ruby-saml (1.13.0-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: SAML signature wrapping authentication bypass
    - debian/patches/CVE-2024-45409.patch: use correct XPaths, resolve
      to correct elements, and block references that resolve to
      multiple nodes. Changes made to lib/xml_security.rb
    - CVE-2024-45409

 -- Elise Hlady <elise.hlady@canonical.com>  Thu, 23 Jan 2025 14:17:07 -0800

ruby-saml (1.13.0-1) unstable; urgency=medium

  * New upstream version 1.13.0

 -- Pirate Praveen <praveen@debian.org>  Wed, 27 Oct 2021 00:23:05 +0530

ruby-saml (1.12.2-2) unstable; urgency=medium

  [ Pirate Praveen ]
  * Update minimum version of ruby-nokogiri

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster

  [ Pirate Praveen ]
  * Reupload to unstable
  * Bump Standards-Version to 4.6.0 (no changes needed)
  * Bump debhelper compatibility level to 13

 -- Pirate Praveen <praveen@debian.org>  Sat, 28 Aug 2021 15:21:58 +0530

ruby-saml (1.12.2-1) experimental; urgency=medium

  [ Debian Janitor ]
  * Set upstream metadata fields: Bug-Submit.
  * Update standards version to 4.4.1, no changes needed.

  [ Cédric Boutillier ]
  * Update team name
  * Add .gitattributes to keep unwanted files out of the source package

  [ Debian Janitor ]
  * Update watch file format version to 4.
  * Update standards version to 4.5.0, no changes needed.

  [ Pirate Praveen ]
  * Bump Standards-Version to 4.5.1 (no changes needed)
  * New upstream version 1.12.2
  * Drop all patches, the gem no longer ships tests

 -- Pirate Praveen <praveen@debian.org>  Thu, 15 Apr 2021 23:58:46 +0530

ruby-saml (1.11.0-1) unstable; urgency=medium

  * Team upload

  [ Utkarsh Gupta ]
  * Add salsa-ci.yml

  [ Cédric Boutillier ]
  * New upstream version 1.11.0
  * Trim trailing whitespace.
  * Refresh patches

 -- Cédric Boutillier <boutil@debian.org>  Sat, 07 Sep 2019 00:42:55 +0200

ruby-saml (1.7.2-1) unstable; urgency=medium

  * Team upload

  [ Praveen Arimbrathodiyil ]
  * remove git in gemspec

  [ Cédric Boutillier ]
  * New upstream version 1.7.2
    + Fixes CVE-2017-11428 by processing text of nodes properly, ignoring
      comments (Closes: #892865)
  * Refresh use-system-lib.patch and remove-git-in-gemspec.patch
  * Use salsa.debian.org in Vcs-* fields
  * Bump debhelper compatibility level to 11
  * Bump Standards-Version to 4.1.3 (no changes needed)
  * Use https in watch file, copyright formal URL and homepage field

 -- Cédric Boutillier <boutil@debian.org>  Sun, 18 Mar 2018 05:33:29 +0100

ruby-saml (1.4.1-1) unstable; urgency=medium

  * New upstream release
  * Refresh patches (remove disable-failing-test.patch, merged upstream)
  * Install as gem, fix autopkgtest (Closes: #830929)

 -- Pirate Praveen <praveen@debian.org>  Sun, 30 Oct 2016 13:01:32 +0530

ruby-saml (1.3.0-1) unstable; urgency=medium

  * New upstream release
    (Fixes CVE-2016-5697 signature wrapping attack vulnerability)
  * Use unshift instead of push in gemspec (fix gemspec generation
    when an older version is already installed during build)

 -- Pirate Praveen <praveen@debian.org>  Sun, 10 Jul 2016 13:10:44 +0530

ruby-saml (1.1.2-1) unstable; urgency=medium

  * New upstream release
  * Enable tests

 -- Pirate Praveen <praveen@debian.org>  Tue, 15 Mar 2016 22:48:54 +0530

ruby-saml (1.0.0-1) unstable; urgency=medium

  * New upstream release
  * Check gemspec deps on build

 -- Pirate Praveen <praveen@debian.org>  Thu, 24 Sep 2015 20:16:24 +0530

ruby-saml (0.9.2-1) unstable; urgency=medium

  * Initial release (Closes: #790621)

 -- Pirate Praveen <praveen@debian.org>  Tue, 30 Jun 2015 19:07:07 +0530
