Author: Joost van Baal
Revision Date: 2015-09-06 07:23:33 UTC

* New upstream. No longer ships install-publicfile, no longer uses /tmp.
  This fixes a serious security issue: a local privilage escalation
  security hole due to insecure use of /tmp. "This [...] package downloads
  the source code for DJB's publicfile, builds it, and then puts the
  output in a predictable location in a world-writable directory, using an
  existing directory of that name if it already exists, then (either
  automatically or by telling the admin to run another script) installs
  whatever happens to be in that directory. This can be exploited by
  malicious local users to get arbitrary installscripts executed as root."
  Thanks Justin B Rye. Closes: #795062.
  + debian/templates: adjusted.
  + debian/control: Depends: add sudo.
* debian/changelog: fix spelling error.

Author: Joost van Baal
Revision Date: 2015-09-06 07:23:33 UTC

* New upstream. No longer ships install-publicfile, no longer uses /tmp.
  This fixes a serious security issue: a local privilage escalation
  security hole due to insecure use of /tmp. "This [...] package downloads
  the source code for DJB's publicfile, builds it, and then puts the
  output in a predictable location in a world-writable directory, using an
  existing directory of that name if it already exists, then (either
  automatically or by telling the admin to run another script) installs
  whatever happens to be in that directory. This can be exploited by
  malicious local users to get arbitrary installscripts executed as root."
  Thanks Justin B Rye. Closes: #795062.
  + debian/templates: adjusted.
  + debian/control: Depends: add sudo.
* debian/changelog: fix spelling error.