libowasp-esapi-java (2.4.0.0-2) unstable; urgency=medium

  * Team upload.
  * Replace libservlet3.1-java with libservlet-api-java
  * Drop libowasp-esapi-java-doc (see Debian bug #1028166)
  * Bump Standards-Version to 4.6.2
  * Freshen years in debian/copyright
  * Add lintian overrides for long HTML lines
  * Set Rules-Requires-Root: no in debian/control

 -- tony mancill <tmancill@debian.org>  Sun, 08 Jan 2023 10:29:05 -0800

libowasp-esapi-java (2.4.0.0-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 2.4.0.0.
    - Fix CVE-2022-23457 and CVE-2022-24891 and a potential DoS vulnerability
      (CVE-2022-28366). (Closes: #1010339)
    Thanks to Neil Williams for the report.
  * Drop servlet-api.patch because it is no longer required.
  * Use canonical VCS URI.

 -- Markus Koschany <apo@debian.org>  Fri, 29 Apr 2022 15:30:01 +0200

libowasp-esapi-java (2.2.3.1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 2.2.3.1.
  * Switch to debhelper-compat = 13.
  * Declare compliance with Debian Policy 4.6.0.
  * Switch to commons-collections 4.
  * Rebase 01-servlet-api-compatibility.patch

 -- Markus Koschany <apo@debian.org>  Tue, 12 Oct 2021 15:27:54 +0200

libowasp-esapi-java (2.1.0-3) unstable; urgency=medium

  * Team upload.
  * Transition to the Servlet API 3.1 (Closes: #801021)
  * Build with the DH sequencer instead of CDBS
  * Standards-Version updated to 3.9.8 (no changes)
  * Use secure Vcs-* URLs

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 20 Jun 2016 17:06:57 +0200

libowasp-esapi-java (2.1.0-2) unstable; urgency=low

  * This version to be for unstable
  * Put into git (and add appropriate headers to debian/control)
  * Note the 2 Apache-2.0 licensed files

 -- Matthew Vernon <matthew@debian.org>  Thu, 29 May 2014 18:27:31 +0100

libowasp-esapi-java (2.1.0-1) experimental; urgency=low

  * Initial release (closes: #741416)
  * This is (indirectly) a dependency of the Shibboleth IdP

 -- Matthew Vernon <matthew@debian.org>  Wed, 19 Feb 2014 16:24:11 +0000