X-Git-Url: https://git.hcoop.net/hcoop/debian/courier-authlib.git/blobdiff_plain/3f2ad2d41e9a9753d321427a7e1acae525767222..b92f8a0725abfd548aa6f569c298dd69c1b1b79c:/debian/changelog

diff --git a/debian/changelog b/debian/changelog
index c07b132..f9e039c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,31 @@
+courier-authlib (0.61.0-1+lenny1) testing-security; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix several sql-injection vulnerabilities in authpgsqllib.c by using
+    PQsetClientEncoding() and PQescapeStringConn()
+    Fixes: CVE-2008-2380
+
+ -- Steffen Joeris <white@debian.org>  Mon, 08 Dec 2008 13:48:12 +0000
+
+courier-authlib (0.61.0-1) unstable; urgency=low
+
+  * new upstream release
+  * lintian:
+    - debian/compat file
+    - don't ignore make clean errors
+  
+ -- Stefan Hornburg (Racke) <racke@linuxia.de>  Thu, 17 Jul 2008 12:59:36 +0200
+
+courier-authlib (0.60.1-2.1) unstable; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix sql injection vulnerability by changing to use
+    mysql_set_character_set instead of SET NAMES
+    (Change was introduced by upstream in 0.60.6)
+    (Closes: #485424)
+
+ -- Steffen Joeris <white@debian.org>  Mon, 09 Jun 2008 15:29:23 +0000
+
 courier-authlib (0.60.2-0hcoop7) unstable; urgency=low
 
   * Revert last change.  Now the AFS token code is before the callback.
@@ -42,6 +70,13 @@ courier-authlib (0.60.2-0hcoop1) unstable; urgency=low
 
  -- Michael Olson (HCoop) <mwolson@hcoop.net>  Fri, 25 Jan 2008 19:24:41 -0500
 
+courier-authlib (0.60.1-2) unstable; urgency=low
+
+  * added LSB dependency info to init scripts (Closes: #460221, thanks to
+    Petter Reinholdtsen <pere@hungry.com> for the patch)
+
+ -- Stefan Hornburg (Racke) <racke@linuxia.de>  Mon,  7 Apr 2008 13:21:37 +0200
+
 courier-authlib (0.60.1-1hcoop1) unstable; urgency=low
 
   * Sync from Debian.  Remaining changes: