1 courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high
3 * Non-maintainer upload by the security team
4 * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
5 PQsetClientEncoding() and PQescapeStringConn()
8 -- Steffen Joeris <white@debian.org> Mon, 08 Dec 2008 13:48:12 +0000
10 courier-authlib (0.61.0-1) unstable; urgency=low
12 * new upstream release
15 - don't ignore make clean errors
17 -- Stefan Hornburg (Racke) <racke@linuxia.de> Thu, 17 Jul 2008 12:59:36 +0200
19 courier-authlib (0.60.1-2.1) unstable; urgency=high
21 * Non-maintainer upload by the security team
22 * Fix sql injection vulnerability by changing to use
23 mysql_set_character_set instead of SET NAMES
24 (Change was introduced by upstream in 0.60.6)
27 -- Steffen Joeris <white@debian.org> Mon, 09 Jun 2008 15:29:23 +0000
29 courier-authlib (0.60.2-0hcoop7) unstable; urgency=low
31 * Revert last change. Now the AFS token code is before the callback.
33 -- Michael Olson (HCoop) <mwolson@hcoop.net> Thu, 07 Feb 2008 22:37:30 -0500
35 courier-authlib (0.60.2-0hcoop6) unstable; urgency=low
37 * Move acquiting of AFS vmail tokens to just after callback.
39 -- Michael Olson (HCoop) <mwolson@hcoop.net> Sat, 02 Feb 2008 20:29:01 -0500
41 courier-authlib (0.60.2-0hcoop5) unstable; urgency=low
43 * Move acquiring of AFS vmail tokens to preauthuserdbcommon.c.
45 -- Michael Olson (HCoop) <mwolson@hcoop.net> Fri, 01 Feb 2008 21:55:37 -0500
47 courier-authlib (0.60.2-0hcoop4) unstable; urgency=low
49 * authuserdb: Try using a separate get-token script.
51 -- Michael Olson (HCoop) <mwolson@hcoop.net> Wed, 30 Jan 2008 13:17:14 -0500
53 courier-authlib (0.60.2-0hcoop3) unstable; urgency=low
55 * Fix bug in previous patch.
57 -- Michael Olson (HCoop) <mwolson@hcoop.net> Sun, 27 Jan 2008 16:19:18 -0500
59 courier-authlib (0.60.2-0hcoop2) unstable; urgency=low
61 * Get token after authenticating a vmail user.
63 -- Michael Olson (HCoop) <mwolson@hcoop.net> Sat, 26 Jan 2008 15:28:19 -0500
65 courier-authlib (0.60.2-0hcoop1) unstable; urgency=low
67 * New upstream release. Remaining changes:
68 - Revert the disabling of pam_setcred so that IMAP works as expected.
69 - Set the userdb path to be /etc/courier/userdb.
71 -- Michael Olson (HCoop) <mwolson@hcoop.net> Fri, 25 Jan 2008 19:24:41 -0500
73 courier-authlib (0.60.1-2) unstable; urgency=low
75 * added LSB dependency info to init scripts (Closes: #460221, thanks to
76 Petter Reinholdtsen <pere@hungry.com> for the patch)
78 -- Stefan Hornburg (Racke) <racke@linuxia.de> Mon, 7 Apr 2008 13:21:37 +0200
80 courier-authlib (0.60.1-1hcoop1) unstable; urgency=low
82 * Sync from Debian. Remaining changes:
83 - Revert the disabling of pam_setcred so that IMAP works as expected.
84 - Set the userdb path to be /etc/courier/userdb.
86 -- Michael Olson (HCoop) <mwolson@hcoop.net> Fri, 25 Jan 2008 18:28:11 -0500
88 courier-authlib (0.60.1-1) unstable; urgency=low
90 * new upstream release
92 -- Stefan Hornburg (Racke) <racke@linuxia.de> Mon, 15 Oct 2007 10:56:16 +0200
94 courier-authlib (0.60.0-1) unstable; urgency=low
96 * new upstream release, now under GPL version 3
98 -- Stefan Hornburg (Racke) <racke@linuxia.de> Sun, 30 Sep 2007 21:58:35 +0200
100 courier-authlib (0.59.3-2) unstable; urgency=low
102 * dropped alternative build dependency on postgresql-dev
103 (Closes: #429964, thanks to Lior Kaplan <kaplan@debian.org> for the report
105 -- Stefan Hornburg (Racke) <racke@linuxia.de> Thu, 21 Jun 2007 20:26:38 +0200
107 courier-authlib (0.59.3-1hcoop1) unstable; urgency=low
110 * Revert the disabling of pam_setcred so that IMAP works as expected.
111 * Set the userdb path to be /etc/courier/userdb.
112 * userdb: Allow "+", ":", and "_" in usernames.
