php-htmlpurifier (4.10.0-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * rebuild for mstrict-align

 -- root <root@loongson-pc>  Fri, 28 Jan 2022 17:23:10 +0800

php-htmlpurifier (4.10.0-1) unstable; urgency=medium

  * Take over with permission of previous team/uploader
  * New upstream version
  * Bump Policy
    - remove get-orig-source target
  * Appease lintian
    - bump debhelper compat to 11
    - use https in debian/copyright
    - contribute UMEYAGA metadata
  * Update lintian overrides
  * Facultatively switch to Teckids Debian Task Force salsa repo

 -- Thorsten Glaser <tg@mirbsd.de>  Sat, 19 May 2018 22:23:13 +0200

php-htmlpurifier (4.7.0-2) unstable; urgency=medium

  * Team upload
  * Revert "Move symlink to directory", not needed anymore
  * Update Standards-Version to 3.9.7
  * Use dpkg-statoverride to fix permissions
  * Rebuild with recent pkg-php-tools for the PHP 7.0 transition

 -- David Prévot <taffit@debian.org>  Sun, 20 Mar 2016 13:05:58 -0400

php-htmlpurifier (4.7.0-1) unstable; urgency=medium

  * Team upload

  [ Edward Z. Yang ]
  * Update YouTube embed code to new style, fixes #28
  * Add AutoFormat.RemoveEmpty.Predicate, fixes #35.
  * Fix rgb in border attribute with spaces, fixes #30.
  * Release 4.7.0.

 -- David Prévot <taffit@debian.org>  Tue, 27 Oct 2015 12:49:10 -0400

php-htmlpurifier (4.6.0-1) unstable; urgency=medium

  * Team upload
  * New upstream release, fixes security flaws (Closes: #764885)
  * Restart packaging within the Debian PHP PEAR Maintainers team
  * Move symlink to directory
  * Use a default writable directory in /var/lib
  * Convert copyright to format 1.0

 -- David Prévot <taffit@debian.org>  Fri, 17 Oct 2014 18:09:34 -0400

php-htmlpurifier (4.4.0+dfsg1-2) unstable; urgency=low

  [ Martin von Wittich ]
  * Fix undefined array index deref (Closes: #736835)

  [ Thorsten Glaser ]
  * Remove myself from Uploaders

 -- Thorsten Glaser <tg@mirbsd.de>  Tue, 11 Feb 2014 21:59:25 +0100

php-htmlpurifier (4.4.0+dfsg1-1) unstable; urgency=low

  * New upstream release; upstream WHATSNEW says:
    │HTML Purifier 4.4.0 is a minor security release addressing a
    │security vulnerability associated with some optional functionality.
    │It also contains an accumulation of new features and bugfixes over
    │half a year. New configuration options include %HTML.TargetBlank,
    │%HTML.AllowedComments, %HTML.AllowedCommentsRegexp,
    │%HTML.SafeIframe, %URI.SafeIframeRegexp, %Core.EnableIDNA (requires
    │PEAR Net_IDNA2 module and doesn't work for PHP 5.0.5). We also now
    │support the 'scope' attribute on tables.
  * Switch to debian/source/format 3.0 (quilt) with
    the single-debian-patch local-option
  * Omit .git* files when repacking any further .orig.tar.gz
  * Use a paxcpio (from the pax package) feature to shrink .orig.tar.gz
  * debian/rules: Modernise; add build-{arch,indep} targets
  * debian/control: Add VCS-{git,Browser}, Policy 3.9.3 (no changes)

 -- Thorsten Glaser <tg@mirbsd.de>  Fri, 30 Mar 2012 11:42:47 +0200

php-htmlpurifier (4.3.0+dfsg1-1) unstable; urgency=low

  * New upstream release; upstream WHATSNEW says:
    │HTML Purifier 4.3.0 is a major security release addressing various
    │security vulnerabilities related to user-submitted code and
    │legitimate client-side scripts. It also contains an accumulation of
    │new features and bugfixes over half a year. New configuration
    │options include %CSS.Trusted, %CSS.AllowedFonts and
    │%Cache.SerializerPermissions. There is a backwards-incompatible API
    │change for customized raw definitions, see
    │<http://htmlpurifier.org/docs/enduser-customize.html#optimized> for
    │details.
  * Document that %Cache.SerializerPath *MUST* be used, because the
    upstream standard location cannot be written to in a packaged
    version (being system-global) for security reasons. Also switch
    %Cache.DefinitionImpl from "Serializer" to NULL to make the
    standard installation, although with degraded performance, work
    as-is. Document in README.Debian. (Closes: #611305)
  * Solves TEMP-0000000-196897 security issue.

