1 freeradius (1.1.0-0) unstable; urgency=low
3 * New upstream release.
4 * Update set of patches:
5 - 01_NET-SNMP_build_support.dpatch
6 - 06_libtool14_vs_rlm_eap_tls.dpatch
7 - 13_a_libtool14_to_call_your_own.dpatch
9 -- Nicolas Baradakis <nbk@sitadelle.com> Sun, 1 Jan 2006 18:15:47 +0100
11 freeradius (1.0.5-2) unstable; urgency=low
13 * Stop dragging non-PIC code from libeap.a into rlm_eap_sim.so and
15 (Thanks to Peter Salinger)
17 - Rename 06_libtool14_vs_rlm_eap_tls to 06_libtool14_vs_rlm_eap
18 and modify with Peter's changes and some Makefile hackery to
20 * Don't rerun configure during the build.
21 (Thanks to Kurt Roeckx)
22 * A whole bunch of dialup-admin fixes from Arve Seljebu and Tobias
23 - Report correct data transfer statistics for users
25 - Lower-case sql column names to match creation scripts
27 - Fix creation of empty groups
29 - Put quote around usernames in HTML output
31 - Properly notice when we've got a blank password to SQL
33 - Created 12_dialup_admin_various_fixes
34 * Stop using libtool1.4 to build against, now that we can't have it and
35 libltdl3-dev installed at the same time
37 - Created 13_a_libtool14_to_call_your_own to get most recent ltmain.sh
39 -- Paul Hampson <Paul.Hampson@anu.edu.au> Sun, 16 Oct 2005 21:26:30 +1000
41 freeradius (1.0.5-1) unstable; urgency=high
43 * Urgency high for security fixes below, all reported upstream
44 * ReDebianise upstream tarball:
45 - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
46 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
47 draft-kamath-pppext-eap-mschapv2-00
48 * Add missed build-dependancy on dpatch (>=2)
49 * Update to Standards-Version 3.6.2.0
51 * Repair some minorly broken manpages
52 - Created 07_manpage_fixups.dpatch
53 * Security fixes stolen from CVS release_1_0 branch:
54 - Be sure we use crypt.h if we have it, to avoid segfaulting on a
55 bad built-in crypt() definition, spotted by Konstantin Kubatkin
56 + Created 09_use_crypth_if_we_have_it
57 - Make sure we escape the entire LDAP string, instead of
58 aborting as soon as it becomes possible to be out of space
59 + Created 10_escape_entire_ldap_string
60 - Don't xlat the UserName attribute before we can be sure of meeting
61 any escape sequences it may contain, spotted by Primoz Bratanic
62 + Created 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets
63 * Depend on adduser, so our postinst can create the freerad user
64 * Don't install the .in versions of the example scripts.
66 -- Paul Hampson <Paul.Hampson@anu.edu.au> Mon, 19 Sep 2005 15:10:40 +1000
68 freeradius (1.0.5-0) unstable; urgency=low
70 * New Upstream release, from release_1_0 branch
71 - Remove 04_bonus_control_code_in_clients_conf_5
72 - Remove 05_unbreak_quoted_sql_results
73 * Fix my _name_ in the dpatches
74 * Remove patch to CVS ID header from 05_unbreak_quoted_sql_values
75 so as not to break things when comitting to FreeRADIUS CVS
76 * Take linking fix from FreeRADIUS bugzilla #75 to allow
77 rlm_eap_tls to be linked to by rlm_eap_ttls and rlm_eap_peap
78 even though we don't build them in the Debian archive.
79 (Thanks to Luca Landi for the patch)
80 - Created 06_libtool14_vs_rlm_eap_tls
81 * Fix ownership of files in /var/log/freeradius/ more efficiently
82 (Caught by Guido Trotter)
85 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 7 Sep 2005 01:08:07 +1000
87 freeradius (1.0.4-2) unstable; urgency=low
89 * Fix my email address in the dpatches
90 * Remove extraneous ^g from man/man5/clients.conf.5
91 - Created 04_bonus_control_code_in_clients_conf_5
92 * Correct handing of parameterless call of init script, and
93 general init script neatening
94 (Thanks to Derrick Karpo)
96 * Correctly leave out the .in files in the examples
97 * Correctly use debhelper after splitting binary make target
98 into binary-arch and binary-indep.
99 (Thanks to Kurt Roeckx for actually hitting the bug)
101 * Steal fix from CVS release_1_0 tree for rlm_sql quoted values.
