[freeradius.git] / debian / changelog

freeradius (2.1.8+git) experimental; urgency=low

  * Unreleased.

 -- Josip Rodin <joy-packages@debian.org>  Mon, 21 Dec 2009 13:04:52 +0100

freeradius (2.1.7+dfsg-2) unstable; urgency=low

  * Ship radmin and raddebug in the freeradius package.
  * Correct section number inside raddebug(8) so it doesn't get misplaced.

 -- Josip Rodin <joy-packages@debian.org>  Tue, 24 Nov 2009 15:29:59 +0100

freeradius (2.1.7+dfsg-1) unstable; urgency=low

  * Adopting the package, closes: #536623.
  * New upstream version, closes: #513484.
    + Fixes the blooper in unlang evaluation logic, closes: #526175.
  * Used quilt (and added README.source), and moved upstream file patching
    into debian/patches/. The source is no longer in collab-maint git
    (to make it simpler for me to finally get this out the door), but
    kept the .gitignore should we need that again.
  * Dropped the dialup_admin/bin/backup_radacct patch (integrated upstream).
  * Dropped the raddb/Makefile patch (problem no longer exists upstream).
  * Dropped the lib/packet.c lib/radius.c main/listen.c patches (was from
    upstream 2.0.5 anyway).
  * Dropped references to otp.conf, it no longer exists upstream.
    Keep removing the conffile statoverride in prerm.
  * Dropped references to snmp.conf, it no longer exists upstream.
    Keep removing the conffile statoverride in prerm.
  * Ship /etc/freeradius/modules/* in the freeradius package.
  * Stop shipping sites-enabled symlinks in the package and instead create
    them only on initial install, thanks to Matej Vela, closes: #533396.
  * Add export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" to the init script
    at the request of John Morrissey, closes: #550143.
  * Stop installing /var/run/freeradius in the package to silence Lintian.
    The init script already recreates it at will.
  * Remove executable bit from example.pl to silence Lintian.

 -- Josip Rodin <joy-packages@debian.org>  Mon, 23 Nov 2009 03:57:37 +0100

freeradius (2.0.4+dfsg-7) unstable; urgency=low

  * Ignore rmdir failure on clean (closes: #545932)
  * Do a better job of catching errors in the init script (closes: #533390)
  * Init headers fixup (closes: #541882)
  * Clean up some logs so dpkg can successfully rmdir (closes: #530727)

 -- Stephen Gran <sgran@debian.org>  Sun, 13 Sep 2009 19:33:12 +0100

freeradius (2.0.4+dfsg-6) unstable; urgency=low

  * Fix unsafe use of tempfile (closes: #496389)

 -- Stephen Gran <sgran@debian.org>  Mon, 25 Aug 2008 14:18:48 +0100

freeradius (2.0.4+dfsg-5) unstable; urgency=low

  [ Mark Hymers ]
  * Cherry pick commit from 2.0.5 which fixes port binding issues.
    Closes: #489773.

  [ Stephen Gran ]
  * add PERL_SYS_INIT3 and PERL_SYS_TERM calls to rlm_perl. (closes: #495073)
  * Make the SQL modules link against rlm_sql.so in the most horrific
    (and only) way possible.  (closes: #448699)

 -- Stephen Gran <sgran@debian.org>  Thu, 14 Aug 2008 19:15:30 +0100

freeradius (2.0.4+dfsg-4) unstable; urgency=low

  * Create links from sites-enabled to sites-available for the files that
    upstream enables by default (closes: #483914)

 -- Stephen Gran <sgran@debian.org>  Sun, 01 Jun 2008 12:24:35 +0100

freeradius (2.0.4+dfsg-3) unstable; urgency=low

  * brown paper bag release
  * Really actually do the statoverride I thought we were doing with -2
    (closes: #482380)

 -- Stephen Gran <sgran@debian.org>  Thu, 22 May 2008 11:18:12 +0100

freeradius (2.0.4+dfsg-2) unstable; urgency=low

  * Install /var/log/freeradius 0750 so that people writing their passwords to
    logfiles don't accidentally leak them without noticing (closes: #482085)

 -- Stephen Gran <sgran@debian.org>  Tue, 20 May 2008 19:38:27 +0100

freeradius (2.0.4+dfsg-1) unstable; urgency=low

  * Ok, actually remove all the cruft in debian/ shipped by upstream.  This
    means repacking the tarball and all that, but it also means dpkg-source
    won't get the chance to ignore removed files, resulting in files
    reappearing, but not locally (closes: #481406)
  * Also remove config.{cache,log} in clean target - damn you gitignore

 -- Stephen Gran <sgran@debian.org>  Mon, 19 May 2008 03:55:55 +0100

freeradius (2.0.4-3) unstable; urgency=low

  * I have no god damn idea why the buildds are adding manpages to the wrong
    binary.  Reuploading with DH_VERBOSE=1 to see if we can find it.  We
    certainly can't reproduce it in our local builds, even calling the same
    targets in the same order as the buildds.

 -- Stephen Gran <sgran@debian.org>  Mon, 19 May 2008 00:17:06 +0100

freeradius (2.0.4-2) unstable; urgency=low

  * freeradius-{common,utils} needs to Conflict: with other radius
    implementations that share files (closes: #480682)

 -- Stephen Gran <sgran@debian.org>  Sun, 11 May 2008 18:41:45 +0100

freeradius (2.0.4-1) unstable; urgency=low

  * New upstream release
  * Make all directories in /etc/freeradius group +x (closes: #479835)

 -- Stephen Gran <sgran@debian.org>  Fri, 09 May 2008 12:58:55 +0100

freeradius (2.0.3-1) unstable; urgency=low

  [ Mark Hymers ]
  * New upstream release
  * Bump Build-Dep on debhelper to 6.0.7 as we use dh_lintian
  * Delete lots of obsolete conffiles

  [ Stephen Gran ]
  * Create a -common package for some extra file that the -utils package
    needs.  Also stuff in manpages and other arch all files to reduce the size
    of the unnecessarily repeated stuff in the archive
  * Change chown/chmod calls to dpkg-statoverride

 -- Mark Hymers <mhy@debian.org>  Sat, 03 May 2008 17:07:42 +0100

freeradius (2.0.2-1) unstable; urgency=low

  * Yet another new upstream version (closes: #465475)
  * Cleanup manpages
  * Add lintian overrides for rpath - this is intentional
  * Packaging is now being done in git, we're dropping dpatch
  * Split out client utilities (closes: #470977) - this means we also need to
    split the library so the two binary packages can use it
  * Major package rework

 -- Stephen Gran <sgran@debian.org>  Sun, 16 Mar 2008 22:58:16 +0000

freeradius (2.0.0-1) unstable; urgency=low

  * New upstream version
  * Patches:
    - freshen 02-radiusd-to-freeradius
    - disable 03-dialupadmin-help until it's reworked properly

 -- Stephen Gran <sgran@debian.org>  Thu, 10 Jan 2008 23:05:50 +0000

freeradius (1.1.7-1) unstable; urgency=low

  * New upstream version
  * Update debian/copyright to reflect reality:
    - package is GPL v2 only, so refer to the correct file in common-licenses
    - Remove explanation of wy postgres and snmp modules can't be shipped,
      since we do ship them.
  * Remove 04-configure-openssl.dpatch, --without-openssl applied upstream

 -- Stephen Gran <sgran@debian.org>  Thu, 09 Aug 2007 10:09:20 +0100

freeradius (1.1.6-4) unstable; urgency=low

  The "Give me GPLv2 compatibility or give me FTBFS" release
  * Fix rlm_krb5 not to link with openssl unless it actually needs to
  * debian/rules: move dependency on patch target to config.status
  * debian/rules: FTBFS if a package accidentally directly links to openssl

 -- Stephen Gran <sgran@debian.org>  Wed, 04 Jul 2007 17:08:45 +0100

freeradius (1.1.6-3) unstable; urgency=low

  * Change freeradius-dbg to Priority: extra.
  * After discussions with one of the ftp-assistants, we can ship
    freeradius-postgresql in main.  Yey!  (Closes: #264649, #382329)

 -- Mark Hymers <mhy@debian.org>  Thu, 21 Jun 2007 13:32:09 +0100

freeradius (1.1.6-2) unstable; urgency=low

  [ Mark Hymers ]
  * Add freeradius-dbg package.

  [ Stephen Gran ]
  * Update debian/control for php5 (dialupadmin) (closes: #424788, #412701)

 -- Stephen Gran <sgran@debian.org>  Thu, 31 May 2007 02:47:02 +0100

freeradius (1.1.6-1) unstable; urgency=low

  * New upstream release.  Closes: #420003. 

 -- Mark Hymers <mhy@debian.org>  Thu, 19 Apr 2007 15:14:05 +0100

freeradius (1.1.5-1) unstable; urgency=low

  * New upstream release.  Closes: #415980
  * Remove 01-fix-proxy.dpatch as it was a backport from upstream.
  * otppasswd.sample is no longer provided so make sure we remove the
    conffile properly in preinst.
  * Update my email address and remove Paul from Uploaders.  Thanks to him for
    previously maintaining the package.
  * Change so that we start at S50 and stop at K19 so that we start after
    services we depend on and stop before them.  Closes: #408665.
    Note that is only for new installs.

