X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=debian%2Fchangelog;h=a97c7eff4f8c745245328bd584651b6eb36c191e;hb=d212245d15cc6185a1fc111fd61f81c46a426ae8;hp=06810fecc00d903b96c9f76da9e73c18e64304a3;hpb=16e5924895e42a65b1cc8d233af2007f2cd6ed3b;p=freeradius.git diff --git a/debian/changelog b/debian/changelog index 06810fe..a97c7ef 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,907 +1,149 @@ -freeradius (3.0.0+git) unstable; urgency=medium - - * New upstream version. - - -- Adrien Demarez Tue, 01 Feb 2011 20:22:47 +0100 - -freeradius (2.1.8+dfsg-1) unstable; urgency=medium - - * New upstream version. - + Fixes several showstopper bugs, hence increased urgency. - + Includes OpenSSL+GPL license exception, closes: #499120. - + Fixes typo in a warning, closes: #523074. - * Added libssl-dev into build-depends and enabled the building of - modules that just depend on OpenSSL, namely rlm_eap_peap, rlm_eap_tls, - rlm_eap_ttls, and rlm_otp, closes: #266229. - * Because the configuration of EAP+SSL modules now actually kicks in, its - non-existent certificate file would break the server start by default. - Depend on ssl-cert, make use of make-ssl-cert and openssl, and add - freerad to the ssl-cert group in the postinst to get us past the - problematic default settings so that we don't crash and burn on clean - upgrades, but otherwise leave everything else to the admin. - * Ship /etc/freeradius/attrs.access_challenge, like the others. - * Moved otp.conf and snmp.conf statoverride handling to the preinst - and used rm_conffile on them as well. - * Updated upstream changelog handling a bit. - - -- Josip Rodin Sat, 02 Jan 2010 20:22:47 +0100 - -freeradius (2.1.7+dfsg-2) unstable; urgency=low - - * Ship radmin and raddebug in the freeradius package. - * Correct section number inside raddebug(8) so it doesn't get misplaced. - - -- Josip Rodin Tue, 24 Nov 2009 15:29:59 +0100 - -freeradius (2.1.7+dfsg-1) unstable; urgency=low - - * Adopting the package, closes: #536623. - * New upstream version, closes: #513484. - + Fixes the blooper in unlang evaluation logic, closes: #526175. - * Used quilt (and added README.source), and moved upstream file patching - into debian/patches/. The source is no longer in collab-maint git - (to make it simpler for me to finally get this out the door), but - kept the .gitignore should we need that again. - * Dropped the dialup_admin/bin/backup_radacct patch (integrated upstream). - * Dropped the raddb/Makefile patch (problem no longer exists upstream). - * Dropped the lib/packet.c lib/radius.c main/listen.c patches (was from - upstream 2.0.5 anyway). - * Dropped references to otp.conf, it no longer exists upstream. - Keep removing the conffile statoverride in prerm. - * Dropped references to snmp.conf, it no longer exists upstream. - Keep removing the conffile statoverride in prerm. - * Ship /etc/freeradius/modules/* in the freeradius package. - * Stop shipping sites-enabled symlinks in the package and instead create - them only on initial install, thanks to Matej Vela, closes: #533396. - * Add export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" to the init script - at the request of John Morrissey, closes: #550143. - * Stop installing /var/run/freeradius in the package to silence Lintian. - The init script already recreates it at will. - * Remove executable bit from example.pl to silence Lintian. - - -- Josip Rodin Mon, 23 Nov 2009 03:57:37 +0100 - -freeradius (2.0.4+dfsg-7) unstable; urgency=low - - * Ignore rmdir failure on clean (closes: #545932) - * Do a better job of catching errors in the init script (closes: #533390) - * Init headers fixup (closes: #541882) - * Clean up some logs so dpkg can successfully rmdir (closes: #530727) - - -- Stephen Gran Sun, 13 Sep 2009 19:33:12 +0100 - -freeradius (2.0.4+dfsg-6) unstable; urgency=low - - * Fix unsafe use of tempfile (closes: #496389) - - -- Stephen Gran Mon, 25 Aug 2008 14:18:48 +0100 - -freeradius (2.0.4+dfsg-5) unstable; urgency=low - - [ Mark Hymers ] - * Cherry pick commit from 2.0.5 which fixes port binding issues. - Closes: #489773. - - [ Stephen Gran ] - * add PERL_SYS_INIT3 and PERL_SYS_TERM calls to rlm_perl. (closes: #495073) - * Make the SQL modules link against rlm_sql.so in the most horrific - (and only) way possible. (closes: #448699) - - -- Stephen Gran Thu, 14 Aug 2008 19:15:30 +0100 - -freeradius (2.0.4+dfsg-4) unstable; urgency=low - - * Create links from sites-enabled to sites-available for the files that - upstream enables by default (closes: #483914) - - -- Stephen Gran Sun, 01 Jun 2008 12:24:35 +0100 - -freeradius (2.0.4+dfsg-3) unstable; urgency=low - - * brown