Debian
libpgjava package

Change logs for libpgjava source package in Sid

  1. Sid (98)
  2. Change log 
  • libpgjava (42.6.0-2) unstable; urgency=medium

  * Remove ancient Replaces/Conflicts. Thanks Helmut Grohne for the report.

 -- Christoph Berg <email address hidden>  Wed, 18 Oct 2023 14:05:07 +0200
  • libpgjava (42.5.4-1) unstable; urgency=medium

  * New upstream version 42.5.4.

 -- Christoph Berg <email address hidden>  Fri, 17 Feb 2023 18:19:35 +0100
  • libpgjava (42.5.3-1) unstable; urgency=medium

  * New upstream version 42.5.3.

 -- Christoph Berg <email address hidden>  Thu, 09 Feb 2023 11:26:33 +0100
  • libpgjava (42.5.1-1) unstable; urgency=medium

  * New upstream version 42.5.1, fixes CVE-2022-41946.

 -- Christoph Berg <email address hidden>  Thu, 24 Nov 2022 12:54:21 +0100
  • libpgjava (42.5.0-1) unstable; urgency=medium

  * New upstream version 42.5.0.

 -- Christoph Berg <email address hidden>  Fri, 26 Aug 2022 12:06:57 +0200
  • libpgjava (42.4.2-1) unstable; urgency=medium

  * New upstream version 42.4.2.

 -- Christoph Berg <email address hidden>  Mon, 22 Aug 2022 14:24:18 +0200
  • libpgjava (42.4.1-1) unstable; urgency=medium

  * New upstream version 42.4.1

    Fixes SQL generated in PgResultSet.refresh() to escape column identifiers
    so as to prevent SQL injection.
    (Closes: #1016662, CVE-2022-31197, reported by Sho Kato)

    Previously, the column names for both key and data columns in the table
    were copied as-is into the generated SQL. This allowed a malicious table
    with column names that include statement terminator to be parsed and
    executed as multiple separate commands.

 -- Christoph Berg <email address hidden>  Mon, 08 Aug 2022 14:53:28 +0200
  • libpgjava (42.4.0-1) unstable; urgency=medium

  * New upstream version 42.4.0.

 -- Christoph Berg <email address hidden>  Tue, 14 Jun 2022 15:18:49 +0200
  • libpgjava (42.3.6-1) unstable; urgency=medium

  * New upstream version 42.3.6.

 -- Christoph Berg <email address hidden>  Fri, 27 May 2022 14:56:40 +0200
  • libpgjava (42.3.5-1) unstable; urgency=medium

  * New upstream version 42.3.5.

 -- Christoph Berg <email address hidden>  Fri, 06 May 2022 16:51:03 +0200
  • libpgjava (42.3.4-1) unstable; urgency=medium

  * New upstream version 42.3.4.

 -- Christoph Berg <email address hidden>  Mon, 02 May 2022 15:56:41 +0200
  • libpgjava (42.3.3-1) unstable; urgency=medium

  * New upstream version 42.3.3.
    https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8

 -- Christoph Berg <email address hidden>  Thu, 17 Feb 2022 13:08:38 +0100
  • libpgjava (42.3.2-1) unstable; urgency=medium

  * New upstream version 42.3.2.

 -- Christoph Berg <email address hidden>  Fri, 04 Feb 2022 10:58:43 +0100
  • libpgjava (42.3.1-1) unstable; urgency=medium

  * New upstream version 42.3.1.

 -- Christoph Berg <email address hidden>  Wed, 03 Nov 2021 16:53:04 +0100
  • libpgjava (42.2.24-1) unstable; urgency=medium

  * New upstream version 42.2.24.

 -- Christoph Berg <email address hidden>  Wed, 29 Sep 2021 11:53:54 +0200
  • libpgjava (42.2.23-1) unstable; urgency=medium

  * New upstream version 42.2.23.

 -- Christoph Berg <email address hidden>  Tue, 27 Jul 2021 17:05:40 +0200
  • libpgjava (42.2.22-1) unstable; urgency=medium

  * New upstream version 42.2.22.

 -- Christoph Berg <email address hidden>  Wed, 30 Jun 2021 13:35:21 +0200
  • libpgjava (42.2.20-1) unstable; urgency=medium

  * New upstream version 42.2.20.
  * Update watch file for updated -jdbc-src.tar.gz names.
  * Bump B-D on libscram-java to 2.1.

