diff options
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 371 |
1 files changed, 371 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..c8b1f20 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,371 @@ +phpbb3 (3.0.12-5+deb8u1) jessie; urgency=medium + + * Fix possible redirection on Chrome: an insufficient check allowed users of + the Google Chrome browser to be redirected to external domains (e.g. on + login) [CVE-2015-3880] + + -- David Prévot <taffit@debian.org> Tue, 12 May 2015 15:52:23 -0400 + +phpbb3 (3.0.12-5) unstable; urgency=medium + + * Fix authentication setup: another PHP 5.6 compatibility issue, the + internal ldap_escape() function was recently added into PHP 5.6 as + provided by php5-ldap, and thus need to be renamed. + (Closes: #778553) + * Fix avatar upload permissions + * Fix image display in Apache (Closes: #778457) + + -- David Prévot <taffit@debian.org> Mon, 16 Feb 2015 13:51:53 -0400 + +phpbb3 (3.0.12-4) unstable; urgency=medium + + * Fix CSRF vulnerability [CVE-2015-1432] and CSS injection [CVE-2015-1431] + (Closes: #776699) + * Improve PHP 5.6 compatibility: allow mbstring.http_{in,out}put to be set + as '' as well as 'pass' on install; do not display warning in ACP if so. + + -- David Prévot <taffit@debian.org> Mon, 02 Feb 2015 20:35:46 -0400 + +phpbb3 (3.0.12-3) unstable; urgency=medium + + * Adapt update_languages script to new scheme + * Update URL for upstream language files + * Bump standards version to 3.9.6 + * Update copyright + + -- David Prévot <taffit@debian.org> Sat, 25 Oct 2014 20:58:23 -0400 + +phpbb3 (3.0.12-2) unstable; urgency=medium + + * Update translations: + - Update Belarusian + - Update Finnish + - Add Gaelic + - Add Tatar + * Update packaging team (Closes: #740936) + Thanks Jeroen and Jean-Marc for your previous work. + + -- David Prévot <taffit@debian.org> Fri, 11 Apr 2014 17:57:11 -0400 + +phpbb3 (3.0.12-1) unstable; urgency=low + + * New upstream release + * Refresh patches + * Update copyright + * Clean up pre-Squeeze upgrade path + * Use XZ compression for language packs + * Bump standards version to 3.9.5 + * Allow alternatives to MySQL (closes: #732900) + + -- David Prévot <taffit@debian.org> Thu, 02 Jan 2014 22:04:21 -0400 + +phpbb3 (3.0.11-5) unstable; urgency=low + + * Make fix_chown.patch a bit more robust + * Clean up pre-Squeeze handling + * Handle Apache 2.4 (and 2.2 too, closes: #669959) + * Clean up copyright + + -- David Prévot <taffit@debian.org> Sun, 21 Jul 2013 18:06:20 -0400 + +phpbb3 (3.0.11-4) unstable; urgency=high + + * Fix chown in cache (closes: #711172) + * Fix world-writable directories + + -- David Prévot <taffit@debian.org> Thu, 13 Jun 2013 15:35:45 -0400 + +phpbb3 (3.0.11-3) experimental; urgency=low + + * Update Belarusian, Bulgarian, Czech, Mexican Spanish, Spanish (Casual + Honorifics and Formal Honorifics) and Slovenian translations. + * Update copyright to new path for these translations. + + -- David Prévot <taffit@debian.org> Wed, 03 Apr 2013 23:03:56 -0400 + +phpbb3 (3.0.11-2) experimental; urgency=low + + * Allow language pack update, without updating the main tarball. + * Update Czech, Croatian, Swedish and Vietnamese translations. + * Update copyright to new path for these translations. + + -- David Prévot <taffit@debian.org> Mon, 26 Nov 2012 16:57:03 -0400 + +phpbb3 (3.0.11-1) experimental; urgency=low + + * New upstream release. + * New Brazilian Portuguese debconf translation by J.S.Júnior + (closes: #663496). + * Move webserver examples to /usr/share/phpbb3/webserver-examples since they + are referenced at install time (Policy 10.7.3). + * Update copyright, making it conform to machine-readable version 1.0. + * Update to policy 3.9.4: no change needed. + * Update patches. + * debian/dbapps-lib: Correct handling of dbc_dbserver when configuring mysql + connection parameters, thanks to Liam Young for the patch (the #613060 fix + was not correct, LP: #997782, closes: #678544). + * Remove AUTHORS and VERSION files from the l10n binary package. + + -- David Prévot <taffit@debian.org> Fri, 05 Oct 2012 18:36:43 -0400 + +phpbb3 (3.0.10-2) unstable; urgency=low + + * Update Czech translation (closes: #658650). + + -- David Prévot <taffit@debian.org> Sat, 04 Feb 2012 19:16:24 -0400 + +phpbb3 (3.0.10-1) unstable; urgency=low + + * New upstream release. + * Update patches and schemes. + * Explicitly define version number for database upgrade. + + -- David Prévot <taffit@debian.org> Mon, 16 Jan 2012 19:33:28 -0400 + +phpbb3 (3.0.9-1) unstable; urgency=low + + * New upstream release. + * Remove Shield Ranks plugin (licensing issue). + * Update language pack path (upstream packages modified). + * Update patches: use cache/$url_forum/ in acm_memory.php too. + * Don't hardcode version number for database upgrade. + * Handle permissions of nested directories (closes: #607380). + * Explicitly define PHPBB_ROOT_PATH in install-XXX (closes: #644276). + + -- David Prévot <taffit@debian.org> Sun, 20 Nov 2011 12:31:59 -0400 + +phpbb3 (3.0.7-PL1-5) unstable; urgency=low + + [ David Prévot ] + * Fix broken cache, thanks to Nicolas Schodet (actually closes: #599480). + * Fix cross site scripting vulnerability (closes: #612477) [CVE-2011-0544]. + * Enforce run_sql with "-h localhost" when $dbc_dbserver is empty + (closes: #613060). + * Don't use local lib on preinst (closes: #595536). + * Update to policy 3.9.2: no change needed. + * Update my email address. + + [ Jean-Marc Roth ] + * Fix postgres failure when postgres server is remote (closes: #612441). + * Don't be too rude on trying to uninstall when unsupported webserver is + used (closes: #597373). + + -- David Prévot <taffit@debian.org> Mon, 23 May 2011 15:59:05 -0400 + +phpbb3 (3.0.7-PL1-4) unstable; urgency=high + + [ Jean-Marc Roth ] + * Be nicer on run_sql() failure (e.g. noninteractive case) -- inspired from + dbconfig (closes: #595594). + + [ David Prévot ] + * Vietnamese debconf translation updated, Clytie Siddall (closes: #598579). + * Document $url_forum feature in README.multiboard (closes: #599480). + + -- David Prévot <david@tilapin.org> Sat, 16 Oct 2010 12:30:20 -0400 + +phpbb3 (3.0.7-PL1-3) unstable; urgency=high + + [ David Prévot ] + * Use explicitly port 80 in examples, thanks to Greg Lyle (closes: #586012). + * Update to policy 3.9.1: no change needed. + * Japanese debconf translation updated, Hideki Yamane (closes: #591079). + + [ Jean-Marc Roth ] + * Be nicer on dbconfig-common failure -- inspired from s9y (closes: #586759). + + -- David Prévot <david@tilapin.org> Sat, 31 Jul 2010 19:07:44 -0400 + +phpbb3 (3.0.7-PL1-2) unstable; urgency=low + + [ Jean-Marc Roth ] + * Maintainer script does not correctly handle remote DB (closes: #583197). + * Update path to VCS-browser, websvn needs a trailing slash. + + [ David Prévot ] + * templates reviewed with the Smith Review Project. + * Portuguese debconf translation updated thanks to Américo Monteiro + (closes: #583458). + * French debconf translation updated. + * Czech debconf translation updated thanks to Miroslav Kure + (closes: #583771). + * Danish debconf translation added thanks to Joe Hansen (closes: #583829). + * Swedish debconf translation updated thanks to Martin Ågren + (closes: #584753). + * Italian debconf translation updated thanks to Luca Monducci + (closes: #584771). + * Russian debconf translation updated thanks to Yuri Kozlov + (closes: #584800). + * German debconf translation updated thanks to Matthias Julius + (closes: #584847). + * Spanish debconf translation updated thanks to Francisco Javier Cuadrado + (closes: #584863). + + [ Thijs Kinkhorst ] + * Remove obsolete uuencoded logos. + * Dutch debconf translation updated. + + -- Jean-Marc Roth <jmroth@iip.lu> Wed, 26 May 2010 12:55:24 +0200 + +phpbb3 (3.0.7-PL1-1) unstable; urgency=low + + [ Jean-Marc Roth ] + * New upstream release (closes: #571787, #524361). + [CVE-2010-1630, CVE-2010-1627] + * Update to source package format 3.0(quilt). (made patches DEP-3 compliant) + * Reinforced security: enable gd captcha, php5-gd becomes dependency, + set random captcha settings during config, require user account activation + (closes: #570011). + * Board becomes multi-site capable (closes: #437836). + * README.multiboard updated (closes: #529707). + * database upgrade uses patched database_update.php from upstream + => added php5-cli to dependencies. + * apache2 has become new default in debconf (phpbb3/http). + * Styles documentation updated (closes: #569911). + * Restart webserver (closes: #430458). + * Sqlite support fixed (closes: #504419). + * Next-gen permissions on /var/cache and /var/lib, especially for multisite + (closes: #447542). + * Using UCF for webserver config. + * Support setting admin credentials via debconf (closes: #477440). + * Provide install directory, actually req'd for multisite (closes: #440405). + + [ David Prévot ] + * Upstream documentation