 -- Mark Hymers <mhy@debian.org>  Fri, 13 Apr 2007 13:14:08 +0100

freeradius (1.1.3-3) unstable; urgency=medium

  * Fix POSIX compliance problem in init script.  Closes: #403384. 

 -- Mark Hymers <mark@hymers.org.uk>  Sat, 16 Dec 2006 20:45:11 +0000

freeradius (1.1.3-2) unstable; urgency=low

  [ Stephen Gran ]
  * Check for existence of pidfile in initscript.
  * Clean some old cruft from debian/rules
  * Write dialup_admin/Makefile
  * Make binNMU safe
  * Some lsb init headers

  [ Mark Hymers ]
  * Merge upstream patch to deal with proxy port settings.  Closes: #388024.
  * Rewrite large parts of the Debian build system.

 -- Stephen Gran <sgran@debian.org>  Sat,  7 Oct 2006 21:08:35 +0100

freeradius (1.1.3-1) unstable; urgency=low

  [ Stephen Gran ]
  * Add and rework ubuntu /var/run/tmpfs patch
  * Add LSB init script headers
  * Actually trap errors in init script, how about?

  [ Mark Hymers ]
  * New upstream version.
  * New version of autotools in 1.1.3. Closes: #380204
  * Remove previous patches merged upstream:
    - 01-actually_check_for_unset_password.dpatch
  * Only do user creation, group addition, chmod and chown stuff in postinst
    on an initial install to avoid clobbering local changes.

 -- Mark Hymers <mark@hymers.org.uk>  Wed, 23 Aug 2006 14:48:57 +0100

freeradius (1.1.2-2) unstable; urgency=low

  [ Stephen Gran ]
  * Acknowledge my previous NMU's (closes: #351732, #359042)
  * Init scripts overhaul:
    - now use reload on upgrade of modules
    - replace sleep statements with --retry, as time based tests are
      fragile
    - no longer exit with an error if stop fails because the
      daemon isn't running (closes: #374670, #351735)
    - stop using command -v in /bin/sh scripts
  * General maintainer script overhaul:
    - Don't rm -rf something in /etc (ouch)
    - Use chown -R instead of 'find .. -exec'
    - should not need to manually remove the init script on purge (it's a dpkg
      managed conffile)
    - Only do user management stuff if user is missing.  No point rerunning it
      every upgrade.
    - Install /etc/freeradius/dictionary with relaxed permissions, but never
      touch it again (closes: #334299)
    - switch to debhelper files where possible.  I like an easy to read
      Makefile.
  * Arg.  Move README.rfc to the freeradius package where it belongs.

  [ Mark Hymers ]
  * Document building SSL/PostgreSQL modules in debian/rules, add
    control.postgresql to make it more convenient.  Tested on AMD64 using
    system libtool.

 -- Stephen Gran <sgran@debian.org>  Sun, 25 Jun 2006 23:06:16 +0100

freeradius (1.1.2-1) unstable; urgency=low

  [ Mark Hymers ]
  * New maintainers
  * New upstream version.
  * Remove previous patches merged upstream:
    - 01_NET-SNMP_build_support.dpatch
    - 02_document_actual_shared_secret_maximum_length.dpatch
    - 12_more_dialup_admin_various_fixes.dpatch
    - 14_broken_parse.dpatch
    - 15_CVE-2006-1354.dpatch
  * Use --with-system-libtool during configure.  Add B-D: on libtool
    Removes obsolete dpatches:
    - 06_libtool14_vs_rlm_eap_tls.dpatch
    - 13_a_libtool_to_call_your_own.dpatch
  * Remove freeradius.undocumented as we don't install links to
    undocumented(7) anymore (not recommended since policy 3.5.8.0)

  [ Stephen Gran ]
  * Update to Standards Version 3.7.2 (no changes)
  * Remove doc/rfc/ to make -legal happy (closes: #365192)
    - this means repacked tarball.  See README.rfc for details
  * Test for unset variable, rather than empty variable in clean_radacct,
    monthly_tot_stats and truncate_radacct (closes: #374053)

 -- Mark Hymers <mark@hymers.org.uk>  Sat, 17 Jun 2006 16:05:19 +0100

freeradius (1.1.0-1.2) unstable; urgency=high

  * Non-maintainer upload.
  * [ CVE-2006-1354 ]:
    src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c:
    Due to insufficient input validation it is possible for a remote
    attacker to bypass authentication or cause a denial of service.
    (closes: #359042)

