Change log for elog package in Ubuntu

elog (3.1.3-1-1build2) jammy; urgency=medium

  * No-change rebuild against openssl3

 -- Simon Chopin <email address hidden>  Wed, 01 Dec 2021 12:04:59 +0100

Available diffs

• diff from 3.1.3-1-1build1 to 3.1.3-1-1build2 (308 bytes)

elog (3.1.3-1-1build1) bionic; urgency=high

  * No change rebuild against openssl1.1.

 -- Dimitri John Ledkov <email address hidden>  Mon, 05 Feb 2018 23:21:23 +0000

Available diffs

• diff from 3.1.3-1-1 (in Debian) to 3.1.3-1-1build1 (539 bytes)

elog (3.1.3-1-1) unstable; urgency=medium

  * new upstream version grabbed
  * debian/
     - updated debian/source/lintian-overrides to fix lintian report
     - updated debian/rules to apply hardening flags correctly
     - updated Standards-version to 4.0.0 (debian/control)
     - updated debian/patches/* to work with new upstream version
     - removed 0002_html_doc.patch because fixed in upstream

 -- Roger Kalt <email address hidden>  Sun, 11 Jun 2017 22:04:06 +0200

Available diffs

• diff from 3.1.2-1-1 to 3.1.3-1-1 (27.3 KiB)

elog (3.1.2-1-1) unstable; urgency=low

  * new upstream version grabbed, (Closes: #836505, CVE-2016-6342)
  * update debian/rules
    - allow reproducible builds (Closes: #816209)
    - enable all hardening build flags
  * update debian/source/lintian-overrides for contrib/elogsubmit.js
    insane-line-length-in-source-file, removed unused overrides
  * update Standards-Version to 3.9.8 (debian/control)

 -- Roger Kalt <email address hidden>  Tue, 06 Sep 2016 20:00:00 +0100

Available diffs

• diff from 3.1.1-1-1 to 3.1.2-1-1 (21.5 KiB)

elog (3.1.1-1-1) unstable; urgency=low

  * new upstream version grabbed
  * debian/patches:
     - update 0004_Makefile.patch to fix file permission in themes
     - update 0005_ReproducibleBuilds.patch for new upstream version
  * debian/copyright updated for new CKEditor version config file
  * debian/source/lintian-overrides updated

 -- Roger Kalt <email address hidden>  Thu, 05 Nov 2015 22:00:00 +0100

Available diffs

• diff from 3.1.0-2-1 to 3.1.1-1-1 (61.5 KiB)

elog (3.1.0-2-1) unstable; urgency=low

  * new upstream version grabbed
  * debian/control:
    - libjs-jquery is required
    - fckeditor is no longer suggested but now ckeditor is recommended
  * debian/patches:
    - correct 0004_Makefile.patch in order KRB5 auth is enabled in elogd
    - add 0005_ReproducibleBuilds.patch to allow reproducible builds
  * debian/postinst:
    - add pathfind shell function proposed in Debian's Developer's Reference
  * debian/prerm:
    - add pathfind shell function proposed in Debian's Developer's Reference

 -- Roger Kalt <email address hidden>  Thu, 7 May 2015 20:00:00 +0100

Available diffs

• diff from 2.9.2+2014.05.11git44800a7-2 to 3.1.0-2-1 (194.3 KiB)

elog (2.9.2+2014.05.11git44800a7-2) unstable; urgency=low


  * debian/control:
    - fckeditor is no longer required but only suggested
    - Standards-Version to 3.9.6