paper bag release - * Really actually do the statoverride I thought we were doing with -2 - (closes: #482380) - - -- Stephen Gran Thu, 22 May 2008 11:18:12 +0100 - -freeradius (2.0.4+dfsg-2) unstable; urgency=low - - * Install /var/log/freeradius 0750 so that people writing their passwords to - logfiles don't accidentally leak them without noticing (closes: #482085) - - -- Stephen Gran Tue, 20 May 2008 19:38:27 +0100 - -freeradius (2.0.4+dfsg-1) unstable; urgency=low - - * Ok, actually remove all the cruft in debian/ shipped by upstream. This - means repacking the tarball and all that, but it also means dpkg-source - won't get the chance to ignore removed files, resulting in files - reappearing, but not locally (closes: #481406) - * Also remove config.{cache,log} in clean target - damn you gitignore - - -- Stephen Gran Mon, 19 May 2008 03:55:55 +0100 - -freeradius (2.0.4-3) unstable; urgency=low - - * I have no god damn idea why the buildds are adding manpages to the wrong - binary. Reuploading with DH_VERBOSE=1 to see if we can find it. We - certainly can't reproduce it in our local builds, even calling the same - targets in the same order as the buildds. +freeradius (3.0.15+moonshot4-1) unstable; urgency=medium - -- Stephen Gran Mon, 19 May 2008 00:17:06 +0100 + * Bumping version number again for Debian 7 builds -freeradius (2.0.4-2) unstable; urgency=low + -- Painless Security Mon, 31 Jul 2017 23:10:00 -0500 - * freeradius-{common,utils} needs to Conflict: with other radius - implementations that share files (closes: #480682) +freeradius (3.0.15+moonshot3-1) unstable; urgency=medium - -- Stephen Gran Sun, 11 May 2008 18:41:45 +0100 + * Bumping version number for Debian 7 builds -freeradius (2.0.4-1) unstable; urgency=low + -- Painless Security Mon, 31 Jul 2017 23:10:00 -0500 - * New upstream release - * Make all directories in /etc/freeradius group +x (closes: #479835) +freeradius (3.0.15+moonshot1-0) unstable; urgency=medium - -- Stephen Gran Fri, 09 May 2008 12:58:55 +0100 + * Merged from upstream release_3.0.15 -freeradius (2.0.3-1) unstable; urgency=low + -- Painless Security Mon, 17 Jul 2017 18:54:00 -0500 - [ Mark Hymers ] - * New upstream release - * Bump Build-Dep on debhelper to 6.0.7 as we use dh_lintian - * Delete lots of obsolete conffiles +freeradius (3.0.15+git) unstable; urgency=medium - [ Stephen Gran ] - * Create a -common package for some extra file that the -utils package - needs. Also stuff in manpages and other arch all files to reduce the size - of the unnecessarily repeated stuff in the archive - * Change chown/chmod calls to dpkg-statoverride - - -- Mark Hymers Sat, 03 May 2008 17:07:42 +0100 - -freeradius (2.0.2-1) unstable; urgency=low - - * Yet another new upstream version (closes: #465475) - * Cleanup manpages - * Add lintian overrides for rpath - this is intentional - * Packaging is now being done in git, we're dropping dpatch - * Split out client utilities (closes: #470977) - this means we also need to - split the library so the two binary packages can use it - * Major package rework - - -- Stephen Gran Sun, 16 Mar 2008 22:58:16 +0000 - -freeradius (2.0.0-1) unstable; urgency=low - - * New upstream version - * Patches: - - freshen 02-radiusd-to-freeradius - - disable 03-dialupadmin-help until it's reworked properly - - -- Stephen Gran Thu, 10 Jan 2008 23:05:50 +0000 - -freeradius (1.1.7-1) unstable; urgency=low - - * New upstream version - * Update debian/copyright to reflect reality: - - package is GPL v2 only, so refer to the correct file in common-licenses - - Remove explanation of wy postgres and snmp modules can't be shipped, - since we do ship them. - * Remove 04-configure-openssl.dpatch, --without-openssl applied upstream - - -- Stephen Gran Thu, 09 Aug 2007 10:09:20 +0100 - -freeradius (1.1.6-4) unstable; urgency=low - - The "Give me GPLv2 compatibility or give me FTBFS" release - * Fix rlm_krb5 not to link with openssl unless it actually needs to - * debian/rules: move dependency on patch target to config.status - * debian/rules: FTBFS if a package accidentally directly links to openssl + * New upstream version. - -- Stephen Gran Wed, 04 Jul 2007 17:08:45 +0100 + -- Alan DeKok Mon, 29 May 2017 12:00:00 -0400 -freeradius (1.1.6-3) unstable; urgency=low +freeradius (3.0.14+moonshot4-1) unstable; urgency=medium - * Change freeradius-dbg to Priority: extra. - * After discussions with one of the ftp-assistants, we can ship - freeradius-postgresql in main. Yey! (Closes: #264649, #382329) + * Merged from release_3.0.14 - -- Mark Hymers Thu, 21 Jun 2007 13:32:09 +0100 + -- Painless Security Mon, 05 Jun 2017 19:03:00 -0400 -freeradius (1.1.6-2) unstable; urgency=low +freeradius (3.0.14+git) unstable; urgency=medium - [ Mark Hymers ] - * Add freeradius-dbg package. + * New upstream version. - [ Stephen Gran ] - * Update debian/control for php5 (dialupadmin) (closes: #424788, #412701) + -- Alan DeKok Tue, 07 Mar 2017 12:00:00 -0400 - -- Stephen Gran Thu, 31 May 2007 02:47:02 +0100 +freeradius (3.0.13+moonshot3-6) unstable; urgency=medium -freeradius (1.1.6-1) unstable; urgency=low + * Disabled session caching in EAP in response to CVE-2017-9148. - * New upstream release. Closes: #420003. + -- Painless Security Fri, 02 Jun 2017 15:29:00 -0400 - -- Mark Hymers Thu, 19 Apr 2007 15:14:05 +0100 +freeradius (3.0.13+moonshot3-5) unstable; urgency=medium -freeradius (1.1.5-1) unstable; urgency=low + * Fixed deleted links when upgrading to 3.0.13 on debian/ubuntu - * New upstream release. Closes: #415980 - * Remove 01-fix-proxy.dpatch as it was a backport from upstream. - * otppasswd.sample is no longer provided so make sure we remove the - conffile properly in preinst. - * Update my email address and remove Paul from Uploaders. Thanks to him for - previously maintaining the package. - * Change so that we start at S50 and stop at K19 so that we start after - services we depend on and stop before them. Closes: #408665. - Note that is only for new installs. + -- Painless Security Wed, 10 May 2017 21:26:00 -0400 - -- Mark Hymers Fri, 13 Apr 2007 13:14:08 +0100 +freeradius (3.0.13+moonshot3-4) unstable; urgency=medium -freeradius (1.1.3-3) unstable; urgency=medium + * Bumped version number - * Fix POSIX compliance problem in init script. Closes: #403384. + -- Painless Security Tue, 09 May 2017 15:00:00 -0400 - -- Mark Hymers Sat, 16 Dec 2006 20:45:11 +0000 +freeradius (3.0.13+moonshot3-3) unstable; urgency=medium -freeradius (1.1.3-2) unstable; urgency=low + * Removed some leftover cruft from debian/freeradius-postgresql.postinst - [ Stephen Gran ] - * Check for existence of pidfile in initscript. - * Clean some old cruft from debian/rules - * Write dialup_admin/Makefile - * Make binNMU safe - * Some lsb init headers + -- Painless Security Mon, 08 May 2017 21:44:00 -0400 - [ Mark Hymers ] - * Merge upstream patch to deal with proxy port settings. Closes: #388024. - * Rewrite large parts of the Debian build system. +freeradius (3.0.13+moonshot3-2) unstable; urgency=medium - -- Stephen Gran Sat, 7 Oct 2006 21:08:35 +0100 + * Standard freeradius 3.0.13 + Painless Security signing key. -freeradius (1.1.3-1) unstable; urgency=low + -- Painless Security Fri, 05 May 2017 18:24:00 -0400 - [ Stephen Gran ] - * Add and rework ubuntu /var/run/tmpfs patch - * Add LSB init script headers - * Actually trap errors in init script, how about? +freeradius (3.0.13+git) unstable; urgency=medium - [ Mark Hymers ] - * New upstream version. - * New version of autotools in 1.1.3. Closes: #380204 - * Remove previous patches merged upstream: - - 01-actually_check_for_unset_password.dpatch - * Only do user creation, group addition, chmod and chown stuff in postinst - on an initial install to avoid clobbering local changes. - - -- Mark Hymers Wed, 23 Aug 2006 14:48:57 +0100 - -freeradius (1.1.2-2) unstable; urgency=low - - [ Stephen Gran ] - * Acknowledge my previous NMU's (closes: #351732, #359042) - * Init scripts overhaul: - - now use reload on upgrade of modules - - replace sleep statements with --retry, as time based tests are - fragile - - no longer exit with an error if stop fails because the - daemon isn't running (closes: #374670, #351735) - - stop using command -v in /bin/sh scripts - * General maintainer script overhaul: - - Don't rm -rf something in /etc (ouch) - - Use chown -R instead of 'find .. -exec' - - should not need to manually remove the init script on purge (it's a dpkg - managed conffile) - - Only do user management stuff if user is missing. No point rerunning it - every upgrade. - - Install /etc/freeradius/dictionary with relaxed permissions, but never - touch it again (closes: #334299) - - switch to debhelper files where possible. I like an easy to read - Makefile. - * Arg. Move README.rfc to the freeradius package where it belongs. - - [ Mark Hymers ] - * Document building SSL/PostgreSQL modules in debian/rules, add - control.postgresql to make it more convenient. Tested on AMD64 using - system libtool. - - -- Stephen Gran Sun, 25 Jun 2006 23:06:16 +0100 - -freeradius (1.1.2-1) unstable; urgency=low - - [ Mark Hymers ] - * New maintainers * New upstream version. - * Remove previous patches merged upstream: - - 01_NET-SNMP_build_support.dpatch - - 02_document_actual_shared_secret_maximum_length.dpatch - - 12_more_dialup_admin_various_fixes.dpatch - - 14_broken_parse.dpatch - - 15_CVE-2006-1354.dpatch - * Use --with-system-libtool during configure. Add B-D: on libtool - Removes obsolete dpatches: - - 06_libtool14_vs_rlm_eap_tls.dpatch - - 13_a_libtool_to_call_your_own.dpatch - * Remove freeradius.undocumented as we don't install links to - undocumented(7) anymore (not recommended since policy 3.5.8.0) - - [ Stephen Gran ] - * Update to Standards Version 3.7.2 (no changes) - * Remove doc/rfc/ to make -legal happy (closes: #365192) - - this means repacked tarball. See README.rfc for details - * Test for unset variable, rather than empty variable in clean_radacct, - monthly_tot_stats and truncate_radacct (closes: #374053) - - -- Mark Hymers Sat, 17 Jun 2006 16:05:19 +0100 - -freeradius (1.1.0-1.2) unstable; urgency=high - - * Non-maintainer upload. - * [ CVE-2006-1354 ]: - src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c: - Due to insufficient input validation it is possible for a remote - attacker to bypass authentication or cause a denial of service. - (closes: #359042) - - -- Stephen Gran Wed, 17 May 2006 11:22:28 -0500 - -freeradius (1.1.0-1.1) unstable; urgency=low - - * Non-maintainer upload. - * Upstream patch to fix parsing config file (closes: #351732) - Fixes: fails to start on amd64 (error in dictionary parsing code) - - -- Stephen Gran Sat, 1 Apr 2006 11:07:55 +0100 - -freeradius (1.1.0-1) unstable; urgency=low - * ReDebianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - draft-kamath-pppext-eap-mschapv2-00 - - * New FreeRADIUS modules marked stable by new upstream release - - rlm_perl - - rlm_sqlcounter - - rlm_sql_log + radsqlrelay - - rlm_otp (formerly rlm_x99_token, not built as it depends on OpenSSL) - - * Remove upstream-integrated patches: - - 02_EAP-SIM_doesnt_need_openssl - - 03_X99_is_not_stable - - 07_manpage_fixups - - 09_use_crypth_if_we_have_it - - 10_escape_entire_ldap_string - - 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets - - 12_dialup_admin_various_fixes - - * More dialup-admin fixes from Arve Seljebu - - Fix redirects in dialup-admin pages on servers with - register_globals turned off. - Closes: #333704 - - HTTP form fields will always fail is_int, use in_numeric instead - Closes: #335149 - - Created 12_more_dialup_admin_various_fixes - - * Update to Policy 3.6.2.0 - * Upgrade Debhelper support to V5 - * Don't install the .in files with the examples - * Prefer libmysqlclient15-dev - Closes: #343779 - * Shared secrets can only be 31 characters long, note this in clients.conf - - Created 02_document_actual_shared_secret_maximum_length - Closes: 344606 - * Added support for lsb-init functions - - -- Paul Hampson Sun, 15 Jan 2006 13:34:13 +1100 - -freeradius (1.1.0-0) unstable; urgency=low - - * New upstream release. - * Update set of patches: - - 01_NET-SNMP_build_support.dpatch - - 06_libtool14_vs_rlm_eap_tls.dpatch - - 13_a_libtool14_to_call_your_own.dpatch - - -- Nicolas Baradakis Sun, 1 Jan 2006 18:15:47 +0100 - -freeradius (1.0.5-2) unstable; urgency=low - - * Stop dragging non-PIC code from libeap.a into rlm_eap_sim.so and - rlm_eap.so. - (Thanks to Peter Salinger) - Closes: #288547 - - Rename 06_libtool14_vs_rlm_eap_tls to 06_libtool14_vs_rlm_eap - and modify with Peter's changes and some Makefile hackery to - get it all linking - * Don't rerun configure during the build. - (Thanks to Kurt Roeckx) - * A whole bunch of dialup-admin fixes from Arve Seljebu and Tobias - - Report correct data transfer statistics for users - Closes: #329672 - - Lower-case sql column names to match creation scripts - Closes: #333709 - - Fix creation of empty groups - Closes: #333739 - - Put quote around usernames in HTML output - Closes: #333742 - - Properly notice when we've got a blank password to SQL - Closes: #333744 - - Created 12_dialup_admin_various_fixes - * Stop using libtool1.4 to build against, now that we can't have it and - libltdl3-dev installed at the same time - Closes: #279391 - - Created 13_a_libtool14_to_call_your_own to get most recent ltmain.sh - - -- Paul Hampson Sun, 16 Oct 2005 21:26:30 +1000 - -freeradius (1.0.5-1) unstable; urgency=high - - * Urgency high for security fixes below, all reported upstream - * ReDebianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - draft-kamath-pppext-eap-mschapv2-00 - * Add missed build-dependancy on dpatch (>=2) - * Update to Standards-Version 3.6.2.0 - - No changes needed - * Repair some minorly broken manpages - - Created 07_manpage_fixups.dpatch - * Security fixes stolen from CVS release_1_0 branch: - - Be sure we use crypt.h if we have it, to avoid segfaulting on a - bad built-in