 -- Stephen Gran <sgran@debian.org>  Wed, 17 May 2006 11:22:28 -0500

freeradius (1.1.0-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Upstream patch to fix parsing config file (closes: #351732)
    Fixes: fails to start on amd64 (error in dictionary parsing code)

 -- Stephen Gran <sgran@debian.org>  Sat,  1 Apr 2006 11:07:55 +0100

freeradius (1.1.0-1) unstable; urgency=low
  * ReDebianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
                    draft-kamath-pppext-eap-mschapv2-00

  * New FreeRADIUS modules marked stable by new upstream release
    - rlm_perl
    - rlm_sqlcounter
    - rlm_sql_log + radsqlrelay
    - rlm_otp (formerly rlm_x99_token, not built as it depends on OpenSSL)

  * Remove upstream-integrated patches:
    - 02_EAP-SIM_doesnt_need_openssl
    - 03_X99_is_not_stable
    - 07_manpage_fixups
    - 09_use_crypth_if_we_have_it
    - 10_escape_entire_ldap_string
    - 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets
    - 12_dialup_admin_various_fixes

  * More dialup-admin fixes from Arve Seljebu
    - Fix redirects in dialup-admin pages on servers with
      register_globals turned off.
      Closes: #333704
    - HTTP form fields will always fail is_int, use in_numeric instead
      Closes: #335149
    - Created 12_more_dialup_admin_various_fixes

  * Update to Policy 3.6.2.0
  * Upgrade Debhelper support to V5
  * Don't install the .in files with the examples
  * Prefer libmysqlclient15-dev
    Closes: #343779
  * Shared secrets can only be 31 characters long, note this in clients.conf
    - Created 02_document_actual_shared_secret_maximum_length
    Closes: 344606
  * Added support for lsb-init functions

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Sun, 15 Jan 2006 13:34:13 +1100

freeradius (1.1.0-0) unstable; urgency=low

  * New upstream release.
  * Update set of patches:
    - 01_NET-SNMP_build_support.dpatch
    - 06_libtool14_vs_rlm_eap_tls.dpatch
    - 13_a_libtool14_to_call_your_own.dpatch

 -- Nicolas Baradakis <nbk@sitadelle.com>  Sun,  1 Jan 2006 18:15:47 +0100

freeradius (1.0.5-2) unstable; urgency=low

  * Stop dragging non-PIC code from libeap.a into rlm_eap_sim.so and
    rlm_eap.so.
    (Thanks to Peter Salinger)
    Closes: #288547
    - Rename 06_libtool14_vs_rlm_eap_tls to 06_libtool14_vs_rlm_eap
      and modify with Peter's changes and some Makefile hackery to
      get it all linking
  * Don't rerun configure during the build.
    (Thanks to Kurt Roeckx)
  * A whole bunch of dialup-admin fixes from Arve Seljebu and Tobias
    - Report correct data transfer statistics for users
      Closes: #329672
    - Lower-case sql column names to match creation scripts
      Closes: #333709
    - Fix creation of empty groups
      Closes: #333739
    - Put quote around usernames in HTML output
      Closes: #333742
    - Properly notice when we've got a blank password to SQL
      Closes: #333744
    - Created 12_dialup_admin_various_fixes
  * Stop using libtool1.4 to build against, now that we can't have it and
    libltdl3-dev installed at the same time
    Closes: #279391
    - Created 13_a_libtool14_to_call_your_own to get most recent ltmain.sh

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Sun, 16 Oct 2005 21:26:30 +1000

freeradius (1.0.5-1) unstable; urgency=high

  * Urgency high for security fixes below, all reported upstream
  * ReDebianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
                    draft-kamath-pppext-eap-mschapv2-00
  * Add missed build-dependancy on dpatch (>=2)
  * Update to Standards-Version 3.6.2.0
    - No changes needed
  * Repair some minorly broken manpages
    - Created 07_manpage_fixups.dpatch
  * Security fixes stolen from CVS release_1_0 branch:
    - Be sure we use crypt.h if we have it, to avoid segfaulting on a
      bad built-in crypt() definition, spotted by Konstantin Kubatkin
      + Created 09_use_crypth_if_we_have_it
    - Make sure we escape the entire LDAP string, instead of
      aborting as soon as it becomes possible to be out of space
      + Created 10_escape_entire_ldap_string
    - Don't xlat the UserName attribute before we can be sure of meeting
      any escape sequences it may contain, spotted by Primoz Bratanic
      + Created 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets
  * Depend on adduser, so our postinst can create the freerad user
  * Don't install the .in versions of the example scripts.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Mon, 19 Sep 2005 15:10:40 +1000

