
    - Add Build-Depends: netbase. 
    - Add a patch to ignore test failures.
    - Set CLASSPATH=/usr/share/java/junit4.jar in debian/rules.

 -- Torsten Werner <twerner@debian.org>  Fri, 30 Jul 2010 03:07:08 +0200

jruby (1.5.0~rc3-1) unstable; urgency=low

  * New upstream release (Closes: #581360).

 -- Sebastien Delafond <seb@debian.org>  Wed, 12 May 2010 15:56:25 +0200

jruby (1.5.0~rc1-1) unstable; urgency=low

  * New upstream release candidate.
  * Moved to 4.0 (quilt) source format.
  * Updated watch file.
  * Bumped-up Standards-Version.

 -- Sebastien Delafond <seb@debian.org>  Tue, 20 Apr 2010 18:01:51 +0200

jruby (1.4.0-2) unstable; urgency=low

  * Make sure we're comptaible with a 1.5 JRE (Closes: #563028); thanks to
    Shyamal Prasad <shyamal@member.fsf.org> for the patch.

 -- Sebastien Delafond <seb@debian.org>  Mon, 11 Jan 2010 14:44:34 +0100

jruby (1.4.0-1) unstable; urgency=low

  * New upstream release.
  * Updated watch file.
  * Updated copyright file to reflect addition of new third-party jars.

 -- Sebastien Delafond <seb@debian.org>  Thu, 10 Dec 2009 12:34:42 +0100

jruby (1.3.1-2) unstable; urgency=low

  * Moving to non-free, with detailed debian/copyright (Closes: #551618).
  * Got rid of jruby alternatives as provided by older jruby1.x.

 -- Sebastien Delafond <seb@debian.org>  Wed, 09 Dec 2009 17:30:55 +0100

jruby (1.3.1-1) unstable; urgency=low

  * First release (Closes: #548734).
  * Move to non-free (See #527977).

 -- Sebastien Delafond <seb@debian.org>  Mon, 19 Oct 2009 15:41:51 +0200
