ruby-rack (2.1.4-3) unstable; urgency=medium
.
  * Team upload.
  * Fix tests when run on ipv6-only hosts (Closes: #979432)

ruby-rack (2.1.4-2) unstable; urgency=medium

  * Revert "Drop all patches"
    - Rack::Builder::parse_file#test_0006_strips
      leading unicode byte order mark when present still
      fails in i386 and stuff. Meh, I'll take a look later.

ruby-rack (2.1.4-1) unstable; urgency=medium

  [ Pirate Praveen ]
  * New upstream version 2.1.4
  * Bump Standards-Version to 4.5.1 (no changes needed)
  * Drop patches applied upstream

  [ Utkarsh Gupta ]
  * Drop all patches

ruby-rack (2.1.1-6) unstable; urgency=medium

  [ Cédric Boutillier ]
  * [ci skip] Update team name
  * [ci skip] Add .gitattributes to keep unwanted files out
    of the source package

  [ Debian Janitor ]
  * Apply multi-arch hints. + ruby-rack: Add :all qualifier
    for ruby dependency.

  [ Utkarsh Gupta ]
  * When parsing cookies, only decode the values.
    Patch utils to fix cookie parsing. (Fixes: CVE-2020-8184)
    (Closes: #963477)

ruby-rack (2.1.1-5) unstable; urgency=medium

  * Add patch to use Dir.entries instead of Dir[glob] to prevent
    user-specified glob metacharacters (Fixes: CVE-2020-8161)

ruby-rack (2.1.1-4) unstable; urgency=medium

  * Remove ruby-minitest-global-expectations from Depends
  * Add ruby-minitest-global-expectations for tests

ruby-rack (2.1.1-3) unstable; urgency=medium

  * Add patch to skip random failure
    (probably fixed in later upstream version)

ruby-rack (2.1.1-2) unstable; urgency=medium

  [ Debian Janitor ]
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
    Repository-Browse.

  [ Utkarsh Gupta ]
  * Shoot to unstable
  * Enable tests :D
  * Add BD on ruby-minitest-global-expectations
  * Add runtime dependency on ruby-minitest-global-expectations
  * Fix package wrt cme
  * Use AUTOPKGTEST_TMP in tests as ADTTMP is deprecated
  * Add myself as an uploader
  * Add Rules-Requires-Root: no
  * Add Breaks for ruby-rack-oauth2

ruby-rack (2.1.1-1) experimental; urgency=medium

  * Team upload
  * New upstream version 2.1.1
  * Bump Standards-Version to 4.4.1 (no changes needed)
  * Switch test to minitest (but disable tests because build deps not packaged)
  * Switch to github tarballs for tests
  * Upload to experimental because autopkgtest for berkshelf-api coquelicot
    nanoc rails redmine ruby-acts-as-api ruby-faye ruby-grape ruby-moneta
    ruby-omniauth ruby-rack-attack ruby-rack-oauth2 ruby-rack-openid
    ruby-voight-kampff failed and rebuilds of berkshelf-api coquelicot nanoc
    redmine ruby-grape ruby-omniauth ruby-rack-oauth2 ruby-warden failed

ruby-rack (2.0.7-2) unstable; urgency=medium

  * Team upload
  * Re-upload to unstable
  * Add salsa-ci.yml
  * Bump Standards-Version to 4.4.0
  * Bump debhelper-compat to 12

ruby-rack (2.0.7-1) experimental; urgency=medium

  * Team upload
  * New upstream version 2.0.7

ruby-rack (2.0.6-3) unstable; urgency=medium

  * Team upload.
  * add Breaks: ruby-sinatra (<< 2), as ruby-sinatra 1.x does not work with
    ruby-rack 2.

ruby-rack (2.0.6-2) unstable; urgency=medium

  * Team upload
  * Re-upload to unstable 

ruby-rack (2.0.6-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Remove CVE-2018-16471.patch already applied upstream

ruby-rack (2.0.5-2) experimental; urgency=medium

  * CVE-2018-16471: Prevent a possible XSS vulnerability where a malicious
    request could impact the HTTP/HTTPS scheme returned to the underlying
    application. (Closes: #913005)
  * debian/control:
    - Add myself to Uploaders.
    - Bump Standards-Version to 4.2.1.
    - wrap-and-sort -sa.
  * Drop trailing whitespace in debian/changelog.
  * Use HTTPS URI in debian/copyright.

ruby-rack (2.0.5-1) experimental; urgency=medium

  * Team upload

  [ Pirate Praveen ]
  * Drop 0001-Fix-Params_Depth.patch (applied upstream)

  [ Sruthi Chandran ]
  * New upstream release

ruby-rack (1.6.4-4) unstable; urgency=medium

  * Team upload.