included. + * Language pack is back (closes: #502563). + * copyright notice updated to DEP-5 (closes: #505319). + * Support automatic configuration for lighttpd (closes: #574551). + * control and templates reviewed by the Smith Review Project. + * Portuguese debconf translation updated thanks to Américo Monteiro + (closes: #575949). + * Vietnamese debconf translation updated thanks to Clytie Siddall + (closes: #575990). + * German debconf translation updated thanks to Matthias Julius + (closes: #576939). + * Japanese debconf translation updated thanks to Hideki Yamane + (closes: #577063). + * French debconf translation updated. + * Spanish debconf translation added thanks to Francisco Javier Cuadrado + (closes: #579197). + * Swedish debconf translation updated thanks to Martin Ågren + (closes: #579280). + + [ Thijs Kinkhorst ] + * Removed self from uploaders. + + -- Jean-Marc Roth <jmroth@iip.lu> Fri, 30 Apr 2010 12:41:23 +0200 + +phpbb3 (3.0.4-1) UNRELEASED; urgency=low + + * New upstream release. + * Drop all PHP4-related stuff. + * Obsoletes security patches from previous uploads. + * Minor packaging cleanups. + + -- Thijs Kinkhorst <thijs@debian.org> Mon, 16 Feb 2009 23:49:49 +0100 + +phpbb3 (3.0.2-4) unstable; urgency=high + + * Two security fixes backported from 3.0.4: + + deactivated accounts could be re-activated by a user + (closes: #508872). + + ask for forum password if post within passworded forum + quoted in private message. + + -- Thijs Kinkhorst <thijs@debian.org> Fri, 06 Feb 2009 14:51:46 +0100 + +phpbb3 (3.0.2-3) unstable; urgency=high + + * More fixes for PostgreSQL database schema creation, + thanks Ansgar Burchardt (Closes: #497721). + + -- Thijs Kinkhorst <thijs@debian.org> Fri, 05 Sep 2008 21:06:21 +0200 + +phpbb3 (3.0.2-2) unstable; urgency=high + + * Fix bug in PostgreSQL database schema creation (Closes: #497721). + * Update to policy 3.8.0: add a patch target to debian/rules and + a README.source file. + * Fix watch file. + + -- Thijs Kinkhorst <thijs@debian.org> Thu, 04 Sep 2008 09:39:00 +0200 + +phpbb3 (3.0.2-1) unstable; urgency=medium + + * New upstream bugfix release. + - Includes low-impact security issue, so medium urgency. + [CVE-2008-3224] + + -- Thijs Kinkhorst <thijs@debian.org> Sat, 12 Jul 2008 21:32:15 +0200 + +phpbb3 (3.0.1-1) unstable; urgency=low + + * New upstream bugfix release. + * Add Portuguese debconf translation thanks to Miguel Figueiredo + (Closes: #470112) + * Fix PostgreSQL schema to strip out hash-style comments + (Closes: #461117). + + -- Thijs Kinkhorst <thijs@debian.org> Tue, 22 Apr 2008 01:13:42 +0200 + +phpbb3 (3.0.0-2) unstable; urgency=low + + * Also install download/ directory, thanks Laurent Bigonville + (Closes: #466429). + * Upload to unstable. + + -- Thijs Kinkhorst <thijs@debian.org> Wed, 27 Feb 2008 11:03:04 +0100 + +phpbb3 (3.0.0-1) experimental; urgency=low + + * New upstream release (closes: #456304). + * Drop obsoleted fix for admin reauth (closes: #450696). + * Initialise board startdate to package install time (closes: #447541). + * Use MySQL 4.1 schema instead of 4.0, it is more compatible with + recent MySQL versions (closes: #460931). + * Make cache dir readable by webserver (closes: #447540). + + -- Thijs Kinkhorst <thijs@debian.org> Sat, 19 Jan 2008 22:29:57 +0100 + +phpbb3 (3.0.0~RC7-1) experimental; urgency=low + + * New upstream Release Candidate 7. + + -- Thijs Kinkhorst <thijs@debian.org> Tue, 23 Oct 2007 23:01:26 +0200 + +phpbb3 (3.0.0~RC5-1) experimental; urgency=low + + * New upstream Release Candidate 5. + + -- Thijs Kinkhorst <thijs@debian.org> Mon, 27 Aug 2007 21:24:05 +0200 + +phpbb3 (3.0.0~RC4-1) experimental; urgency=low + + * New upstream Release Candidate 4. + + -- Thijs Kinkhorst <thijs@debian.org> Mon, 30 Jul 2007 17:02:24 +0200 + +phpbb3 (3.0.0~RC3-1) experimental; urgency=low + + * New upstream Release Candidate 3. + + -- Thijs Kinkhorst <thijs@debian.org> Mon, 09 Jul 2007 13:35:41 +0200 + +phpbb3 (3.0.0~RC2-1) experimental; urgency=low + + * New upstream Release Candidate 2. + + -- Thijs Kinkhorst <thijs@debian.org> Wed, 27 Jun 2007 13:33:24 +0200 + +phpbb3 (3.0.0~RC1) experimental; urgency=low + + * New upstream Release Candidate 1. + + -- Thijs Kinkhorst <thijs@debian.org> Thu, 31 May 2007 16:35:37 +0200 + +phpbb3 (3.0.0~B5) experimental; urgency=low + + * New upstream Beta 5 release. + + -- Thijs Kinkhorst <thijs@debian.org> Tue, 6 Feb 2007 16:31:45 +0100 + |