102 (Thanks to Nicolas Baradakis for the fix)
103 - Upstream bugzilla #242, src/modules/rlm_sql/sql.c 1.79.2.2
104 - Created 05_unbreak_quoted_sql_values
106 -- Paul Hampson <Paul.Hampson@anu.edu.au> Mon, 27 Jun 2005 03:13:48 +1000
108 freeradius (1.0.4-1) unstable; urgency=low
109 * ReDeianise upstream tarball:
110 - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
111 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
112 draft-kamath-pppext-eap-mschapv2-00
113 * Convert to dpatch, dpatch-2-style interface.
114 - New build-dependancy on dpatch (>= 2)
115 - Created 01_NET-SNMP_build_support
116 - Created 02_EAP-SIM_doesnt_need_openssl
117 - Created 03_X99_is_not_stable
118 * Assemble the freeradius-dialupadmin in the binary-indep make target
119 Closes: #313173 (Thanks to Santiago Vila for spotting this)
120 * Include the example scripts in /usr/share/doc/freeradius/examples/scripts
121 except those three which are installed into the binary by the Makefile.
122 Closes: #314253 (Thanks to Michael Langer for spotting this)
123 * Suggest libdate-manip-perl for freeradius-dialupadmin
124 Closes: #306007 (Thanks to Feng Sian)
126 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 22 Jun 2005 16:03:27 +1000
128 freeradius (1.0.4-0) unstable; urgency=medium
130 * New upstream release, fixing build problems.
131 * Prefer libpq-dev over postgresql-dev as a build-dependancy.
132 - This requires us to use pgconfig to find the headers.
134 -- Paul Hampson <Paul.Hampson@anu.edu.au> Thu, 16 Jun 2005 13:56:33 +1000
136 freeradius (1.0.3-0) unstable; urgency=high
138 * New upstream release
139 * Urgency high for some denial-of-service fixes:
140 - SQL injection attacks and DoS (core dump) via buffer overflow.
143 -- Alan DeKok <aland@ox.org> Fri, 3 Jun 2005 11:29:34 -0700
145 freeradius (1.0.2-4) unstable; urgency=high
147 * Security fix stolen from CVS release_1_0 branch:
148 - Always use sql_escape_func when calling radius_xlat
149 - Add a test in sql_escape_func() to check buffer bound when
150 input character needs escaping.
151 - Urgency high as these are (theoretical) security issues.
152 Closes: #307720 (Thanks to Primoz Bratanic and Nicolas Baradakis)
154 -- Paul Hampson <Paul.Hampson@anu.edu.au> Mon, 23 May 2005 18:53:51 +1000
156 freeradius (1.0.2-3) unstable; urgency=medium
158 * Fixes stolen from CVS release_1_0 branch:
159 - Fix missed SIGCHLD when waiting for external programs
160 when threaded. (Medium urgency as this can easily livelock
161 FreeRADIUS, which is an authentication server.)
163 -- Paul Hampson <Paul.Hampson@anu.edu.au> Mon, 18 Apr 2005 23:46:41 +1000
165 freeradius (1.0.2-2) unstable; urgency=medium
167 * Get rid of extraneous '%' at the start of every reference to
168 /etc/freeradius-dialupadmin in freeradius-dialupadmin's configuration.
170 * Fixes stolen from CVS release_1_0 branch:
171 - Fix checkrad call for NAS ports > 9999999. (sprintf integer overrun,
172 reason for urgency medium.)
173 - Fix inverted test causing crash with pthreads and crypt
174 Closes: #300219 (Thanks Manuel Menal)
176 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 6 Apr 2005 12:33:05 +1000
178 freeradius (1.0.2-1) unstable; urgency=low
180 * ReDebianise upstream tarball:
181 - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
182 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
183 * Allow rlm_eap_sim to build without OpenSSL
184 * Make init script return 1 if reloading kills the server
185 (Thanks to Nicolas Baradakis)
187 * Enable Novell eDirectory integration
188 * Enable udpfromto code so that replies come from the same address as
189 the request arrived at
190 * Build-depend on libmysqlclient12-dev as libmysqlclient10 has problems
191 accessing 4.0 series mySQL servers, and libmysqlclient12 can access
192 4.1 series mySQL servers.
194 -- Paul Hampson <Paul.Hampson@anu.edu.au> Fri, 4 Mar 2005 09:30:40 +1100
196 freeradius (1.0.2-0) unstable; urgency=low
198 * New upstream release
199 * Update for Debian Policy 3.6.1.1
200 - Change test if invoke-rc.d as per Policy 9.3.3.2
201 * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql
203 * Added a two-second pause to restart in init.d script
205 * FreeRADIUS module packages now depend on the same source
206 version of the main FreeRADIUS package.