freeradius (1.0.5-0) unstable; urgency=low

  * New Upstream release, from release_1_0 branch
    - Remove 04_bonus_control_code_in_clients_conf_5
    - Remove 05_unbreak_quoted_sql_results
  * Fix my _name_ in the dpatches
  * Remove patch to CVS ID header from 05_unbreak_quoted_sql_values
    so as not to break things when comitting to FreeRADIUS CVS
  * Take linking fix from FreeRADIUS bugzilla #75 to allow
    rlm_eap_tls to be linked to by rlm_eap_ttls and rlm_eap_peap
    even though we don't build them in the Debian archive.
    (Thanks to Luca Landi for the patch)
    - Created 06_libtool14_vs_rlm_eap_tls
  * Fix ownership of files in /var/log/freeradius/ more efficiently
    (Caught by Guido Trotter)
    Closes: #326891

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed,  7 Sep 2005 01:08:07 +1000

freeradius (1.0.4-2) unstable; urgency=low

  * Fix my email address in the dpatches
  * Remove extraneous ^g from man/man5/clients.conf.5
    - Created 04_bonus_control_code_in_clients_conf_5
  * Correct handing of parameterless call of init script, and
    general init script neatening
    (Thanks to Derrick Karpo)
    Closes: #315438
  * Correctly leave out the .in files in the examples
  * Correctly use debhelper after splitting binary make target
    into binary-arch and binary-indep.
    (Thanks to Kurt Roeckx for actually hitting the bug)
    Closes: #315770
  * Steal fix from CVS release_1_0 tree for rlm_sql quoted values.
    (Thanks to Nicolas Baradakis for the fix)
    - Upstream bugzilla #242, src/modules/rlm_sql/sql.c 1.79.2.2
    - Created 05_unbreak_quoted_sql_values

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Mon, 27 Jun 2005 03:13:48 +1000

freeradius (1.0.4-1) unstable; urgency=low
  * ReDeianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
                    draft-kamath-pppext-eap-mschapv2-00
  * Convert to dpatch, dpatch-2-style interface.
    - New build-dependancy on dpatch (>= 2)
    - Created 01_NET-SNMP_build_support
    - Created 02_EAP-SIM_doesnt_need_openssl
    - Created 03_X99_is_not_stable
  * Assemble the freeradius-dialupadmin in the binary-indep make target
    Closes: #313173 (Thanks to Santiago Vila for spotting this)
  * Include the example scripts in /usr/share/doc/freeradius/examples/scripts
    except those three which are installed into the binary by the Makefile.
    Closes: #314253 (Thanks to Michael Langer for spotting this)
  * Suggest libdate-manip-perl for freeradius-dialupadmin
    Closes: #306007 (Thanks to Feng Sian)

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed, 22 Jun 2005 16:03:27 +1000

freeradius (1.0.4-0) unstable; urgency=medium

  * New upstream release, fixing build problems.
  * Prefer libpq-dev over postgresql-dev as a build-dependancy.
   - This requires us to use pgconfig to find the headers.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Thu, 16 Jun 2005 13:56:33 +1000

freeradius (1.0.3-0) unstable; urgency=high

  * New upstream release
  * Urgency high for some denial-of-service fixes:
    - SQL injection attacks and DoS (core dump) via buffer overflow.
      Closes: #307720

 -- Alan DeKok <aland@ox.org>  Fri,  3 Jun 2005 11:29:34 -0700

freeradius (1.0.2-4) unstable; urgency=high

  * Security fix stolen from CVS release_1_0 branch:
   - Always use sql_escape_func when calling radius_xlat
   - Add a test in sql_escape_func() to check buffer bound when
     input character needs escaping.
   - Urgency high as these are (theoretical) security issues.
     Closes: #307720 (Thanks to Primoz Bratanic and Nicolas Baradakis)

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Mon, 23 May 2005 18:53:51 +1000

freeradius (1.0.2-3) unstable; urgency=medium

  * Fixes stolen from CVS release_1_0 branch:
   - Fix missed SIGCHLD when waiting for external programs
     when threaded. (Medium urgency as this can easily livelock
     FreeRADIUS, which is an authentication server.)