 -- Roger Kalt <email address hidden>  Thu, 23 Oct 2014 20:00:00 +0200

elog (2.6.3+r1764-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix bashism in postinst script (Closes: #472224)
  * debian/control:
    - Bump Standards-Version to 3.7.3.
    - Use Homepage: field for upstream URL.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Fri,  02 May 2008 01:57:48 +0100

elog (2.6.3+r1764-1) unstable; urgency=low

  * New upstream release grabbed from Subversion (r1764).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Wed,  29 Nov 2006 09:37:37 +0000

elog (2.6.2+r1754-1) unstable; urgency=low

  * New upstream release grabbed from Subversion (r1754), includes
    fixes for a bunch of security issues[1]:
    + Fixes from Ulf Harnhammar (Debian Security Audit Project):
      - There are some incorrect handling of *printf() calls and format
        strings. They lead to ELOG crashing completely, with the potential
        of executing arbitrary machine code programs, when a user uploads
        and submits as the first attachment in an entry a file called
        "%n%n%n%n" - or similar - which must not be empty.
      - There is a Cross-site Scripting issue when requesting correctly
        named but non-existant files for downloading.
      - There are also Cross-site Scripting issues when creating new
        entries with New. If a document sends data to ELOG where the fields
        Type and Category contain invalid entries with HTML code, the
        resulting error document will print the Type or Category data as-is
        with no quoting.
    + Fixes from OS2A team (credits go to Jayesh KS and Arun Kethipelly):
      - Remote exploitation of a denial of service vulnerability in ELOG's
        elogd server allows attackers to crash the service, thereby
        preventing legitimate access.  (Closes: #397875)
    [1] Leaving #392016 open for the reasons stated in that report.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  13 Nov 2006 00:26:02 +0000

elog (2.6.2+r1719-1) unstable; urgency=critical

  * Urgency set to critical because of the security issues.
  * New upstream release grabbed from Subversion (r1719).
    + Fix an XSS vulnerability, which occurs when editing a log entry
      in HTML mode.  (Closes: #389361)

elog (2.6.1+r1642-1) unstable; urgency=critical

  * New upstream release grabbed from Subversion (r1642).
    + Really fix the security issue CVE-2005-4439.
  * Sigh!  Previous upload has some flaws:
    + Install elcode.js and other resoure files.  ElCode editor buttons
      should work now (thanks David Prince).
    + debian/update: Modify it to catch such sort of errors.
    + Really remove debian/watch.
    + Fix the pbuilder DEBEMAIL field which made the previous upload appear 
      as an NMU.
  * Add a Debian spesific note about the usage of password files in Elog.
  * Urgency set to critical for security fix.

elog (2.6.0beta2+r1716-1) unstable; urgency=low


  * New upstream beta release with the latest changes from CVS (r1.1716).
    + Features a simple markup called ELCode, a special set of tags to
      format an ELOG entry.  The ELCode tags are similar to the BBCode
      tags (phpBB), sometimes also referred as vB code.
  * Add Turkish ELOG translation.
  * Apply a patch to suppress GCC4-related signedness warnings.
  * debian/control:
    + Bump Standarts-Version to 3.6.2.
    + Rewrite description; needs a proof-read by a native English speaker.
  * debian/copyright: Clarify the copyright.
  * debian/rules:
    + Switch to dephelper compat 4.
    + Get rid of multiple dh_installs by using an '.install' file.
    + Remove the redundant INSTALL_PROGRAM logic.

  [These issues were pointed out by Marc 'HE' Brockschmidt; thanks Marc!]

 -- Recai Oktaş <email address hidden>  Mon, 25 Jul 2005 13:36:09 +0300

elog (2.5.9+r1674-1) unstable; urgency=high


  * Latest upstream from CVS (r1.674).
    + Includes the fix for a buffer overflow: r1.648.
    + See CVS logs for all changes:
    	http://midas.psi.ch/cgi-bin/cvsweb/elog/src/elogd.c
  * Urgency set to high because of the security issue.
  * Remove redundant debian/dirs file.

 -- Recai Oktaş <email address hidden>  Sun, 29 May 2005 19:53:50 +0300

elog (2.5.5+r1526-1) unstable; urgency=medium


  * Latest upstream from CVS (r1.526).  (Closes: #285832, #285834)
  * Update elogd(8) and elog(1) for the new options.
  * Minor doc fix for elogd.c.

 -- Recai Oktaş <email address hidden>  Sun, 26 Dec 2004 16:37:10 +0200

elog (2.5.2-1) unstable; urgency=low


  * New upstream release

 -- Recai Oktas <email address hidden>  Fri, 26 Mar 2004 19:56:17 +0200