208 * FreeRADIUS-dialupadmin's default paths in admin.conf are
211 * FreeRADIUS-dialupadmin's help.php3 can now find README.
214 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 29 Dec 2004 20:12:52 +1100
216 freeradius (1.0.1-2) unstable; urgency=high
218 * freeradius-dialupadmin Suggests php4-mysql | php4-pgsql
220 * Added a two-second pause to restart in init.d script
222 * FreeRADIUS module packages now depend on the same source
223 version of the main FreeRADIUS package.
225 * FreeRADIUS-dialupadmin's default paths in admin.conf are
228 * FreeRADIUS-dialupadmin's help.php3 can now find README.
230 * Fixes stolen from 1.0.2 CVS:
231 - Bug fix to make udpfromto code work
232 - radrelay shouldn't dump core if it can't read a VP from the
234 - Only initialize the random pool once.
235 - In rlm_sql, don't escape characters twice.
236 - In rlm_ldap, only claim Auth-Type if a plain text password is present.
237 - Locking fixes in threading code
238 - Fix building on gcc-4.0 by not trying to access static auth_port from
241 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 29 Dec 2004 20:19:42 +1100
243 freeradius (1.0.1-1) unstable; urgency=high
245 * ReDebianise upstream tarball:
246 - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
247 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
248 - Remove CVS directories.
249 * Urgency high for security fix from 1.0.1-0 (CAN-2004-0938,
252 -- Paul Hampson <Paul.Hampson@anu.edu.au> Thu, 23 Sep 2004 22:28:11 +1000
254 freeradius (1.0.1-0) unstable; urgency=high
256 * New upstream release
257 * Urgency high for some denial-of-service fixes:
258 - Fix two remote crashes and a remote memory leak in
259 radius packet decoding.
261 -- Paul Hampson <Paul.Hampson@anu.edu.au> Thu, 2 Sep 2004 17:12:23 +1000
263 freeradius (1.0.0-1) unstable; urgency=low
265 * ReDebianise upstream tarball:
266 - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
267 2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
268 * Support building with libsnmp5's UCD-SNMP compatiblity mode.
269 - libsnmp{4.2,5} still depend on OpenSSL, so SNMP's still disabled.
270 * Update for Debian Policy 3.6.11
271 - Change test for invoke-rc.d as per Policy 9.3.3.2
272 * Disable rlm_eap types PEAP, TLS and TTLS as they depend on OpenSSL.
273 * Disable rlm_sql driver PostgreSQL as it depends on OpenSSL.
274 * Disable rlm_x99_token as it depends on OpenSSL.
275 * Finally, -v is documented in radius(8).
277 * Reword a sentence in radwatch(8) by removing the personal pronoun.
280 -- Paul Hampson <Paul.Hampson@anu.edu.au> Tue, 17 Aug 2004 17:42:40 +1000
282 freeradius (1.0.0-0) unstable; urgency=low
284 * New upstream release
285 * Added H323 billing stuff to the examples
286 * Created Dialup-Admin package for the PHP-based web
287 FreeRADIUS database (SQL/LDAP) frontend.
289 -- Paul Hampson <Paul.Hampson@anu.edu.au> Sat, 17 Jul 2004 16:21:38 +1000
291 freeradius (0.9.3-1) unstable; urgency=low
293 * New upstream release, incorporates security fix from 0.9.2-4.
294 * Correct build-dependancy on debhelper.
296 * Split iodbc SQL driver into its own package.
298 -- Paul Hampson <Paul.Hampson@anu.edu.au> Tue, 24 Feb 2004 23:56:26 +1100
300 freeradius (0.9.2-4) unstable; urgency=high
302 * Patch from upstream head:
303 - Fix a remote DoS and possible exploit due to mis-handling
304 of tagged attributes, and Tunnel-Password attribute.
306 -- Paul Hampson <Paul.Hampson@anu.edu.au> Fri, 21 Nov 2003 09:52:51 +1100
308 freeradius (0.9.2-3) unstable; urgency=low
310 * Removed redundant code to delete contents of a directory
311 on purge which ends up being removed anyway.
312 * Provide a default pam.d configuration.
313 * Fix the usage of dh_installinit to not make the package uninstallable.
314 * Change package removal to not abort if we cannot stop the server.
315 * Debian-archive-fit version of freeradius.
