h2o (2.2.4+dfsg-1) unstable; urgency=high

  * New upstream bugfix release
    + Fix crash when logging TLS 1.3 properties (CVE-2017-10872)
    + Fix crash when handling malformed HTTP/2 request (CVE-2017-10908)
  * Drop patches merged upstream:
    + fix-mruby-proc.patch
    + fix-segfault-on-big-endian.patch
  * Bump Standards-Version to 4.1.2; no changes needed

 -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 21 Dec 2017 10:58:30 +0200

h2o (2.2.3+dfsg-2) unstable; urgency=medium

  * Fix segfault on big-endian systems when reverse-proxying to HTTPS. This
    fixes FTBFS on s390x.

 -- Apollon Oikonomopoulos <apoikos@debian.org>  Fri, 27 Oct 2017 22:39:52 +0300

h2o (2.2.3+dfsg-1) unstable; urgency=medium

  * New upstream stable release.
  * Drop patches merged upstream.
    + Build-on-platforms-without-64-bit-atomics.patch
    + Fix-deadlock-in-setup_bio.patch
    + epoll-do-not-leak-epoll-fds-on-fork.patch
    + epoll-explicitly-delete-sockets-on-close.patch
  * New patch fixing Proc's in mruby handlers that reference outer-scope
    variables. Thanks to Tatsushi Demachi.
  * Refresh remaining patches.
  * Disable the new 50reverse-proxy-drop-headers test as it requires network
    access.
  * Fix upgrade reload logic: do not restart on upgrades, just reload.
  * Bump Standards to 4.1.1; no changes needed.

 -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 19 Oct 2017 16:07:38 +0300

h2o (2.2.2+dfsg-2) unstable; urgency=medium

  * Fix FTBFS on platforms without 64-bit atomics (mips, powerpc and possibly
    others), by using a 32-bit unsigned int as connection ID.

 -- Apollon Oikonomopoulos <apoikos@debian.org>  Thu, 21 Sep 2017 21:50:25 +0300

h2o (2.2.2+dfsg-1) unstable; urgency=medium

  * Initial release. (Closes: #873811)

 -- Apollon Oikonomopoulos <apoikos@debian.org>  Tue, 19 Sep 2017 12:45:21 +0300