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Mon, 18 Apr 2005 23:46:41 +1000

freeradius (1.0.2-2) unstable; urgency=medium

  * Get rid of extraneous '%' at the start of every reference to
    /etc/freeradius-dialupadmin in freeradius-dialupadmin's configuration.
     Closes: #299749
  * Fixes stolen from CVS release_1_0 branch:
   - Fix checkrad call for NAS ports > 9999999. (sprintf integer overrun,
     reason for urgency medium.)
   - Fix inverted test causing crash with pthreads and crypt
     Closes: #300219 (Thanks Manuel Menal)

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed,  6 Apr 2005 12:33:05 +1000

freeradius (1.0.2-1) unstable; urgency=low

  * ReDebianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
  * Allow rlm_eap_sim to build without OpenSSL
  * Make init script return 1 if reloading kills the server
    (Thanks to Nicolas Baradakis)
     Closes: #292170
  * Enable Novell eDirectory integration
  * Enable udpfromto code so that replies come from the same address as
    the request arrived at
  * Build-depend on libmysqlclient12-dev as libmysqlclient10 has problems
    accessing 4.0 series mySQL servers, and libmysqlclient12 can access
    4.1 series mySQL servers.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Fri,  4 Mar 2005 09:30:40 +1100

freeradius (1.0.2-0) unstable; urgency=low

  * New upstream release
  * Update for Debian Policy 3.6.1.1
   - Change test if invoke-rc.d as per Policy 9.3.3.2
  * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql
     Closes: #279419
  * Added a two-second pause to restart in init.d script
     Closes: #262635
  * FreeRADIUS module packages now depend on the same source
    version of the main FreeRADIUS package.
     Closes: #284353
  * FreeRADIUS-dialupadmin's default paths in admin.conf are
    now correct.
     Closes: #280942
  * FreeRADIUS-dialupadmin's help.php3 can now find README.
     Closes: #280941

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed, 29 Dec 2004 20:12:52 +1100

freeradius (1.0.1-2) unstable; urgency=high

  * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql
     Closes: #279419
  * Added a two-second pause to restart in init.d script
     Closes: #262635
  * FreeRADIUS module packages now depend on the same source
    version of the main FreeRADIUS package.
     Closes: #284353
  * FreeRADIUS-dialupadmin's default paths in admin.conf are
    now correct.
     Closes: #280942
  * FreeRADIUS-dialupadmin's help.php3 can now find README.
     Closes: #280941
  * Fixes stolen from 1.0.2 CVS:
    - Bug fix to make udpfromto code work
    - radrelay shouldn't dump core if it can't read a VP from the
      detail file.
    - Only initialize the random pool once.
    - In rlm_sql, don't escape characters twice.
    - In rlm_ldap, only claim Auth-Type if a plain text password is present.
    - Locking fixes in threading code
    - Fix building on gcc-4.0 by not trying to access static auth_port from
      other files.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed, 29 Dec 2004 20:19:42 +1100

freeradius (1.0.1-1) unstable; urgency=high

  * ReDebianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
    - Remove CVS directories.
  * Urgency high for security fix from 1.0.1-0 (CAN-2004-0938,
    closes: #275136).

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Thu, 23 Sep 2004 22:28:11 +1000

freeradius (1.0.1-0) unstable; urgency=high

  * New upstream release
  * Urgency high for some denial-of-service fixes:
   - Fix two remote crashes and a remote memory leak in
     radius packet decoding.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Thu,  2 Sep 2004 17:12:23 +1000

freeradius (1.0.0-1) unstable; urgency=low

  * ReDebianise upstream tarball:
    - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                    2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
  * Support building with libsnmp5's UCD-SNMP compatiblity mode.
    - libsnmp{4.2,5} still depend on OpenSSL, so SNMP's still disabled.
  * Update for Debian Policy 3.6.11
    - Change test for invoke-rc.d as per Policy 9.3.3.2
  * Disable rlm_eap types PEAP, TLS and TTLS as they depend on OpenSSL.
  * Disable rlm_sql driver PostgreSQL as it depends on OpenSSL.
  * Disable rlm_x99_token as it depends on OpenSSL.
  * Finally, -v is documented in radius(8).
    - Closes: #151266
  * Reword a sentence in radwatch(8) by removing the personal pronoun.
    - Closes: #264522

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Tue, 17 Aug 2004 17:42:40 +1000

freeradius (1.0.0-0) unstable; urgency=low

  * New upstream release
  * Added H323 billing stuff to the examples
  * Created Dialup-Admin package for the PHP-based web
    FreeRADIUS database (SQL/LDAP) frontend.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Sat, 17 Jul 2004 16:21:38 +1000

freeradius (0.9.3-1) unstable; urgency=low

  * New upstream release, incorporates security fix from 0.9.2-4.
  * Correct build-dependancy on debhelper.
     Closes: #234486
  * Split iodbc SQL driver into its own package.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Tue, 24 Feb 2004 23:56:26 +1100

freeradius (0.9.2-4) unstable; urgency=high

  * Patch from upstream head:
   - Fix a remote DoS and possible exploit due to mis-handling
     of tagged attributes, and Tunnel-Password attribute.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Fri, 21 Nov 2003 09:52:51 +1100

freeradius (0.9.2-3) unstable; urgency=low

  * Removed redundant code to delete contents of a directory
    on purge which ends up being removed anyway.
  * Provide a default pam.d configuration.
  * Fix the usage of dh_installinit to not make the package uninstallable.
  * Change package removal to not abort if we cannot stop the server.
  * Debian-archive-fit version of freeradius.
     Closes: #208620