 -- Christoph Berg <email address hidden>  Fri, 23 Apr 2021 18:09:11 +0200
  • libpgjava (42.2.15-1) unstable; urgency=medium

  * New upstream version.
    + Fixes XML External Entitiy (XXE) injection (CVE-2020-13692).
      https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
  * Switch to src tarballs from maven repo, the upstream git repo tarballs
    need gradle to compile. (https://github.com/pgjdbc/pgjdbc/issues/1440)
  * Force doc build to be in English.
  * Remove missing test dependencies:
     classloader-leak-test-framework: Not packaged
     junit: Packaged, but mvn doesn't find it
     jupiter: Missing on older distributions.
  * Defang package-contains-ancient-file caused by 1970 README.md.
  * Test both md5 and scram-sha-256 connections.
  * DH 13.

 -- Christoph Berg <email address hidden>  Mon, 10 Aug 2020 13:49:48 +0200
  • libpgjava (42.2.12-2) unstable; urgency=medium

  * Team upload.
  * debian/patches/05-cve-2020-13692.patch: New patch, fixes XML External
    Entitiy (XXE) injection (CVE-2020-13692, Closes: #962828).
    https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65

 -- Michael Banck <email address hidden>  Tue, 23 Jun 2020 16:07:07 +0200
  • libpgjava (42.2.12-1) unstable; urgency=medium

  * New upstream version.

 -- Christoph Berg <email address hidden>  Thu, 30 Apr 2020 09:49:54 +0200
  • libpgjava (42.2.11-1) unstable; urgency=medium

  * New upstream version.

 -- Christoph Berg <email address hidden>  Mon, 16 Mar 2020 10:00:13 +0100
  • libpgjava (42.2.10-1) unstable; urgency=medium

  * New upstream version.

 -- Christoph Berg <email address hidden>  Wed, 19 Feb 2020 11:20:53 +0100
  • libpgjava (42.2.9-1) unstable; urgency=medium

  * New upstream version.

 -- Christoph Berg <email address hidden>  Wed, 18 Dec 2019 11:47:04 +0100
  • libpgjava (42.2.8-1) unstable; urgency=medium

  * New upstream version.
  * Disable karaf feature, not yet available in Debian.

 -- Christoph Berg <email address hidden>  Mon, 16 Sep 2019 15:33:59 +0200
  • libpgjava (42.2.6-1) unstable; urgency=medium

  * New upstream version.
  * Add debian/gitlab-ci.yml.

 -- Christoph Berg <email address hidden>  Sat, 27 Jul 2019 23:37:13 +0200
  • libpgjava (42.2.5-2) unstable; urgency=medium

  * Update PostgreSQL Maintainers address.

 -- Christoph Berg <email address hidden>  Thu, 07 Feb 2019 10:54:50 +0100
  • libpgjava (42.2.5-1) unstable; urgency=medium

  * New upstream security release: added server hostname verification for
    non-default SSL factories in `sslmode=verify-full` (CVE-2018-10936)
    https://github.com/pgjdbc/pgjdbc/commit/cdeeaca47dc3bc6f727c79a582c9e4123099526e

 -- Christoph Berg <email address hidden>  Mon, 27 Aug 2018 21:20:17 +0200
  • libpgjava (42.2.4-2) unstable; urgency=medium

  * Ignore javadoc warnings, they are for unused files anyway. (Closes: #906377)

 -- Christoph Berg <email address hidden>  Mon, 27 Aug 2018 16:55:02 +0200
  • libpgjava (42.2.4-1) unstable; urgency=medium

  * New upstream version.
  * debian/libpostgresql-jdbc-java.poms: Remove ubenchmark, gone from source.
  * debian/watch: Fetch upstream tarball from github.

 -- Christoph Berg <email address hidden>  Wed, 18 Jul 2018 13:11:13 +0200
  • libpgjava (42.2.2-4) unstable; urgency=medium

  * pgjdbc/pom.xml: "provided" made the shade plugin also remove the bundled
    scram dependency. Revert that change, and declare the dependency to be
    "optional" instead. That way, we bundle scram, and do not require
    reverse-dependencies to install libscram-java. Again thanks Emmanuel Bourg!

 -- Christoph Berg <email address hidden>  Wed, 06 Jun 2018 14:42:47 +0200
  • libpgjava (42.2.2-3) unstable; urgency=medium

  * pgjdbc/pom.xml: Manually patch scram dependency scope to be "provided"
    instead of relying on maven.rules. (Closes: #900615, induced by #900763,
    thanks Emmanuel Bourg.)

 -- Christoph Berg <email address hidden>  Tue, 05 Jun 2018 09:47:56 +0200
  • libpgjava (42.2.2-2) unstable; urgency=medium

  * debian/maven.rules: Set scram scope to "provided" to properly remove the
    runtime dependency on libscram-java. Thanks Kai-Chung Yan!
  * Mark as Multi-Arch: foreign.
  * libpostgresql-jdbc-java embeds classes from libscram-java. Note the
    version used in Built-Using.

