-
prosody (0.9.8-1ubuntu0.1~ubuntu14.04.1) trusty-backports; urgency=medium
* No-change backport to trusty
prosody (0.9.8-1ubuntu0.1) wily-security; urgency=medium
* SECURITY UPDATE: path traversal vulnerability in mod_http_files
- debian/patches/0008-CVE-2016-1231.patch
- CVE-2016-1231
- LP: #1532943
* SECURITY UPDATE: use of weak PRNG in generation of dialback secrets
- debian/patches/0009-CVE-2016-1232.patch
- CVE-2016-1232
- LP: #1532943
prosody (0.9.8-1) unstable; urgency=medium
* New upstream release.
* Remove the patch which validates UTF-8 strings before calling libidn
because it's already applied upstream:
- 0005-Validate-UTF-8-strings-before-calling-libidn.patch
* Remove from the package two patches already removed from the patch series:
- 0005-Disable-LuaExpat-buffering-if-possible.patch
- 0006-Also-disable-CharacterData-merging-after-stream-rest.patch
* Do not reload prosody configuration after its log is rotated if the daemon
is not actually running (closes: #763658).
* Rename the default snakeoil localhost certificate to localhost.crt to
match its name in the config file (closes: #748721).
* Apply upstream patch which fixes CNAME DNS record resolution
(closes: #787070):
- 0007-Fix-CNAME-DNS-lookup.patch
* Remove quilt from the package build dependencies.
* Bump the standards version to 3.9.6.
prosody (0.9.7-2) unstable; urgency=high
* Apply upstream patch to validate UTF-8 strings before calling libidn
(related to CVE-2015-2059)
prosody (0.9.7-1) unstable; urgency=medium
* New upstream release, really a minor fix over 0.9.6
prosody (0.9.6-1) unstable; urgency=medium
* New upstream release
* Remove patches integrate upstream:
- 0005-Disable-LuaExpat-buffering-if-possible.patch
- 0006-Also-disable-CharacterData-merging-after-stream-rest.patch
prosody (0.9.4-1) unstable; urgency=high
* New upstream release
* Additional patches fixing a DOS:
- 0005-Disable-LuaExpat-buffering-if-possible.patch
- 0006-Also-disable-CharacterData-merging-after-stream-rest.patch
-- Felix Geyer <email address hidden> Wed, 13 Jan 2016 20:49:25 +0100
-
prosody (0.9.4-1~ubuntu14.04.1) trusty-backports; urgency=medium
* No-change backport to trusty (LP: #1374960)
prosody (0.9.4-1) unstable; urgency=high
* New upstream release
* Additional patches fixing a DOS:
- 0005-Disable-LuaExpat-buffering-if-possible.patch
- 0006-Also-disable-CharacterData-merging-after-stream-rest.patch
prosody (0.9.3-1) unstable; urgency=medium
* New upstream release
* Fix ejabberd2prosody path (LP: #1109051)
* Add Provides: xmpp-server (Closes: #737761)
prosody (0.9.2-1) unstable; urgency=medium
* New upstream release (Closes: #737260)
* Patches refreshed
* Copyright rewritten following format 1.0
-- Felix Geyer <email address hidden> Sun, 28 Sep 2014 14:15:27 +0200
-
prosody (0.9.1-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: path traversal vulnerability in mod_http_files
- debian/patches/CVE-2016-1231.patch
- CVE-2016-1231
- LP: #1532943
* SECURITY UPDATE: use of weak PRNG in generation of dialback secrets
- debian/patches/CVE-2016-1232.patch
- CVE-2016-1232
- LP: #1532943
-- Felix Geyer <email address hidden> Mon, 11 Jan 2016 19:21:33 +0100
-
prosody (0.9.1-1) unstable; urgency=low
* New upstream release including ipv6 support (Closes: #721970, #562161)
* Packaging moved to git (still collab maint)
* Add Vcs-* fields to control file
* Standards-Version bumped to 3.9.4, no changes needed
* Add delaycompress to logrotate file (Closes: #718703)
* Allow user to override IO/CPU scheduler and nice level using
/etc/default/prosody, as the upstream does
* Fix LSB init info adding $local_fs as a dependency
* Align package description with the one used by the upstream
-- Enrico Tassi <email address hidden> Fri, 16 Aug 2013 16:18:43 +0200
-
prosody (0.8.2-4) unstable; urgency=low
[ Matthew James Wild ]
* Fix init script to expect 'lua5.1' as a process name
-- Enrico Tassi <email address hidden> Fri, 29 Jun 2012 20:26:21 +0200