debian/changelog

   1 courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high
   2
   3   * Non-maintainer upload by the security team
   4   * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
   5     PQsetClientEncoding() and PQescapeStringConn()
   6     Fixes: CVE-2008-2380
   7
   8  -- Steffen Joeris <white@debian.org>  Mon, 08 Dec 2008 13:48:12 +0000
   9
  10 courier-authlib (0.61.0-1) unstable; urgency=low
  11
  12   * new upstream release
  13   * lintian:
  14     - debian/compat file
  15     - don't ignore make clean errors
  16
  17  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Thu, 17 Jul 2008 12:59:36 +0200
  18
  19 courier-authlib (0.60.1-2.1) unstable; urgency=high
  20
  21   * Non-maintainer upload by the security team
  22   * Fix sql injection vulnerability by changing to use
  23     mysql_set_character_set instead of SET NAMES
  24     (Change was introduced by upstream in 0.60.6)
  25     (Closes: #485424)
  26
  27  -- Steffen Joeris <white@debian.org>  Mon, 09 Jun 2008 15:29:23 +0000
  28
  29 courier-authlib (0.60.1-2) unstable; urgency=low
  30
  31   * added LSB dependency info to init scripts (Closes: #460221, thanks to
  32     Petter Reinholdtsen <pere@hungry.com> for the patch)
  33
  34  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon,  7 Apr 2008 13:21:37 +0200
  35
  36 courier-authlib (0.60.1-1) unstable; urgency=low
  37
  38   * new upstream release
  39
  40  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon, 15 Oct 2007 10:56:16 +0200
  41
  42 courier-authlib (0.60.0-1) unstable; urgency=low
  43
  44   * new upstream release, now under GPL version 3
  45
  46  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Sun, 30 Sep 2007 21:58:35 +0200
  47
  48 courier-authlib (0.59.3-2) unstable; urgency=low
  49
  50   * dropped alternative build dependency on postgresql-dev
  51     (Closes: #429964, thanks to Lior Kaplan <kaplan@debian.org> for the report
  52
  53  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Thu, 21 Jun 2007 20:26:38 +0200
  54
  55 courier-authlib (0.59.3-1) unstable; urgency=low
  56
  57   * new upstream release
  58
  59  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon, 23 Apr 2007 10:18:17 +0200
  60
  61 courier-authlib (0.59.1-0.1) experimental; urgency=low
  62
  63   * new upstream release
  64
  65  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Wed, 17 Jan 2007 11:58:29 +0100
  66
  67 courier-authlib (0.58-5) unstable; urgency=low
  68
  69   * added dependency and build dependency on expect (Closes: #400812,
  70     thanks to Peter Troeger <peter@troeger.eu> for the report)
  71
  72  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Wed, 29 Nov 2006 11:42:45 +0100
  73
  74 courier-authlib (0.58-4) unstable; urgency=medium
  75
  76   * call dh_makeshlibs during binary-arch target in order to get proper shlib
  77     information for libcourierauth.so (Closes: #378249, thanks to Charles
  78     Fry <cfry@debian.org> for the report and Steinar H. Gunderson
  79     <sesse@debian.org> for the patch)
  80   * ensure that courier-authdaemon is upgraded when switching to courier-authlib
  81   * switch to lsb logging functions (Closes: #384823, thanks to David Härdeman
  82     <david@2gen.com> for the patch)
  83
  84  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Sat,  9 Sep 2006 17:37:11 +0200
  85
  86 courier-authlib (0.58-3.1) unstable; urgency=medium
  87
  88   * Non-Maintainer Upload to fix security bug, caused by
  89     /var/run/courier/authdaemon being world executable.  Thanks to Martin
  90     Ferrari for the fix. (Closes: #378571)
  91
  92  -- Margarita Manterola <marga@debian.org>  Tue,  1 Aug 2006 16:45:07 -0300
  93
  94 courier-authlib (0.58-3) unstable; urgency=low
  95
  96   * remove all Courier runtime files on purge of courier-authdaemon
  97
  98  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue,  6 Jun 2006 04:48:20 +0200
  99
 100 courier-authlib (0.58-2) unstable; urgency=low
 101
 102   * set ownership of /var/run/courier and /var/run/courier/authdaemon to
