Import Debian package 0.61.0-1+lenny1

[hcoop/debian/courier-authlib.git] / debian / changelog

diff --git a/debian/changelog b/debian/changelog
index acb6a1d..88916bc 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,38 @@
+courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
+    PQsetClientEncoding() and PQescapeStringConn()
+    Fixes: CVE-2008-2380
+
+ -- Steffen Joeris <white@debian.org>  Mon, 08 Dec 2008 13:48:12 +0000
+
+courier-authlib (0.61.0-1) unstable; urgency=low
+
+  * new upstream release
+  * lintian:
+    - debian/compat file
+    - don't ignore make clean errors
+  
+ -- Stefan Hornburg (Racke) <racke@linuxia.de>  Thu, 17 Jul 2008 12:59:36 +0200
+
+courier-authlib (0.60.1-2.1) unstable; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix sql injection vulnerability by changing to use
+    mysql_set_character_set instead of SET NAMES
+    (Change was introduced by upstream in 0.60.6)
+    (Closes: #485424)
+
+ -- Steffen Joeris <white@debian.org>  Mon, 09 Jun 2008 15:29:23 +0000
+
+courier-authlib (0.60.1-2) unstable; urgency=low
+
+  * added LSB dependency info to init scripts (Closes: #460221, thanks to
+    Petter Reinholdtsen <pere@hungry.com> for the patch)
+
+ -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon,  7 Apr 2008 13:21:37 +0200
+
 courier-authlib (0.60.1-1) unstable; urgency=low
 
   * new upstream release