318 -- Paul Hampson <Paul.Hampson@anu.edu.au> Tue, 11 Nov 2003 02:12:55 +1100
320 freeradius (0.9.2-2) unstable; urgency=low
322 * Use dh_installinit rather than doing it by hand
323 This involves renaming the initfile in the source tarball
324 * Only add user freerad to the group shadow on first installation
325 * Only chmod /etc/freeradius to group-readable, not group-read/write
326 * Removed the freerad user when the freerad group is removed
327 * Removed spurious build-dependancy on autoconf2.13 and libtool(1.4)
328 * Build-conflict against libssl-dev
329 * Restore Kerberos and LDAP as they will build without OpenSSL
330 * Make myself the maintainer
331 * Update to Policy 3.6.1.0
334 -- Paul Hampson <Paul.Hampson@anu.edu.au> Sun, 9 Nov 2003 00:07:52 +1100
336 freeradius (0.9.2-1) unstable; urgency=low
338 * Deleted RFCs: 2243 2289 2433 2548 2618 2616 2620 2621
339 2719 2759 2809 2865 2866 2867 2868 2869 2882 2924 3162
340 from source tarball due to non-DFSG-free copyright.
341 * Disabled PostgreSQL, x.99 token, EAP/TLS, Kerberos, LDAP
342 and SNMP agent support due to OpenSSL/GPL conflict.
344 -- Paul Hampson <Paul.Hampson@anu.edu.au> Thu, 6 Nov 2003 22:40:32 +1100
346 freeradius (0.9.2-0) unstable; urgency=low
348 * New upstream release
349 * Added logrotate script for /var/log/freeradius/radius.log
350 * Don't leave symlinks to config.{guess,sub} lying around to
353 -- Paul Hampson <Paul.Hampson@anu.edu.au> Wed, 15 Oct 2003 05:02:17 +1000
355 freeradius (0.9.1-0) unstable; urgency=low
357 * New upstream release.
358 * Renamed radiusd(8) to freeradius(8) to match binary
359 * Build-Depend on libtool1.4 | libtool (< 1.5) due to
360 new libtool 1.5 package.
361 * Merged multiple sed calls into a single sed call in debian/rules
362 * Installed SQL database examples into /usr/share/doc/freeradius/examples
363 * Modify initscript to only -HUP the parent process
365 -- Paul Hampson <Paul.Hampson@anu.edu.au> Fri, 5 Sep 2003 00:54:41 +1000
367 freeradius (0.9.0-1) unstable; urgency=low
369 * New Upstream release.
370 - Upstream dictionary files are in /usr/share/freeradius.
371 - Modified to 'configure{,.in}' to work with openssl 0.9.7 and 0.9.6
372 * Renamed pacakges to 'freeradius*' from 'radiusd-freeradius*'.
373 * Moved file hierarchy around to be neater:
374 - /etc/raddb -> /etc/freeradius
375 - /usr/share/doc/radiusd-freeradius -> /usr/share/doc/freeradius
376 - /var/log/radiusd-freeradius -> /var/log/freeradius
377 - /var/run/radiusd/radiusd.pid -> /var/run/freeradius/freeradius.pid
378 * Included RFCs in documentation.
379 * Enabled the daemon to run under user 'freerad:freerad' by default.
380 * Added support for DEB_BUILD_OPTIONS for policy 3.5.9 compliance.
381 * Installed SNMP mibs for Radius
383 -- Paul Hampson <Paul.Hampson@anu.edu.au> Sun, 20 Jul 2003 06:56:28 +1000
385 radiusd-freeradius (0.7+cvs20021113-1) unstable; urgency=low
387 * Explicitly excluding modules not in the "stable" list.
388 * Updated policy version number.
389 * Moved from non-US/main to main.
390 * Put pidfile in package's own directory.
391 * Package not as buggy and unstable modules are easily identifiable.
393 * Init script handles failure better. (closes: Bug#151264)
394 * New upstream release. (closes: Bug#140536)
395 * Uses available version of postgresql. (closes: Bug#139290)
396 * Removed "conflicts" with other radiusds.
397 * Added new build-dep on libtool.
398 * Changed section to "net" from "admin".
399 * New config.guess. (closes: Bug#168647)
400 * Run with freerad user and group. (closes: Bug#168272)
401 * Added libssl-dev as build-dep. (closes: #131832)
403 -- Chad Miller <cmiller@debian.org> Wed, 13 Nov 2002 17:01:19 -0500
405 radiusd-freeradius (0.5+cvs20020408-1) unstable; urgency=high
407 * New build-dep on libssl-dev, which is implied by another dep, but making
408 explicit for builders on Potato. (closes: Bug#131832)
409 * Built against new postgresql libraries, so automatic dep tracking has
410 the correct version, now. (closes: Bug#139290)
411 * Removed python example module.
