webkit2gtk (2.14.3-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.14.3 to fix multiple security issues.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 02 Feb 2017 07:59:13 -0500

webkit2gtk (2.14.2-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.14.2 to fix multiple security issues.
    - debian/patches/install-minibrowser.patch: removed, no longer needed.
    - debian/rules: set -DENABLE_MINIBROWSER=ON.
    - debian/patches/fix-ftbfs-m68k.patch: removed, not needed in Ubuntu.
    - debian/patches/fix-ftbfs-armel.patch: fix FTBFS.
    - debian/libjavascriptcoregtk-4.0-bin.install: install the jsc executable
      in /usr/bin.
    - debian/libwebkit2gtk-4.0-37.symbols: updated for new version.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 06 Jan 2017 08:49:55 -0500

webkit2gtk (2.12.5-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.12.5 to fix multiple security issues.
    - debian/patches/hide-gtk2-plugins.patch: removed, upstream.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 12 Sep 2016 09:16:39 -0400

webkit2gtk (2.10.9-1ubuntu1) xenial; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    + Build with GeoClue 1, which is what we still use in Ubuntu.

 -- Iain Lane <iain.lane@canonical.com>  Wed, 23 Mar 2016 18:09:37 +0000

webkit2gtk (2.10.9-1) unstable; urgency=medium

  * New upstream release.

 -- Alberto Garcia <berto@igalia.com>  Fri, 18 Mar 2016 12:35:25 +0200

webkit2gtk (2.10.8-1ubuntu1) xenial; urgency=low

  * Build with GeoClue 1, which is what we still use in Ubuntu.

 -- Iain Lane <iain@orangesquash.org.uk>  Tue, 15 Mar 2016 10:59:14 +0000

webkit2gtk (2.10.8-1) unstable; urgency=high

  * New upstream release. This fixes CVE-2016-1726 (Closes: #802380).
  * Allow building the package with debhelper < 9.20151219. This won't
    produce any debug packages (since they are automatically generated
    now), but it can be useful for backports.
    + debian/control:
      - Revert build dependency on debhelper back to >= 9.
    + debian/rules:
      - Don't make dh_strip fail if it doesn't support --ddeb-migration.
  * debian/rules:
    + The list of architectures in which the debug packages are causing
      problems continues to grow, so let's try the opposite approach: we
      build by default using -g1 except in the cases where we know that
      -g works fine (amd64, ppc64, ppc64el).
    + Enable all hardening flags.
  * debian/patches/fix-ftbfs-m68k.patch:
    + Enclose the changes to the compile assertions inside an #ifdef block
      so they only apply to m68k.
  * debian/patches/fix-ftbfs-alpha.patch:
    + Fix FTBFS in alpha (Closes: #815124).
  * debian/patches/fix-ftbfs-sparc64.patch:
    + Add patch metadata.
  * debian/source/lintian-overrides:
    + Update overrides so the latest lintian doesn't give more
      source-is-missing false positives.
  * debian/control:
    + Bump Standards-Version to 3.9.7; no changes needed.
    + Use secure URIs for the Vcs-* fields.

 -- Alberto Garcia <berto@igalia.com>  Sat, 12 Mar 2016 00:07:55 +0200

webkit2gtk (2.10.6-1ubuntu1) xenial; urgency=medium

  * Build with GeoClue 1, which is what we still use in Ubuntu.

 -- Iain Lane <iain@orangesquash.org.uk>  Fri, 12 Feb 2016 15:05:47 +0000

webkit2gtk (2.10.6-1) unstable; urgency=medium

  * New upstream release.

 -- Alberto Garcia <berto@igalia.com>  Wed, 27 Jan 2016 16:48:08 +0200

webkit2gtk (2.10.5-1) unstable; urgency=high

  * New upstream release. Fixes CVE-2015-7096 and CVE-2015-7098.
    This release doesn't contain any non-DFSG files in the original
    tarball, so we can ship it as-is and remove the +dfsg suffix from the
    Debian version.
    + debian/watch:
      - Remove the 'dversionmangle' option.
    + debian/rules:
      - Remove the get-orig-source target.
      - Don't generate (and clean) jquery.min.js.
    + debian/control:
      - Remove build dependency on slimit.
    + debian/jquery-1.9.1.js:
      - Remove.
  * debian/patches/fix-ftbfs-sparc64.patch:
    + Fix FTBFS on sparc64 (Closes: #806816).
  * debian/rules:
    + Don't pass -DENABLE_YARR_JIT=0, passing -DENABLE_JIT=OFF already
      takes care of that.
    + Remove EXTRA_DH_ARGUMENTS, this is no longer being used.
  * debian/watch:
    + Only scan releases from the stable branches.
  * Migrate to automatic -dbgsym packages:
    + debian/control:
      - Remove the entries for libjavascriptcoregtk-4.0-18-dbg and
        libwebkit2gtk-4.0-37-dbg.
      - Require debhelper >= 9.20151219.
    + debian/rules:
      - Replace --dbg-package with --ddeb-migration in dh_strip.
  * debian/copyright:
    + Update copyright years.
    + Remove mentions to jquery (which is no longer included) and
      FontWithNoValidEncoding.fon, which is a regular font in the FON file
      format.

 -- Alberto Garcia <berto@igalia.com>  Thu, 21 Jan 2016 14:26:30 +0200

# For older changelog entries, run 'apt-get changelog gir1.2-javascriptcoregtk-4.0'