crypt() definition, spotted by Konstantin Kubatkin - + Created 09_use_crypth_if_we_have_it - - Make sure we escape the entire LDAP string, instead of - aborting as soon as it becomes possible to be out of space - + Created 10_escape_entire_ldap_string - - Don't xlat the UserName attribute before we can be sure of meeting - any escape sequences it may contain, spotted by Primoz Bratanic - + Created 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets - * Depend on adduser, so our postinst can create the freerad user - * Don't install the .in versions of the example scripts. - - -- Paul Hampson Mon, 19 Sep 2005 15:10:40 +1000 - -freeradius (1.0.5-0) unstable; urgency=low - - * New Upstream release, from release_1_0 branch - - Remove 04_bonus_control_code_in_clients_conf_5 - - Remove 05_unbreak_quoted_sql_results - * Fix my _name_ in the dpatches - * Remove patch to CVS ID header from 05_unbreak_quoted_sql_values - so as not to break things when comitting to FreeRADIUS CVS - * Take linking fix from FreeRADIUS bugzilla #75 to allow - rlm_eap_tls to be linked to by rlm_eap_ttls and rlm_eap_peap - even though we don't build them in the Debian archive. - (Thanks to Luca Landi for the patch) - - Created 06_libtool14_vs_rlm_eap_tls - * Fix ownership of files in /var/log/freeradius/ more efficiently - (Caught by Guido Trotter) - Closes: #326891 - - -- Paul Hampson Wed, 7 Sep 2005 01:08:07 +1000 - -freeradius (1.0.4-2) unstable; urgency=low - - * Fix my email address in the dpatches - * Remove extraneous ^g from man/man5/clients.conf.5 - - Created 04_bonus_control_code_in_clients_conf_5 - * Correct handing of parameterless call of init script, and - general init script neatening - (Thanks to Derrick Karpo) - Closes: #315438 - * Correctly leave out the .in files in the examples - * Correctly use debhelper after splitting binary make target - into binary-arch and binary-indep. - (Thanks to Kurt Roeckx for actually hitting the bug) - Closes: #315770 - * Steal fix from CVS release_1_0 tree for rlm_sql quoted values. - (Thanks to Nicolas Baradakis for the fix) - - Upstream bugzilla #242, src/modules/rlm_sql/sql.c 1.79.2.2 - - Created 05_unbreak_quoted_sql_values - - -- Paul Hampson Mon, 27 Jun 2005 03:13:48 +1000 - -freeradius (1.0.4-1) unstable; urgency=low - * ReDeianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - draft-kamath-pppext-eap-mschapv2-00 - * Convert to dpatch, dpatch-2-style interface. - - New build-dependancy on dpatch (>= 2) - - Created 01_NET-SNMP_build_support - - Created 02_EAP-SIM_doesnt_need_openssl - - Created 03_X99_is_not_stable - * Assemble the freeradius-dialupadmin in the binary-indep make target - Closes: #313173 (Thanks to Santiago Vila for spotting this) - * Include the example scripts in /usr/share/doc/freeradius/examples/scripts - except those three which are installed into the binary by the Makefile. - Closes: #314253 (Thanks to Michael Langer for spotting this) - * Suggest libdate-manip-perl for freeradius-dialupadmin - Closes: #306007 (Thanks to Feng Sian) - - -- Paul Hampson Wed, 22 Jun 2005 16:03:27 +1000 - -freeradius (1.0.4-0) unstable; urgency=medium - - * New upstream release, fixing build problems. - * Prefer libpq-dev over postgresql-dev as a build-dependancy. - - This requires us to use pgconfig to find the headers. - - -- Paul Hampson Thu, 16 Jun 2005 13:56:33 +1000 - -freeradius (1.0.3-0) unstable; urgency=high - - * New upstream release - * Urgency high for some denial-of-service fixes: - - SQL injection attacks and DoS (core dump) via buffer overflow. - Closes: #307720 - - -- Alan DeKok Fri, 3 Jun 2005 11:29:34 -0700 - -freeradius (1.0.2-4) unstable; urgency=high - - * Security fix stolen from CVS release_1_0 branch: - - Always use sql_escape_func when calling radius_xlat - - Add a test in sql_escape_func() to check buffer bound when - input character needs escaping. - - Urgency high as these are (theoretical) security issues. - Closes: #307720 (Thanks to Primoz Bratanic and Nicolas Baradakis) - - -- Paul Hampson Mon, 23 May 2005 18:53:51 +1000 - -freeradius (1.0.2-3) unstable; urgency=medium - - * Fixes stolen from CVS release_1_0 branch: - - Fix missed SIGCHLD when waiting for external programs - when threaded. (Medium urgency as this can easily livelock - FreeRADIUS, which is an authentication server.) - - -- Paul Hampson Mon, 18 Apr 2005 23:46:41 +1000 - -freeradius (1.0.2-2) unstable; urgency=medium - - * Get rid of extraneous '%' at the start of every reference to - /etc/freeradius-dialupadmin in freeradius-dialupadmin's configuration. - Closes: #299749 - * Fixes stolen from CVS release_1_0 branch: - - Fix checkrad call