  [ Cédric Boutillier ]
  * Use https:// in Vcs-* fields
  * Run wrap-and-sort on packaging files

  [ Christian Hofstaedtler ]
  * Remove uninstallable ruby-memcache-client from test dependencies
  * Bump Standards-Version to 3.9.8

ruby-rack (1.6.4-3) unstable; urgency=medium

  * Team upload
  * Bump compat. version to 9
  * Update Debian packaging using dh-make-ruby
  * d/control:
      Update Vcs-* fields (switch to cgit and https everywhere)
      Bump Standards-Version to 3.9.7 (no changes)
      Move to ruby-dalli (memcache-client is deprecated)
        ROM for ruby-memcache-client
        https://github.com/rack/rack/issues/1025
      Remove librack-ruby* relations (those packages are long gone)

ruby-rack (1.6.4-2) unstable; urgency=medium

  * Upload to unstable

ruby-rack (1.6.4-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Refresh patch (part merged upstream)

ruby-rack (1.5.2-4) unstable; urgency=medium

  * Add patch: Fix upstream Issue 631
    - uninitialized constant Rack::Response::BodyProxy
  * Create cherry-picked patch for Security Fix (Closes: #789311)
    - CVE-2015-3225: 1-4-deep_params.patch

ruby-rack (1.5.2-3) unstable; urgency=medium

  * add myself to Uploaders:
  * debian/ruby-tests.rake: run all tests instead of a subset of them
  * debian/tests/control: add a gem2deb-test-runner test

ruby-rack (1.5.2-2) unstable; urgency=medium

  * Team upload.
  * Rebuild with recent gem2deb to make package visible to Rubygems on all
    Ruby interpreters
  * Drop transitional packages
  * Add autopkgtest smoke test

ruby-rack (1.5.2-1) unstable; urgency=low

  * Team upload.

  [ Cédric Boutillier ]
  * debian/control: remove obsolete DM-Upload-Allowed flag
  * use canonical URI in Vcs-* fields

  [ Christian Hofstaedtler ]
  * New upstream release.
  * Removed all patches, already applied upstream.

ruby-rack (1.4.1-2.1) unstable; urgency=high

  [ KURASHIKI Satoru ]
  * Non-maintainer upload.
  * Create cherry-picked patches for Security Fix (Closes: #700173 #700226).
    - CVE-2013-0262: 0004-Prevent-symlink-path-traversals.patch
    - CVE-2013-0263: 0005-Use-secure_compare-for-hmac-comparison.patch

  [ Youhei SASAKI ]
  * Create cherry-picked patches for Security Fix (Closes: #698440).
    - CVE-2012-6109: 0001-Fix-parsing-performance-for-unquoted-filenames.patch
    - CVE-2013-0183: 0002-multipart-parser-avoid-unbounded-gets-method.patch
    - CVE-2013-0184: 0003-Reimplement-auth-scheme-fix.patch

ruby-rack (1.4.1-2) unstable; urgency=low

  * Bump build dependency on gem2deb to >= 0.3.0~

ruby-rack (1.4.1-1) unstable; urgency=low

  * New Upstream version 1.4.1
  * Bump standard version: 3.9.3
  * Add Build-Depends: rake, bacon, ruby-memcache-client, thin
  * Add d/s/local-options: Update patch handling
  * Update ruby-tests.rb to ruby-tests.rake: running full test

ruby-rack (1.4.0-1) unstable; urgency=low

  * New upstream release (closes: #653963).

ruby-rack (1.3.5-1) unstable; urgency=low

  * New upstream release.
  * Fix my email address.
  * Fix priority of transitional packages.
  * TESTS ARE DISABLED: many dependencies required for tests are not
    packaged yet.

ruby-rack (1.3.1-1) unstable; urgency=low

  * New upstream release: 1.3.1
  * Bump Standard version: 3.9.2
  * Add me to Uploaders
  * Add ruby-bacon to Build-Depends
  * Add manpage for rackup Closes: #606910
    - Thanks to Glido Fiorito <fiorito.g@gmail.com>

ruby-rack (1.2.2-2) unstable; urgency=low

  * Add transitional packages from librack-ruby.

ruby-rack (1.2.2-1) unstable; urgency=low

  * Switch to gem2deb-based packaging. Rename source and binary package.
  * libopenssl-ruby was merged in the main ruby package. Closes: #574960
    Closes: #592416.
  * new upstream release.
  * TESTS ARE DISABLED: many dependencies required for tests are not
    packaged yet.

librack-ruby (1.1.0-4) unstable; urgency=low

  * Team upload.
  * This package is now maintained within the Debian/Ruby Extras team.
  * debian/control:
    - Added the team (and myself) to the uploaders.
    - Updated the Vcs-* fields.
  * Version the dependency between librack-ruby and librack-ruby1.8.
    Closes: #583553
  * Rename the 1.9.1 binary to rackup1.9.1

librack-ruby (1.1.0-3) unstable; urgency=low

  * adopt package
  * add Conflicts/Replaces from librack-ruby1.9.1 to librack-ruby1.9
    because of /usr/bin/rackup1.9 (Closes: #570435)

librack-ruby (1.1.0-2) unstable; urgency=low

  * Move to ruby1.9.1 (Closes: #569884).
  * Removed unused lintian override.
  * Bumped up Standards-Version.

librack-ruby (1.1.0-1) unstable; urgency=low

  * New upstream release.

librack-ruby (1.0.1-1) unstable; urgency=low

  * New upstream release.
  * Bumped up Standards revision.
  * Moved to CDBS.
  * Lintian cleanups.

librack-ruby (1.0.0-1) unstable; urgency=low

  * New upstream release.
  * Added debian/watch file.
  * Bumped up Standards version to 3.8.1.
  * BUmped up debhelper compat level to 6.
  * Moved to section "ruby".
  * Added proper versioned dependency on debhelper (for dh_lintian).
  * Updated short description for librack-ruby1.8.

librack-ruby (0.9.1-1) unstable; urgency=low

  * New upstream release (Closes: #516855).

librack-ruby (0.3.0-2) unstable; urgency=low

  * Corrected short description for librack-ruby1.8

librack-ruby (0.3.0-1) unstable; urgency=low

  * Initial Release (Closes: #480035).