 -- Thorsten Glaser <tg@mirbsd.de>  Sat, 02 Apr 2011 16:55:15 +0000

php-htmlpurifier (4.2.0+dfsg1-1) unstable; urgency=low

  * New upstream release; upstream WHATSNEW says:
    │HTML Purifier 4.2.0 is a minor release that implements a number of
    │feature requests accumulated over half a year.  New configuration
    │options include %Core.RemoveProcessingInstructions,
    │%CSS.ForbiddenProperties, %HTML.FlashAllowFullScreen and
    │%Core.NormalizeNewlines.  Additionally,%URI.DisableResources is
    │now functional and file: is an optionally supported URI scheme.
    │There are also some minor bugfixes, usability improvements and
    │documentation updates.
  * Install NEWS as upstream changelog, as it’s its intentional use
  * Policy 3.9.1 (no relevant changes)

 -- Thorsten Glaser <tg@mirbsd.de>  Wed, 13 Oct 2010 13:40:21 +0000

php-htmlpurifier (4.1.1+dfsg1-1) unstable; urgency=high

  * New upstream release; upstream WHATSNEW says:
    | HTML Purifier 4.1.1 is a major security and bugfix release that
    | improves on 4.1's fix for an XSS vulnerability exploitable on Internet
    | Explorer.  It also contains a number of important bugfixes, including
    | the removal of improper logic that could result in infinite loops and
    | fixed parsing for single-attributes with entities with DirectLex.
  * Set urgency=high due to second attempt at XSS bugfix, no CVE number
    (SA39613) (Closes: #586061) (LP: #582576)
  * /usr/share/php-htmlpurifier/tests/index.php no longer has a shebang,
    so do not chmod +x it

 -- Thorsten Glaser <tg@mirbsd.de>  Thu, 17 Jun 2010 14:45:26 +0000

php-htmlpurifier (4.1.0+dfsg1-1) unstable; urgency=high

  * New upstream release; upstream WHATSNEW says:
    | HTML Purifier 4.1 is a major security release that fixes an XSS
    | vulnerability exploitable on Internet Explorer.  It also contains
    | a number of new features, including dramatically more flexible Flash
    | support, including %Output.FlashCompat to replace %HTML.SafeEmbed,
    | optional support for the data: URI scheme and better HTML parsing
    | capabilities.
    Setting urgency=high due to XSS bugfix.
  * debian/rules (get-orig-source): support uscan downloaded files

 -- Thorsten Glaser <tg@mirbsd.de>  Thu, 29 Apr 2010 09:10:27 +0000

php-htmlpurifier (4.0.0+dfsg1-1) unstable; urgency=low

  * Take original upstream tarball, removing non-DFSG-free XHTML
    schema and entities and other unlicenced material, instead
    of what dh-make-pear produces.
  * Completely re-do the packaging to avoid all that php-pear
    brings with it, including “channels”. (Closes: #572184)
  * Add myself and Roland Mas as Uploader due to request for help
    of the maintainer.
  * Install both library and documentation.

 -- Thorsten Glaser <tg@mirbsd.de>  Tue, 16 Mar 2010 14:04:20 +0000

php-htmlpurifier (4.0.0-2) unstable; urgency=low

  * Add htmlpurifier.org.reg channel so build in a debootstrap env
  works (Closes: #551243)
  * Rewiewed autoformated description (Closes: #531019)
  This time closes the right bug

 -- Christian Bayle <bayle@debian.org>  Tue, 03 Nov 2009 13:25:53 +0100

php-htmlpurifier (4.0.0-1) unstable; urgency=low

  * New Upstream Version (Closes: #549343).
  * Rewiewed autoformated description (Closes: #534019)

 -- Christian Bayle <bayle@debian.org>  Mon, 12 Oct 2009 21:02:41 +0200

php-htmlpurifier (3.3.0-1) unstable; urgency=low

  * Initial Release (Closes: #462150).

 -- Christian Bayle <bayle@debian.org>  Tue, 12 May 2009 22:28:14 +0200