for NAS ports > 9999999. (sprintf integer overrun, - reason for urgency medium.) - - Fix inverted test causing crash with pthreads and crypt - Closes: #300219 (Thanks Manuel Menal) - - -- Paul Hampson Wed, 6 Apr 2005 12:33:05 +1000 - -freeradius (1.0.2-1) unstable; urgency=low - - * ReDebianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - * Allow rlm_eap_sim to build without OpenSSL - * Make init script return 1 if reloading kills the server - (Thanks to Nicolas Baradakis) - Closes: #292170 - * Enable Novell eDirectory integration - * Enable udpfromto code so that replies come from the same address as - the request arrived at - * Build-depend on libmysqlclient12-dev as libmysqlclient10 has problems - accessing 4.0 series mySQL servers, and libmysqlclient12 can access - 4.1 series mySQL servers. - - -- Paul Hampson Fri, 4 Mar 2005 09:30:40 +1100 - -freeradius (1.0.2-0) unstable; urgency=low - - * New upstream release - * Update for Debian Policy 3.6.1.1 - - Change test if invoke-rc.d as per Policy 9.3.3.2 - * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql - Closes: #279419 - * Added a two-second pause to restart in init.d script - Closes: #262635 - * FreeRADIUS module packages now depend on the same source - version of the main FreeRADIUS package. - Closes: #284353 - * FreeRADIUS-dialupadmin's default paths in admin.conf are - now correct. - Closes: #280942 - * FreeRADIUS-dialupadmin's help.php3 can now find README. - Closes: #280941 - - -- Paul Hampson Wed, 29 Dec 2004 20:12:52 +1100 - -freeradius (1.0.1-2) unstable; urgency=high - - * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql - Closes: #279419 - * Added a two-second pause to restart in init.d script - Closes: #262635 - * FreeRADIUS module packages now depend on the same source - version of the main FreeRADIUS package. - Closes: #284353 - * FreeRADIUS-dialupadmin's default paths in admin.conf are - now correct. - Closes: #280942 - * FreeRADIUS-dialupadmin's help.php3 can now find README. - Closes: #280941 - * Fixes stolen from 1.0.2 CVS: - - Bug fix to make udpfromto code work - - radrelay shouldn't dump core if it can't read a VP from the - detail file. - - Only initialize the random pool once. - - In rlm_sql, don't escape characters twice. - - In rlm_ldap, only claim Auth-Type if a plain text password is present. - - Locking fixes in threading code - - Fix building on gcc-4.0 by not trying to access static auth_port from - other files. - - -- Paul Hampson Wed, 29 Dec 2004 20:19:42 +1100 - -freeradius (1.0.1-1) unstable; urgency=high - - * ReDebianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - - Remove CVS directories. - * Urgency high for security fix from 1.0.1-0 (CAN-2004-0938, - closes: #275136). - - -- Paul Hampson Thu, 23 Sep 2004 22:28:11 +1000 - -freeradius (1.0.1-0) unstable; urgency=high - - * New upstream release - * Urgency high for some denial-of-service fixes: - - Fix two remote crashes and a remote memory leak in - radius packet decoding. - - -- Paul Hampson Thu, 2 Sep 2004 17:12:23 +1000 - -freeradius (1.0.0-1) unstable; urgency=low - - * ReDebianise upstream tarball: - - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865 - 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580 - * Support building with libsnmp5's UCD-SNMP compatiblity mode. - - libsnmp{4.2,5} still depend on OpenSSL, so SNMP's still disabled. - * Update for Debian Policy 3.6.11 - - Change test for invoke-rc.d as per Policy 9.3.3.2 - * Disable rlm_eap types PEAP, TLS and TTLS as they depend on OpenSSL. - * Disable rlm_sql driver PostgreSQL as it depends on OpenSSL. - * Disable rlm_x99_token as it depends on OpenSSL. - * Finally, -v is documented in radius(8). - - Closes: #151266 - * Reword a sentence in radwatch(8) by removing the personal pronoun. - - Closes: #264522 - - -- Paul Hampson Tue, 17 Aug 2004 17:42:40 +1000 - -freeradius (1.0.0-0) unstable; urgency=low - - * New upstream release - * Added H323 billing stuff to the examples - * Created Dialup-Admin package for the PHP-based web - FreeRADIUS database (SQL/LDAP) frontend. - - -- Paul Hampson Sat, 17 Jul 2004 16:21:38 +1000 - -freeradius (0.9.3-1) unstable; urgency=low - - * New upstream release, incorporates security fix from 0.9.2-4. - * Correct build-dependancy on debhelper. - Closes: #234486 - * Split iodbc SQL driver into its own package. - - -- Paul Hampson Tue, 24 Feb 2004 23:56:26 +1100 - -freeradius (0.9.2-4) unstable; urgency=high - - * Patch from upstream head: - - Fix a remote DoS and possible exploit due to mis-handling - of tagged attributes, and Tunnel-Password attribute. - - -- Paul Hampson Fri, 21 Nov 2003 09:52:51 +1100 - -freeradius (0.9.2-3) unstable; urgency=low - - * Removed redundant code to delete contents of a directory - on purge which ends up being removed anyway. - * Provide a default pam.d configuration. - * Fix the usage of dh_installinit to not make the package uninstallable. - * Change package removal to not abort if we cannot stop the server. - * Debian-archive-fit version of freeradius. - Closes: #208620 - - -- Paul Hampson Tue, 11 Nov 2003 02:12:55 +1100 - -freeradius (0.9.2-2) unstable; urgency=low - - * Use dh_installinit rather than doing it by hand - This involves renaming the initfile in the source tarball - * Only add user freerad to the group shadow on first installation - * Only chmod /etc/freeradius to group-readable, not group-read/write - * Removed the freerad user when the freerad group is removed - * Removed spurious build-dependancy on autoconf2.13 and libtool(1.4) - * Build-conflict against libssl-dev - * Restore Kerberos and LDAP as they will build without OpenSSL - * Make myself the maintainer - * Update to Policy 3.6.1.0 - - No changes needed - - -- Paul Hampson Sun, 9 Nov 2003 00:07:52 +1100 - -freeradius (0.9.2-1) unstable; urgency=low - - * Deleted RFCs: 2243 2289 2433 2548 2618 2616 2620 2621 - 2719 2759 2809 2865 2866 2867 2868 2869 2882 2924 3162 - from source tarball due to non-DFSG-free copyright. - * Disabled PostgreSQL, x.99 token, EAP/TLS, Kerberos, LDAP - and SNMP agent support due to OpenSSL/GPL conflict. - - -- Paul Hampson Thu, 6 Nov 2003 22:40:32 +1100 - -freeradius (0.9.2-0) unstable; urgency=low - * New upstream release - * Added logrotate script for /var/log/freeradius/radius.log - * Don't leave symlinks to config.{guess,sub} lying around to - confuse dpkg-source. + -- Alan DeKok Fri, 30 Sep 2016 12:00:00 -0400 - -- Paul Hampson Wed, 15 Oct 2003 05:02:17 +1000 +freeradius (3.0.12+git) unstable; urgency=medium -freeradius (0.9.1-0) unstable; urgency=low - - * New upstream release. - * Renamed radiusd(8) to freeradius(8) to match binary - * Build-Depend on libtool1.4 | libtool (< 1.5) due to - new libtool 1.5 package. - * Merged multiple sed calls into a single sed call in debian/rules - * Installed SQL database examples into /usr/share/doc/freeradius/examples - * Modify initscript to only -HUP the parent process - - -- Paul Hampson Fri, 5 Sep 2003 00:54:41 +1000 - -freeradius (0.9.0-1) unstable; urgency=low - - * New Upstream release. - - Upstream dictionary files are in /usr/share/freeradius. - - Modified to 'configure{,.in}' to work with openssl 0.9.7 and 0.9.6 - * Renamed pacakges to 'freeradius*' from 'radiusd-freeradius*'. - * Moved file hierarchy around to be neater: - - /etc/raddb -> /etc/freeradius - - /usr/share/doc/radiusd-freeradius -> /usr/share/doc/freeradius - - /var/log/radiusd-freeradius -> /var/log/freeradius - - /var/run/radiusd/radiusd.pid -> /var/run/freeradius/freeradius.pid - * Included RFCs in documentation. - * Enabled the daemon to run under user 'freerad:freerad' by default. - * Added support for DEB_BUILD_OPTIONS for policy 3.5.9 compliance. - * Installed SNMP mibs for Radius + * New upstream version. - -- Paul Hampson Sun, 20 Jul 2003 06:56:28 +1000 + -- Alan DeKok Mon, 25 Jan 2016 14:00:00 -0400 -radiusd-freeradius (0.7+cvs20021113-1) unstable; urgency=low +freeradius (3.0.11+git) unstable; urgency=medium - * Explicitly excluding modules not in the "stable" list. - * Updated policy version number. - * Moved from non-US/main to main. - * Put pidfile in package's own directory. - * Package not as buggy and unstable modules are easily identifiable. - (closes: Bug#142217) - * Init script handles failure better. (closes: Bug#151264) - * New upstream release. (closes: Bug#140536) - * Uses available version of postgresql. (closes: Bug#139290) - * Removed "conflicts" with other radiusds. - * Added new build-dep on libtool. - * Changed section to "net" from "admin". - * New config.guess. (closes: Bug#168647) - * Run with freerad user and group. (closes: Bug#168272) - * Added libssl-dev as build-dep. (closes: #131832) + * New upstream version. - -- Chad Miller Wed, 13 Nov 2002 17:01:19 -0500 + -- Alan DeKok Mon, 05 Oct 2015 15:00:00 -0400 -radiusd-freeradius (0.5+cvs20020408-1) unstable; urgency=high +freeradius (3.0.10+git) unstable; urgency=medium - * New build-dep on libssl-dev, which is implied by another dep, but making - explicit for builders on Potato. (closes: Bug#131832) - * Built against new postgresql libraries, so automatic dep tracking has - the correct version, now. (closes: Bug#139290) - * Removed python example module. - * Explicitly disabled beta ippool module. + * New upstream version. - -- Chad