 103     daemon.daemon (Closes: #368358, #368360)
 104
 105  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue, 23 May 2006 09:43:15 +0200
 106
 107 courier-authlib (0.58-1.0) unstable; urgency=low
 108
 109   * first upload to unstable
 110
 111  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Fri, 12 May 2006 16:53:38 +0200
 112
 113 courier-authlib (0.58-0.4) experimental; urgency=low
 114
 115   * changed alternative dependency for libmysqlclient-dev to
 116     libmysqlclient15-dev (Closes: #356728, thanks to Stefan Huehner
 117     <huehner@unix-ag.uni-kl.de> for the report)
 118
 119  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue, 14 Mar 2006 11:14:11 +0100
 120
 121 courier-authlib (0.58-0.3) experimental; urgency=low
 122
 123   * courier-authlib-userdb conflicts with pre-authlib courier-base package
 124
 125  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Wed, 11 Jan 2006 09:33:10 +0100
 126
 127 courier-authlib (0.58-0.2) experimental; urgency=low
 128
 129   * updated config.{guess,sub} to avoid FTBFS on some architectures
 130     (Closes: #346105, thanks to Petr Salinger
 131     <Petr.Salinger@t-systems.cz>)
 132
 133  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Fri,  6 Jan 2006 11:13:19 +0100
 134
 135 courier-authlib (0.58-0.1) experimental; urgency=low
 136
 137   * new upstream release
 138   * transition to new PostgreSQL architecture (Closes: #339297, thanks to
 139     Martin Pitt <mpitt@debian.org> for the report and the patch)
 140   * added courier-authlib-mysql/postgresql prerm/postinst scripts to
 141     restart courier-authdaemon
 142
 143  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Thu,  5 Jan 2006 14:58:19 +0100
 144
 145 courier-authlib (0.57.20051004-2) experimental; urgency=low
 146
 147   * ship configuration files with sane ownership/permissions
 148   * restoring call to pam_acct_mgmt
 149
 150  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Fri, 11 Nov 2005 00:49:19 +0100
 151
 152 courier-authlib (0.57.20051004-1) experimental; urgency=low
 153
 154   * new upstream release:
 155     - contains authtest manual page and authpasswd script
 156   * keep authtest name instead of renaming to courierauthtest, there are
 157     currently no conflicts with other binaries
 158   * separate package courier-authlib-pipe for authpipe module
 159   * revive courier-authdaemon package to allow seamless upgrades from sarge
 160   * changed FSF address in copyright file
 161   * changed BuildDepends from libmysqlclient10-dev to libmysqlclient14-dev
 162   * use DH_COMPAT=4
 163
 164  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue, 25 Oct 2005 11:04:45 +0200
 165
 166 courier-authlib (0.56-0.5) experimental; urgency=low
 167
 168   * added build dependency on procps (Closes: #311976, thanks to Kurt
 169     Roeckx <kurt@roeckx.be> for the report)
 170
 171  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Sat,  4 Jun 2005 22:03:43 +0200
 172
 173 courier-authlib (0.56-0.4) experimental; urgency=low
 174
 175   * provide proper LDAP configuration file instead of an empty one (thanks
 176     to Peter Mann <Peter.Mann@tuke.sk> for the report)
 177
 178  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue, 31 May 2005 14:48:04 +0200
 179
 180 courier-authlib (0.56-0.3) experimental; urgency=low
 181
 182   * added dependency to courier-authlib-dev on courier-authlib
 183   * versioned dependencies for courier-authlib-* packages
 184
 185  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Tue, 31 May 2005 11:13:01 +0200
 186
 187 courier-authlib (0.56-0.2) experimental; urgency=low
 188
 189   * removed check for openssl binary (Closes: #311175, thanks to Kenshi
 190     Muto <kmuto@debian.org> for the report)
 191
 192  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon, 30 May 2005 13:23:02 +0200
 193
 194 courier-authlib (0.56-0.1) experimental; urgency=low
 195
 196   * initial release
 197
 198  -- Stefan Hornburg (Racke) <racke@linuxia.de>  Fri, 27 May 2005 23:20:21 +0200
 199