114 -- Michael Olson (HCoop) <mwolson@hcoop.net> Fri, 25 Jan 2008 17:46:10 -0500
116 courier-authlib (0.59.3-1) unstable; urgency=low
118 * new upstream release
120 -- Stefan Hornburg (Racke) <racke@linuxia.de> Mon, 23 Apr 2007 10:18:17 +0200
122 courier-authlib (0.59.1-0.1) experimental; urgency=low
124 * new upstream release
126 -- Stefan Hornburg (Racke) <racke@linuxia.de> Wed, 17 Jan 2007 11:58:29 +0100
128 courier-authlib (0.58-5) unstable; urgency=low
130 * added dependency and build dependency on expect (Closes: #400812,
131 thanks to Peter Troeger <peter@troeger.eu> for the report)
133 -- Stefan Hornburg (Racke) <racke@linuxia.de> Wed, 29 Nov 2006 11:42:45 +0100
135 courier-authlib (0.58-4) unstable; urgency=medium
137 * call dh_makeshlibs during binary-arch target in order to get proper shlib
138 information for libcourierauth.so (Closes: #378249, thanks to Charles
139 Fry <cfry@debian.org> for the report and Steinar H. Gunderson
140 <sesse@debian.org> for the patch)
141 * ensure that courier-authdaemon is upgraded when switching to courier-authlib
142 * switch to lsb logging functions (Closes: #384823, thanks to David Härdeman
143 <david@2gen.com> for the patch)
145 -- Stefan Hornburg (Racke) <racke@linuxia.de> Sat, 9 Sep 2006 17:37:11 +0200
147 courier-authlib (0.58-3.1) unstable; urgency=medium
149 * Non-Maintainer Upload to fix security bug, caused by
150 /var/run/courier/authdaemon being world executable. Thanks to Martin
151 Ferrari for the fix. (Closes: #378571)
153 -- Margarita Manterola <marga@debian.org> Tue, 1 Aug 2006 16:45:07 -0300
155 courier-authlib (0.58-3) unstable; urgency=low
157 * remove all Courier runtime files on purge of courier-authdaemon
159 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 6 Jun 2006 04:48:20 +0200
161 courier-authlib (0.58-2) unstable; urgency=low
163 * set ownership of /var/run/courier and /var/run/courier/authdaemon to
164 daemon.daemon (Closes: #368358, #368360)
166 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 23 May 2006 09:43:15 +0200
168 courier-authlib (0.58-1.0) unstable; urgency=low
170 * first upload to unstable
172 -- Stefan Hornburg (Racke) <racke@linuxia.de> Fri, 12 May 2006 16:53:38 +0200
174 courier-authlib (0.58-0.4) experimental; urgency=low
176 * changed alternative dependency for libmysqlclient-dev to
177 libmysqlclient15-dev (Closes: #356728, thanks to Stefan Huehner
178 <huehner@unix-ag.uni-kl.de> for the report)
180 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 14 Mar 2006 11:14:11 +0100
182 courier-authlib (0.58-0.3) experimental; urgency=low
184 * courier-authlib-userdb conflicts with pre-authlib courier-base package
186 -- Stefan Hornburg (Racke) <racke@linuxia.de> Wed, 11 Jan 2006 09:33:10 +0100
188 courier-authlib (0.58-0.2) experimental; urgency=low
190 * updated config.{guess,sub} to avoid FTBFS on some architectures
191 (Closes: #346105, thanks to Petr Salinger
192 <Petr.Salinger@t-systems.cz>)
194 -- Stefan Hornburg (Racke) <racke@linuxia.de> Fri, 6 Jan 2006 11:13:19 +0100
196 courier-authlib (0.58-0.1) experimental; urgency=low
198 * new upstream release
199 * transition to new PostgreSQL architecture (Closes: #339297, thanks to
200 Martin Pitt <mpitt@debian.org> for the report and the patch)
201 * added courier-authlib-mysql/postgresql prerm/postinst scripts to
202 restart courier-authdaemon
204 -- Stefan Hornburg (Racke) <racke@linuxia.de> Thu, 5 Jan 2006 14:58:19 +0100
206 courier-authlib (0.57.20051004-2) experimental; urgency=low
208 * ship configuration files with sane ownership/permissions
209 * restoring call to pam_acct_mgmt
211 -- Stefan Hornburg (Racke) <racke@linuxia.de> Fri, 11 Nov 2005 00:49:19 +0100
213 courier-authlib (0.57.20051004-1) experimental; urgency=low
215 * new upstream release:
216 - contains authtest manual page and authpasswd script
217 * keep authtest name instead of renaming to courierauthtest, there are
218 currently no conflicts with other binaries
219 * separate package courier-authlib-pipe for authpipe module
220 * revive courier-authdaemon package to allow seamless upgrades from sarge
221 * changed FSF address in copyright file
222 * changed BuildDepends from libmysqlclient10-dev to libmysqlclient14-dev
225 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 25 Oct 2005 11:04:45 +0200
227 courier-authlib (0.56-0.5) experimental; urgency=low
229 * added build dependency on procps (Closes: #311976, thanks to Kurt
230 Roeckx <kurt@roeckx.be> for the report)
232 -- Stefan Hornburg (Racke) <racke@linuxia.de> Sat, 4 Jun 2005 22:03:43 +0200
234 courier-authlib (0.56-0.4) experimental; urgency=low
236 * provide proper LDAP configuration file instead of an empty one (thanks
237 to Peter Mann <Peter.Mann@tuke.sk> for the report)
239 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 31 May 2005 14:48:04 +0200
241 courier-authlib (0.56-0.3) experimental; urgency=low
243 * added dependency to courier-authlib-dev on courier-authlib
244 * versioned dependencies for courier-authlib-* packages
246 -- Stefan Hornburg (Racke) <racke@linuxia.de> Tue, 31 May 2005 11:13:01 +0200
248 courier-authlib (0.56-0.2) experimental; urgency=low
250 * removed check for openssl binary (Closes: #311175, thanks to Kenshi
251 Muto <kmuto@debian.org> for the report)
253 -- Stefan Hornburg (Racke) <racke@linuxia.de> Mon, 30 May 2005 13:23:02 +0200
255 courier-authlib (0.56-0.1) experimental; urgency=low
259 -- Stefan Hornburg (Racke) <racke@linuxia.de> Fri, 27 May 2005 23:20:21 +0200