412 * Explicitly disabled beta ippool module.
414 -- Chad Miller <cmiller@debian.org> Mon, 8 Apr 2002 11:48:30 -0400
416 radiusd-freeradius (0.4-1) unstable; urgency=high
419 * upstream: New EAP support.
420 * upstream: Fixed security bug in string translation.
422 -- Chad Miller <cmiller@debian.org> Thu, 13 Dec 2001 09:26:45 -0500
424 radiusd-freeradius (0.3-2) unstable; urgency=low
426 * Moved to using logrotate instead of cron for files.
427 * Fixed permissions of log files. (closes: Bug#116242,#116243)
428 * Close file descriptors of stdin, stdout, stderr, if not debugging.
430 * Made package "non-native". (An upload issue, not code.)
433 -- Chad Miller <cmiller@debian.org> Tue, 20 Nov 2001 10:50:20 -0500
435 radiusd-freeradius (0.3-1) unstable; urgency=low
439 -- Chad Miller <cmiller@debian.org> Tue, 9 Oct 2001 18:16:23 -0400
441 radiusd-freeradius (0.2+20010917-1) unstable; urgency=low
443 * Removed old mysql build-dep. (closes: Bug#112541)
445 -- Chad Miller <cmiller@debian.org> Mon, 17 Sep 2001 11:38:24 -0400
447 radiusd-freeradius (0.2+20010912-1) unstable; urgency=low
449 * Build-dep mysql changed package names.
450 * Added build-dep for libmysqlclient10-dev. (closes: Bug#111880)
451 * In acct_users, keep reply pairs.
452 * Integer values are printed as unsigned numbers, to comply with RFC2866.
453 * Fixed broken/reversed auth comparisons in SQL module.
454 * Sucked out CPPness from inside a printf, as printf is a macro in newer
455 compilers (gcc3.0, e.g.). (closes: Bug#100889)
456 * Sundry LDAP configuration, unresponsive thread, and proxying fixes.
457 * Added user 'freerad' into the 'shadow' group.
458 * Fixed UUCP-style of restricting time of log-in.
459 * Changed debugging messages to give more info about execution flow.
460 * Better counter module.
461 * Inserted CHAP support for SQL modules.
462 * Removed possible infinite loop.
464 -- Chad Miller <cmiller@debian.org> Wed, 12 Sep 2001 21:21:47 -0400
466 radiusd-freeradius (0.1+20010527-1) unstable; urgency=low
468 * Updated config.{guess,sub} to recent versions. (closes: Bug#98183)
469 * Updated build-dep to reflect supercession of libltdl0-dev by libltdl3-dev
472 -- Chad Miller <cmiller@debian.org> Sun, 27 May 2001 11:44:40 -0400
474 radiusd-freeradius (0.1+20010517-1) unstable; urgency=low
476 * Moved package to non-US to allow in Kerberos and PostgreSQL.
477 * Set Suggests of modules to main package.
478 * Better compile-time support of *BSD.
480 -- Chad Miller <cmiller@debian.org> Thu, 17 May 2001 14:46:51 -0400
482 radiusd-freeradius (0.1-1) unstable; urgency=low
484 * First beta release!
485 * Added generalized SQL support for ODBC, Oracle, MySQL, and Postgres.
486 * Added shasta, microsoft, and redback dictionaries.
487 * Fixed rc.d restart rule.
488 * Added a user to own the daemon and logfiles.
489 * SQL DB handles more forgiving of unreachable servers at startup.
490 * SQL Crypt-Password attribute support.
491 * Fixed cron log rotation.
492 * Put module libraries in own directory.
493 * Removed bogus build-dep. (closes: Bug#87277)
494 * Better permissions on /etc/raddb
495 * Use correct LDAP library.
496 * Fork ldap, postgresql, and mysql modules into different packages.
497 * Remove Kerberos, as it's restricted from export.
499 -- Chad Miller <cmiller@debian.org> Mon, 7 May 2001 16:37:46 -0400
501 radiusd-freeradius (0.0.20010109-1) unstable; urgency=low
503 * Changed priority, from standard to optional.
505 -- Chad Miller <cmiller@debian.org> Tue, 9 Jan 2001 14:01:38 -0500
507 radiusd-freeradius (0.0.20001227-1) unstable; urgency=low
509 * Initial revision. (closes: Bug#76476)
511 -- Chad Miller <cmiller@debian.org> Wed, 27 Dec 2000 11:58:56 -0500