Miller Mon, 8 Apr 2002 11:48:30 -0400 + -- Alan DeKok Wed, 08 Jul 2015 14:00:00 -0400 -radiusd-freeradius (0.4-1) unstable; urgency=high +freeradius (3.0.9+git) unstable; urgency=medium - * New release. - * upstream: New EAP support. - * upstream: Fixed security bug in string translation. + * New upstream version. - -- Chad Miller Thu, 13 Dec 2001 09:26:45 -0500 + -- Alan DeKok Wed, 22 Apr 2015 13:30:00 -0400 -radiusd-freeradius (0.3-2) unstable; urgency=low +freeradius (3.0.8+git) unstable; urgency=medium - * Moved to using logrotate instead of cron for files. - * Fixed permissions of log files. (closes: Bug#116242,#116243) - * Close file descriptors of stdin, stdout, stderr, if not debugging. - (closes: Bug#116768) - * Made package "non-native". (An upload issue, not code.) - (closes: Bug#119161) + * New upstream version. - -- Chad Miller Tue, 20 Nov 2001 10:50:20 -0500 + -- Alan DeKok Thu, 19 Feb 2015 12:00:00 -0400 -radiusd-freeradius (0.3-1) unstable; urgency=low +freeradius (3.0.7+git) unstable; urgency=medium - * New release. + * New upstream version. - -- Chad Miller Tue, 9 Oct 2001 18:16:23 -0400 + -- Alan DeKok Wed, 17 Dec 2014 16:00:00 -0400 -radiusd-freeradius (0.2+20010917-1) unstable; urgency=low +freeradius (3.0.6+git) unstable; urgency=medium - * Removed old mysql build-dep. (closes: Bug#112541) + * New upstream version. - -- Chad Miller Mon, 17 Sep 2001 11:38:24 -0400 + -- Alan DeKok Tue, 01 Nov 2014 08:30:00 -0400 -radiusd-freeradius (0.2+20010912-1) unstable; urgency=low +freeradius (3.0.5+git) unstable; urgency=medium - * Build-dep mysql changed package names. - * Added build-dep for libmysqlclient10-dev. (closes: Bug#111880) - * In acct_users, keep reply pairs. - * Integer values are printed as unsigned numbers, to comply with RFC2866. - * Fixed broken/reversed auth comparisons in SQL module. - * Sucked out CPPness from inside a printf, as printf is a macro in newer - compilers (gcc3.0, e.g.). (closes: Bug#100889) - * Sundry LDAP configuration, unresponsive thread, and proxying fixes. - * Added user 'freerad' into the 'shadow' group. - * Fixed UUCP-style of restricting time of log-in. - * Changed debugging messages to give more info about execution flow. - * Better counter module. - * Inserted CHAP support for SQL modules. - * Removed possible infinite loop. + * New upstream version. - -- Chad Miller Wed, 12 Sep 2001 21:21:47 -0400 + -- Alan DeKok Thu, 23 Sep 2014 08:30:00 -0400 -radiusd-freeradius (0.1+20010527-1) unstable; urgency=low +freeradius (3.0.4+git) unstable; urgency=medium - * Updated config.{guess,sub} to recent versions. (closes: Bug#98183) - * Updated build-dep to reflect supercession of libltdl0-dev by libltdl3-dev - (closes: Bug#98914) + * New upstream version. - -- Chad Miller Sun, 27 May 2001 11:44:40 -0400 + -- Alan DeKok Wed, 03 Sep 2014 08:30:00 -0400 -radiusd-freeradius (0.1+20010517-1) unstable; urgency=low +freeradius (3.0.3+git) unstable; urgency=medium - * Moved package to non-US to allow in Kerberos and PostgreSQL. - * Set Suggests of modules to main package. - * Better compile-time support of *BSD. + * New upstream version. - -- Chad Miller Thu, 17 May 2001 14:46:51 -0400 + -- Alan DeKok Fri, 21 Mar 2014 08:30:00 -0400 -radiusd-freeradius (0.1-1) unstable; urgency=low +freeradius (3.0.2+git) unstable; urgency=medium - * First beta release! - * Added generalized SQL support for ODBC, Oracle, MySQL, and Postgres. - * Added shasta, microsoft, and redback dictionaries. - * Fixed rc.d restart rule. - * Added a user to own the daemon and logfiles. - * SQL DB handles more forgiving of unreachable servers at startup. - * SQL Crypt-Password attribute support. - * Fixed cron log rotation. - * Put module libraries in own directory. - * Removed bogus build-dep. (closes: Bug#87277) - * Better permissions on /etc/raddb - * Use correct LDAP library. - * Fork ldap, postgresql, and mysql modules into different packages. - * Remove Kerberos, as it's restricted from export. + * New upstream version. - -- Chad Miller Mon, 7 May 2001 16:37:46 -0400 + -- Alan DeKok Wed, 15 Jan 2014 21:23:14 -0400 -radiusd-freeradius (0.0.20010109-1) unstable; urgency=low +freeradius (3.0.1+git) unstable; urgency=medium - * Changed priority, from standard to optional. + * New upstream version. - -- Chad Miller Tue, 9 Jan 2001 14:01:38 -0500 + -- Alan DeKok Mon, 10 Oct 2013 21:23:14 -0400 -radiusd-freeradius (0.0.20001227-1) unstable; urgency=low +freeradius (3.0.0+git) unstable; urgency=medium - * Initial revision. (closes: Bug#76476) + * New upstream version. - -- Chad Miller Wed, 27 Dec 2000 11:58:56 -0500 + -- Alan DeKok Mon, 07 Oct 2013 15:48:14 -0400