 -- Christoph Berg <email address hidden>  Tue, 29 May 2018 23:13:10 +0200
  • libpgjava (42.2.2-1) unstable; urgency=medium

  * New upstream version.
    + Fixes test problen in pgpool2: WARNING: An illegal reflective access
      operation has occurred (Closes: #894327)
  * Add myself and pkg-postgresql to Uploaders.
  * Refresh debian/patches/01-missing-pom-configuration.patch.
  * Add B-D libmaven-shade-plugin-java and libscram-java.
  * libjdbc-postgresql-java: remove ${maven:Depends}, it would resolve to
    libscram-java (>> $ver) which is bundled in postgresql.jar anyway.
  * debian/maven.properties: Switch to source 8 to enable lambda expressions.
  * debian/tests/: Test scram-sha-256 authentication using sqlline.
  * Update Vcs URLs and Standards-Version.

 -- Christoph Berg <email address hidden>  Mon, 30 Apr 2018 22:29:11 +0200
  • libpgjava (9.4.1212-1) unstable; urgency=medium

  * Team upload.
  * New upstream release (Closes: #813365)
    - Refreshed the patches
    - Build with Maven instead of Ant
  * No longer build the JDBC 3 jar, default to JDBC 4 (Closes: #820943, #820942)
  * Updated the package description (Closes: #783456)
  * Removed the dummy libpg-java package
  * Removed the suggested dependency on postgresql
  * Standards-Version updated to 3.9.8
  * Switch to debhelper level 10
  * Use secure Vcs-* URLs
  * Converted debian/copyright to the Copyright Format 1.0
  * Rewrote debian/watch to fetch the new releases directly from Git

 -- Emmanuel Bourg <email address hidden>  Mon, 09 Jan 2017 19:54:54 +0100
  • libpgjava (9.2-1002-1) unstable; urgency=low


  * New upstream release.
  * Bump standards version to 3.9.4 (no changes).

 -- Andrew Ross <email address hidden>  Sun, 12 May 2013 18:05:06 +0100
  • libpgjava (9.1-901-2) unstable; urgency=low


  * Provide transitional package libpg-java (closes: #659324)
  * Bump standards version to 3.9.3 (no changes).

 -- Andrew Ross <email address hidden>  Fri, 20 Jul 2012 21:09:40 -0400
  • libpgjava (9.1-901-1) unstable; urgency=low


  * New upstream release. (closes: #645854)
  * Change binary package name to libpostgresql-jdbc-java.
      (closes: #336245)
  * Remove Michael Koch from Uploaders. (closes: #654090)
  * Bump standards version to 3.9.2 (no changes).

 -- Andrew Ross <email address hidden>  Sat, 24 Dec 2011 23:33:56 +0000
  • libpgjava (8.4-702-1) unstable; urgency=low
  * New upstream release (closes: #612643)  * Build JDBC4 libraries in addition to JDBC3.  * Use debhelper and javahelper rather than cdbs  * Updated Standards-Version to 3.9.1.  * Don't depend on a jre (to match current java package policy)  * Added myself to Uploaders.  * Changed source format to 3.0 (quilt).  * Added a package containing the public API documentation. -- Andrew Ross <email address hidden>  Sat, 12 Feb 2011 16:41:22 +0000
  • libpgjava (8.4-701-1) unstable; urgency=low


  * New upstream release.
  * Removed all old unused JDBC2 stuff.
  * Moved java-gcj-compat-dev and ant to Build-Depends.
  * Make libpg-java Depends on default-jre-headless and its headless
    friends.
  * Build-Depends on debhelper >= 7.
  * Moved package to section 'java'.
  * Updated Standards-Version to 3.8.3.

 -- Michael Koch <email address hidden>  Sat, 26 Sep 2009 13:39:36 +0200
  • libpgjava (8.2-504-2) unstable; urgency=low


  * Updated description to mention PostgreSQL 8.3 as supported.
    Closes: #398348
  * Removed libpgjava transitional package. Closes: #477557
  * Moved debhelper and cdbs from Build-Depends-Indep to Build-Depends.
  * Added Homepage, Vcs-Svn and Vcs-Browser fields.
  * Added watch file.
  * Added myself to Uploaders.
  * Removed Stafan and Wolfgang from Uploaders.
  * Updated Standards-Version to 3.7.3
  * Updated debhelper level to 5.

 -- Michael Koch <email address hidden>  Sat, 26 Apr 2008 22:01:11 +0200