+courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
+ PQsetClientEncoding() and PQescapeStringConn()
+ Fixes: CVE-2008-2380
+
+ -- Steffen Joeris <white@debian.org> Mon, 08 Dec 2008 13:48:12 +0000
+
+courier-authlib (0.61.0-1) unstable; urgency=low
+
+ * new upstream release
+ * lintian:
+ - debian/compat file
+ - don't ignore make clean errors
+
+ -- Stefan Hornburg (Racke) <racke@linuxia.de> Thu, 17 Jul 2008 12:59:36 +0200
+
+courier-authlib (0.60.1-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix sql injection vulnerability by changing to use
+ mysql_set_character_set instead of SET NAMES
+ (Change was introduced by upstream in 0.60.6)
+ (Closes: #485424)
+
+ -- Steffen Joeris <white@debian.org> Mon, 09 Jun 2008 15:29:23 +0000
+
+courier-authlib (0.60.1-2) unstable; urgency=low
+
+ * added LSB dependency info to init scripts (Closes: #460221, thanks to
+ Petter Reinholdtsen <pere@hungry.com> for the patch)
+
+ -- Stefan Hornburg (Racke) <racke@linuxia.de> Mon, 7 Apr 2008 13:21:37 +0200
+
courier-authlib (0.60.1-1) unstable; urgency=low
* new upstream release