openrefine (3.7.8-1) unstable; urgency=high * New upstream version 3.7.8 - Fix CVE-2024-23833: A jdbc attack vulnerability exists in OpenRefine where an attacker may construct a JDBC query which may read files on the host filesystem. (Closes: #1064192) Thanks to Salvatore Bonaccorso for the report. -- Markus Koschany Sat, 06 Apr 2024 21:45:36 +0200 openrefine (3.7.7-1) unstable; urgency=medium * New upstream version 3.7.7. -- Markus Koschany Sun, 03 Dec 2023 11:51:18 +0100 openrefine (3.7.6-1) unstable; urgency=medium * New upstream version 3.7.6. -- Markus Koschany Tue, 17 Oct 2023 22:34:25 +0200 openrefine (3.7.5-1) unstable; urgency=medium * New upstream version 3.7.5. -- Markus Koschany Fri, 15 Sep 2023 12:37:36 +0200 openrefine (3.7.4-1) unstable; urgency=medium * New upstream version 3.7.4 * Drop CVE-2023-37476.patch. Fixed upstream. * Remove log4j-api.patch. * Remove no-java-files.patch. * Build-Depend on liblocalizer-java. * Use and document upstream's appstream meta file. * Install upstream's desktop file. * Depend on fonts-glyphicons-halflings and replace embedded font files. * Add debian/openrefine.lintian-overrides. * Ignore Lintian warning embedded-javascript-library and explain why. -- Markus Koschany Fri, 08 Sep 2023 13:55:04 +0200 openrefine (3.6.2-3) unstable; urgency=medium * Tighten B-D on commons-io to >= 2.11.0. * Fix CVE-2023-37476 and automatically refresh all other patches. OpenRefine is a free, open source tool for data processing. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution in the context of the OpenRefine process if a user can be convinced to import it. (Closes: #1041422) * Declare compliance with Debian Policy 4.6.2. -- Markus Koschany Fri, 18 Aug 2023 01:37:01 +0200 openrefine (3.6.2-2) unstable; urgency=medium * Depend on libjoda-time-java and liboro-java. Thanks to Robert Jäschke for the report! (Closes: #1022760) * Load the refine configuration before parsing the command line options. Thanks to Robert Jäschke for the report! (Closes: #1033355) * Symlink commons-lang-2.6 into server directory to fix another ClassNotFound exception. -- Markus Koschany Wed, 05 Apr 2023 20:20:17 +0200 openrefine (3.6.2-1) unstable; urgency=medium * New upstream version 3.6.2. (Closes: #1022761) * Add 3rdparty missing sources. (Closes: #1022760) These Javascript files are currently missing from the original sources because they are downloaded separately with npm. * Tighten dependency on librhino-java to >= 1.7.14. Otherwise there was a silent error in the web application which made it unusable. * Link titanium-json-ld into webapp directory. -- Markus Koschany Tue, 14 Feb 2023 00:34:16 +0100 openrefine (3.6.1-1) unstable; urgency=medium * New upstream version 3.6.1. * Refresh all patches except of javalamp patch. * Tighten dependency on apache-jena and wikidata toolkit. * Depend on liblanguage-detector-java. * Add gdata-extension.patch. * Declare compliance with Debian Policy 4.6.1. -- Markus Koschany Thu, 29 Sep 2022 23:58:11 +0200 openrefine (3.5.2-2) unstable; urgency=medium * Build-depend on libokhttp-java (>= 3.13.1-3~) * Tighten dependency on libgoogle-api-client-java. * Remove dependency on tomcat9 because the tomcat9-annotations-api is apparently not required. * Update the Dockerfile and add a README file to document how to build the image and run the container. Install both files as examples into /usr/share/doc/openrefine/examples. -- Markus Koschany Tue, 08 Mar 2022 13:49:15 +0100 openrefine (3.5.2-1) unstable; urgency=medium * Upload to unstable. * New upstream version 3.5.2. - Remove non-free lavalamp.js file. - Enable all extensions. * Depend on procps for openrefine script. -- Markus Koschany Sun, 20 Feb 2022 17:03:52 +0100 openrefine (3.5~git20210527-1) experimental; urgency=medium * Initial release. (Closes: #986604 ) -- Markus Koschany Thu, 02 Sep 2021 06:56:05 +0200