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Tue, 11 Nov 2003 02:12:55 +1100

freeradius (0.9.2-2) unstable; urgency=low

  * Use dh_installinit rather than doing it by hand
    This involves renaming the initfile in the source tarball
  * Only add user freerad to the group shadow on first installation
  * Only chmod /etc/freeradius to group-readable, not group-read/write
  * Removed the freerad user when the freerad group is removed
  * Removed spurious build-dependancy on autoconf2.13 and libtool(1.4)
  * Build-conflict against libssl-dev
  * Restore Kerberos and LDAP as they will build without OpenSSL
  * Make myself the maintainer
  * Update to Policy 3.6.1.0
    - No changes needed

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Sun,  9 Nov 2003 00:07:52 +1100

freeradius (0.9.2-1) unstable; urgency=low

  * Deleted RFCs: 2243 2289 2433 2548 2618 2616 2620 2621
    2719 2759 2809 2865 2866 2867 2868 2869 2882 2924 3162
    from source tarball due to non-DFSG-free copyright.
  * Disabled PostgreSQL, x.99 token, EAP/TLS, Kerberos, LDAP
    and SNMP agent support due to OpenSSL/GPL conflict.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Thu,  6 Nov 2003 22:40:32 +1100

freeradius (0.9.2-0) unstable; urgency=low

  * New upstream release
  * Added logrotate script for /var/log/freeradius/radius.log
  * Don't leave symlinks to config.{guess,sub} lying around to
    confuse dpkg-source.

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Wed, 15 Oct 2003 05:02:17 +1000

freeradius (0.9.1-0) unstable; urgency=low

  * New upstream release.
  * Renamed radiusd(8) to freeradius(8) to match binary
  * Build-Depend on libtool1.4 | libtool (< 1.5) due to
    new libtool 1.5 package.
  * Merged multiple sed calls into a single sed call in debian/rules
  * Installed SQL database examples into /usr/share/doc/freeradius/examples
  * Modify initscript to only -HUP the parent process

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Fri,  5 Sep 2003 00:54:41 +1000

freeradius (0.9.0-1) unstable; urgency=low

  * New Upstream release.
   - Upstream dictionary files are in /usr/share/freeradius.
   - Modified to 'configure{,.in}' to work with openssl 0.9.7 and 0.9.6
  * Renamed pacakges to 'freeradius*' from 'radiusd-freeradius*'.
  * Moved file hierarchy around to be neater:
   - /etc/raddb -> /etc/freeradius
   - /usr/share/doc/radiusd-freeradius -> /usr/share/doc/freeradius
   - /var/log/radiusd-freeradius -> /var/log/freeradius
   - /var/run/radiusd/radiusd.pid -> /var/run/freeradius/freeradius.pid
  * Included RFCs in documentation.
  * Enabled the daemon to run under user 'freerad:freerad' by default.
  * Added support for DEB_BUILD_OPTIONS for policy 3.5.9 compliance.
  * Installed SNMP mibs for Radius

 -- Paul Hampson <Paul.Hampson@anu.edu.au>  Sun, 20 Jul 2003 06:56:28 +1000

radiusd-freeradius (0.7+cvs20021113-1) unstable; urgency=low

  * Explicitly excluding modules not in the "stable" list.
  * Updated policy version number.
  * Moved from non-US/main to main.
  * Put pidfile in package's own directory.
  * Package not as buggy and unstable modules are easily identifiable.
    (closes: Bug#142217)
  * Init script handles failure better. (closes: Bug#151264)
  * New upstream release.  (closes: Bug#140536)
  * Uses available version of postgresql.  (closes: Bug#139290)
  * Removed "conflicts" with other radiusds.
  * Added new build-dep on libtool.
  * Changed section to "net" from "admin".
  * New config.guess.  (closes: Bug#168647)
  * Run with freerad user and group.  (closes: Bug#168272)
  * Added libssl-dev as build-dep.  (closes: #131832)

 -- Chad Miller <cmiller@debian.org>  Wed, 13 Nov 2002 17:01:19 -0500

radiusd-freeradius (0.5+cvs20020408-1) unstable; urgency=high

  * New build-dep on libssl-dev, which is implied by another dep, but making
    explicit for builders on Potato.  (closes: Bug#131832)
  * Built against new postgresql libraries, so automatic dep tracking has
    the correct version, now.  (closes: Bug#139290)
  * Removed python example module.
  * Explicitly disabled beta ippool module.

