libowasp-esapi-java (2.4.0.0-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 2.4.0.0.
    - Fix CVE-2022-23457 and CVE-2022-24891 and a potential DoS vulnerability
      (CVE-2022-28366). (Closes: #1010339)
    Thanks to Neil Williams for the report.
  * Drop servlet-api.patch because it is no longer required.
  * Use canonical VCS URI.

 -- Markus Koschany <apo@debian.org>  Fri, 29 Apr 2022 15:30:01 +0200

libowasp-esapi-java (2.2.3.1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 2.2.3.1.
  * Switch to debhelper-compat = 13.
  * Declare compliance with Debian Policy 4.6.0.
  * Switch to commons-collections 4.
  * Rebase 01-servlet-api-compatibility.patch

 -- Markus Koschany <apo@debian.org>  Tue, 12 Oct 2021 15:27:54 +0200

libowasp-esapi-java (2.1.0-3) unstable; urgency=medium

  * Team upload.
  * Transition to the Servlet API 3.1 (Closes: #801021)
  * Build with the DH sequencer instead of CDBS
  * Standards-Version updated to 3.9.8 (no changes)
  * Use secure Vcs-* URLs

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 20 Jun 2016 17:06:57 +0200

libowasp-esapi-java (2.1.0-2) unstable; urgency=low

  * This version to be for unstable
  * Put into git (and add appropriate headers to debian/control)
  * Note the 2 Apache-2.0 licensed files
  
 -- Matthew Vernon <matthew@debian.org>  Thu, 29 May 2014 18:27:31 +0100

libowasp-esapi-java (2.1.0-1) experimental; urgency=low

  * Initial release (closes: #741416)
  * This is (indirectly) a dependency of the Shibboleth IdP

 -- Matthew Vernon <matthew@debian.org>  Wed, 19 Feb 2014 16:24:11 +0000
