openrefine (3.6.2-2+deb12u2) bookworm; urgency=medium

  * Fix CVE-2023-41887 and CVE-2023-41886:
    OpenRefine is a powerful free, open source tool for working with messy
    data. Prior to this version, a remote code execution vulnerability allows
    any unauthenticated user to execute code on the server.

 -- Markus Koschany <apo@debian.org>  Wed, 04 Oct 2023 15:02:45 +0200

openrefine (3.6.2-2+deb12u1) bookworm; urgency=medium

  * Fix CVE-2023-37476:
    OpenRefine is a free, open source tool for data processing. A carefully
    crafted malicious OpenRefine project tar file can be used to trigger
    arbitrary code execution in the context of the OpenRefine process if a user
    can be convinced to import it. (Closes: #1041422)

 -- Markus Koschany <apo@debian.org>  Thu, 07 Sep 2023 21:22:17 +0200

openrefine (3.6.2-2) unstable; urgency=medium

  * Depend on libjoda-time-java and liboro-java.
    Thanks to Robert Jäschke for the report! (Closes: #1022760)
  * Load the refine configuration before parsing the command line options.
    Thanks to Robert Jäschke for the report! (Closes: #1033355)
  * Symlink commons-lang-2.6 into server directory to fix another
    ClassNotFound exception.

 -- Markus Koschany <apo@debian.org>  Wed, 05 Apr 2023 20:20:17 +0200

openrefine (3.6.2-1) unstable; urgency=medium

  * New upstream version 3.6.2. (Closes: #1022761)
  * Add 3rdparty missing sources. (Closes: #1022760)
    These Javascript files are currently missing from the original sources
    because they are downloaded separately with npm.
  * Tighten dependency on librhino-java to >= 1.7.14. Otherwise there was a
    silent error in the web application which made it unusable.
  * Link titanium-json-ld into webapp directory.

 -- Markus Koschany <apo@debian.org>  Tue, 14 Feb 2023 00:34:16 +0100

openrefine (3.6.1-1) unstable; urgency=medium

  * New upstream version 3.6.1.
  * Refresh all patches except of javalamp patch.
  * Tighten dependency on apache-jena and wikidata toolkit.
  * Depend on liblanguage-detector-java.
  * Add gdata-extension.patch.
  * Declare compliance with Debian Policy 4.6.1.

 -- Markus Koschany <apo@debian.org>  Thu, 29 Sep 2022 23:58:11 +0200

openrefine (3.5.2-2) unstable; urgency=medium

  * Build-depend on libokhttp-java (>= 3.13.1-3~)
  * Tighten dependency on libgoogle-api-client-java.
  * Remove dependency on tomcat9 because the tomcat9-annotations-api is
    apparently not required.
  * Update the Dockerfile and add a README file to document how to build the
    image and run the container. Install both files as examples into
    /usr/share/doc/openrefine/examples.

 -- Markus Koschany <apo@debian.org>  Tue, 08 Mar 2022 13:49:15 +0100

openrefine (3.5.2-1) unstable; urgency=medium

  * Upload to unstable.
  * New upstream version 3.5.2.
   - Remove non-free lavalamp.js file.
   - Enable all extensions.
  * Depend on procps for openrefine script.

 -- Markus Koschany <apo@debian.org>  Sun, 20 Feb 2022 17:03:52 +0100

openrefine (3.5~git20210527-1) experimental; urgency=medium

  * Initial release. (Closes: #986604 )

 -- Markus Koschany <apo@debian.org>  Thu, 02 Sep 2021 06:56:05 +0200