 -- Chad Miller <cmiller@debian.org>  Mon,  8 Apr 2002 11:48:30 -0400

radiusd-freeradius (0.4-1) unstable; urgency=high

  * New release.
  * upstream: New EAP support.
  * upstream: Fixed security bug in string translation.

 -- Chad Miller <cmiller@debian.org>  Thu, 13 Dec 2001 09:26:45 -0500

radiusd-freeradius (0.3-2) unstable; urgency=low

  * Moved to using logrotate instead of cron for files.
  * Fixed permissions of log files. (closes: Bug#116242,#116243)
  * Close file descriptors of stdin, stdout, stderr, if not debugging.
    (closes: Bug#116768)
  * Made package "non-native".  (An upload issue, not code.)
    (closes: Bug#119161)

 -- Chad Miller <cmiller@debian.org>  Tue, 20 Nov 2001 10:50:20 -0500

radiusd-freeradius (0.3-1) unstable; urgency=low

  * New release.

 -- Chad Miller <cmiller@debian.org>  Tue,  9 Oct 2001 18:16:23 -0400

radiusd-freeradius (0.2+20010917-1) unstable; urgency=low

  * Removed old mysql build-dep.  (closes: Bug#112541)

 -- Chad Miller <cmiller@debian.org>  Mon, 17 Sep 2001 11:38:24 -0400

radiusd-freeradius (0.2+20010912-1) unstable; urgency=low

  * Build-dep mysql changed package names.
  * Added build-dep for libmysqlclient10-dev.  (closes: Bug#111880)
  * In acct_users, keep reply pairs.
  * Integer values are printed as unsigned numbers, to comply with RFC2866.
  * Fixed broken/reversed auth comparisons in SQL module.
  * Sucked out CPPness from inside a printf, as printf is a macro in newer
    compilers (gcc3.0, e.g.).  (closes: Bug#100889)
  * Sundry LDAP configuration, unresponsive thread, and proxying fixes.
  * Added user 'freerad' into the 'shadow' group.
  * Fixed UUCP-style of restricting time of log-in.
  * Changed debugging messages to give more info about execution flow.
  * Better counter module.
  * Inserted CHAP support for SQL modules.
  * Removed possible infinite loop.

 -- Chad Miller <cmiller@debian.org>  Wed, 12 Sep 2001 21:21:47 -0400

radiusd-freeradius (0.1+20010527-1) unstable; urgency=low

  * Updated config.{guess,sub} to recent versions.  (closes: Bug#98183)
  * Updated build-dep to reflect supercession of libltdl0-dev by libltdl3-dev
    (closes: Bug#98914)

 -- Chad Miller <cmiller@debian.org>  Sun, 27 May 2001 11:44:40 -0400

radiusd-freeradius (0.1+20010517-1) unstable; urgency=low

  * Moved package to non-US to allow in Kerberos and PostgreSQL.
  * Set Suggests of modules to main package.
  * Better compile-time support of *BSD.

 -- Chad Miller <cmiller@debian.org>  Thu, 17 May 2001 14:46:51 -0400

radiusd-freeradius (0.1-1) unstable; urgency=low

  * First beta release!
  * Added generalized SQL support for ODBC, Oracle, MySQL, and Postgres.
  * Added shasta, microsoft, and redback dictionaries.
  * Fixed rc.d restart rule.
  * Added a user to own the daemon and logfiles.
  * SQL DB handles more forgiving of unreachable servers at startup.
  * SQL Crypt-Password attribute support.
  * Fixed cron log rotation.
  * Put module libraries in own directory.
  * Removed bogus build-dep.  (closes: Bug#87277)
  * Better permissions on /etc/raddb
  * Use correct LDAP library.
  * Fork ldap, postgresql, and mysql modules into different packages.
  * Remove Kerberos, as it's restricted from export.

 -- Chad Miller <cmiller@debian.org>  Mon,  7 May 2001 16:37:46 -0400

radiusd-freeradius (0.0.20010109-1) unstable; urgency=low

  * Changed priority, from standard to optional.

 -- Chad Miller <cmiller@debian.org>  Tue,  9 Jan 2001 14:01:38 -0500

radiusd-freeradius (0.0.20001227-1) unstable; urgency=low

  * Initial revision. (closes: Bug#76476)

 -- Chad Miller <cmiller@debian.org>  Wed, 27 Dec 2000 11:58:56 -0500