node-url-parse (1.4.7-3ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Authorization Bypass
    - debian/patches/CVE-2022-0512[1-7].patch: fixed improper input handeling 
      in node-url-parse for input containing the at sign.
    - debian/patches/CVE-2022-0639[1-2].patch: fixed improper input handeling 
      in node-url-parse in toString function.
    - debian/patches/CVE-2022-0686[1-7].patch: fixed improper input handeling 
      in node-url-parse when input contains specified but empty port.
    - debian/patches/CVE-2022-0691[1-2].patch: fixed improper input handeling 
      in node-url-parse for input containing URL beginning with control
      characters.
    - CVE-2022-0512
    - CVE-2022-0639
    - CVE-2022-0686
    - CVE-2022-0691
  * SECURITY UPDATE: Open Redirect, SSRF, and DoS
    - debian/patches/CVE-2021-27515.patch: fixed improper input handeling 
      in node-url-parse for input containing backslash.
    - debian/patches/CVE-2021-3664[1-5].patch: fixed improper input handeling 
      in node-url-parse for input containing backslash.
    - CVE-2021-27515
    - CVE-2021-3664

 -- Amir Naseredini <amir.naseredini@canonical.com>  Thu, 23 Mar 2023 12:49:27 +0000

node-url-parse (1.4.7-3) unstable; urgency=medium

  * Team upload
  * Reupload to unstable 

 -- Pirate Praveen <praveen@debian.org>  Sun, 04 Aug 2019 18:22:13 +0000

node-url-parse (1.4.7-2) experimental; urgency=medium

  * Team upload
  * Drop unnecessary build dependency on dh-buildinfo
  * Bump standards version to 4.4.0
  * Build with webpack 4
  * Switch to pkg-js-tools auto install (remove debian/install)
  * Add mocha as build dependency

 -- Pirate Praveen <praveen@debian.org>  Tue, 30 Jul 2019 15:36:19 +0000

node-url-parse (1.4.7-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.4.7
  * Add SECURITY.md in docs
  * Remove CVE-2018-3774 patch
  * Bump debhelper compatibility level to 12

 -- Xavier Guimard <yadd@debian.org>  Mon, 08 Jul 2019 07:22:42 +0200

node-url-parse (1.2.0-2) unstable; urgency=medium

  * Team upload
  * Declare compliance with policy 4.3.0
  * Add patch to fix bad URL parsing (Closes: #906058, CVE-2018-3774)
  * Enable upstream tests using pkg-js-tools. This adds node-deep-eql,
    node-object-inspect and node-pathval in build dependencies
  * Fix VCS fields
  * Fix debian/copyright format URL
  * Fix description (trailing whitespaces)
  * Add upstream/metadata

 -- Xavier Guimard <yadd@debian.org>  Tue, 16 Apr 2019 10:18:36 +0200

node-url-parse (1.2.0-1) unstable; urgency=medium

  * Team upload
  * New upstream release
  * Bump standards, update section and priority
  * Use github tarballs
  * Use webpack instead of browserify

 -- Pirate Praveen <praveen@debian.org>  Tue, 02 Jan 2018 21:25:10 +0530

node-url-parse (1.0.5-2) unstable; urgency=medium

  * debian/install: install more files into package

 -- Thorsten Alteholz <debian@alteholz.de>  Sun, 14 Feb 2016 16:07:46 +0100

node-url-parse (1.0.5-1) unstable; urgency=medium

  * new upstream version
  * debian/control: use correct version numbers for dependencies
                    (Closes: #801143)

 -- Thorsten Alteholz <debian@alteholz.de>  Sat, 06 Feb 2016 18:07:46 +0100

node-url-parse (1.0.2-1) unstable; urgency=low

  * Initial release

 -- Thorsten Alteholz <debian@alteholz.de>  Wed, 02 Sep 2015 18:07:46 +0200
