Author: Philipp Huebner
Revision Date: 2015-08-09 11:35:07 UTC

[ Christian Perrier ]
* Debconf templates and debian/control reviewed by the debian-l10n-
  english team as part of the Smith review project. Closes: #789757
* [Debconf translation updates]
* Spanish; (Badlop). Closes: #793310
* Swedish (Martin Bagge). Closes: #793453
* Russian (Sergey Alyoshin). Closes: #793591
* Danish (Joe Hansen). Closes: #794507
* French (Jean-Pierre Giraud). Closes: #794515
* Turkish (Mert Dirik). Closes: #794550
* German (Torsten Werner). Closes: #794599
* Italian (Beatrice Torracca). Closes: #794685
* Dutch; (Frans Spiesschaert). Closes: #794712
* Brazilian Portuguese; (Adriano Rafael Gomes). Closes: #794970
* Portuguese; (Américo Monteiro). Closes: #795005

[ Philipp Huebner ]
* convert package to use dh_installinit (Closes: #788007)
* init script: replace echo with log_daemon_msg
* web admin console now uses https by default
* ejabberdctl can now handle shell metacharacters in passwords
  (Closes: #792831)

Author: Philipp Huebner
Revision Date: 2015-08-09 11:35:07 UTC

[ Christian Perrier ]
* Debconf templates and debian/control reviewed by the debian-l10n-
  english team as part of the Smith review project. Closes: #789757
* [Debconf translation updates]
* Spanish; (Badlop). Closes: #793310
* Swedish (Martin Bagge). Closes: #793453
* Russian (Sergey Alyoshin). Closes: #793591
* Danish (Joe Hansen). Closes: #794507
* French (Jean-Pierre Giraud). Closes: #794515
* Turkish (Mert Dirik). Closes: #794550
* German (Torsten Werner). Closes: #794599
* Italian (Beatrice Torracca). Closes: #794685
* Dutch; (Frans Spiesschaert). Closes: #794712
* Brazilian Portuguese; (Adriano Rafael Gomes). Closes: #794970
* Portuguese; (Américo Monteiro). Closes: #795005

[ Philipp Huebner ]
* convert package to use dh_installinit (Closes: #788007)
* init script: replace echo with log_daemon_msg
* web admin console now uses https by default
* ejabberdctl can now handle shell metacharacters in passwords
  (Closes: #792831)

Author: Artur Rona
Revision Date: 2015-02-15 18:32:59 UTC

* Merge from Debian unstable. (LP: #1335141) Remaining changes:
  - debian/ejabberd.ufw.profile, debian/rules:
    + Add ufw profile.
* Drop following patches, fixed upstream:
  - debian/patches/digest-uri-virtual-hosts.patch
  - debian/patches/fix-erlang-r16b-compat.patch
* Drop support autotools-dev. Anyway arm64 is dep-waiting this time.

Author: Artur Rona
Revision Date: 2015-02-15 18:32:59 UTC

* Merge from Debian unstable. (LP: #1335141) Remaining changes:
  - debian/ejabberd.ufw.profile, debian/rules:
    + Add ufw profile.
* Drop following patches, fixed upstream:
  - debian/patches/digest-uri-virtual-hosts.patch
  - debian/patches/fix-erlang-r16b-compat.patch
* Drop support autotools-dev. Anyway arm64 is dep-waiting this time.

Author: Richard Hansen
Revision Date: 2013-11-15 15:13:02 UTC

* Add digest-uri-virtual-hosts.patch from upstream commit f434501
  - Fixes a problem with Pidgin not being able to log in on a server
    with multiple virtual hosts and SRV records (LP: #1097366)

Author: Ben Langfeld
Revision Date: 2014-07-10 22:31:21 UTC

Include patch

Author: Lionel Porcheron
Revision Date: 2014-04-28 12:09:12 UTC

* Fix LDAP authentication (LP: #1241632)
  - debian/patches/fix-erlang-r16b-compat.patch: backport upstream
    fix for Erlang 16b compatibility.
  - upstream reference: https://support.process-one.net/browse/EJAB-1612

Author: Lionel Porcheron
Revision Date: 2014-04-28 12:09:12 UTC

* Fix LDAP authentication (LP: #1241632)
  - debian/patches/fix-erlang-r16b-compat.patch: backport upstream
    fix for Erlang 16b compatibility.
  - upstream reference: https://support.process-one.net/browse/EJAB-1612

Author: Lionel Porcheron
Revision Date: 2014-04-28 13:27:21 UTC

* Fix LDAP authentication (LP: #1241632)
  - debian/patches/fix-erlang-r16b-compat.patch: backport upstream
    fix for Erlang 16b compatibility.
  - upstream reference: https://support.process-one.net/browse/EJAB-1612
* Add ufw profile (LP: #1254688)

Author: Lionel Porcheron
Revision Date: 2014-04-28 13:27:21 UTC

* Fix LDAP authentication (LP: #1241632)
  - debian/patches/fix-erlang-r16b-compat.patch: backport upstream
    fix for Erlang 16b compatibility.
  - upstream reference: https://support.process-one.net/browse/EJAB-1612
* Add ufw profile (LP: #1254688)

Author: Daniel T Chen
Revision Date: 2014-02-10 14:41:57 UTC

Use autotools-dev for arm64.

Author: Richard Hansen
Revision Date: 2013-11-15 15:13:02 UTC

* Add digest-uri-virtual-hosts.patch from upstream commit f434501
  - Fixes a problem with Pidgin not being able to log in on a server
    with multiple virtual hosts and SRV records (LP: #1097366)

Author: Richard Hansen
Revision Date: 2013-01-08 12:52:21 UTC

* Add digest-uri-virtual-hosts.patch from upstream commit f434501
  - Fixes a problem with Pidgin not being able to log in on a server
    with multiple virtual hosts and SRV records (LP: #1097366)

Author: Felix Geyer
Revision Date: 2013-10-13 13:23:27 UTC

* SECURITY UPDATE: Disable SSLv2 and weak ciphers in the TLS driver.
  (LP: #1239307)
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - CVE-2013-6169

Author: Felix Geyer
Revision Date: 2013-10-13 15:31:57 UTC

* SECURITY UPDATE: Disable SSLv2 and weak ciphers in the TLS driver.
  (LP: #1239307)
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - CVE-2013-6169

Author: Felix Geyer
Revision Date: 2013-10-13 13:23:27 UTC

* SECURITY UPDATE: Disable SSLv2 and weak ciphers in the TLS driver.
  (LP: #1239307)
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - CVE-2013-6169

Author: Felix Geyer
Revision Date: 2013-10-13 15:31:57 UTC

* SECURITY UPDATE: Disable SSLv2 and weak ciphers in the TLS driver.
  (LP: #1239307)
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - CVE-2013-6169

Author: Felix Geyer
Revision Date: 2013-10-13 13:21:31 UTC

* SECURITY UPDATE: Disable SSLv2 and weak ciphers in the TLS driver.
  (LP: #1239307)
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - CVE-2013-6169

Author: Felix Geyer
Revision Date: 2013-10-13 11:58:44 UTC

* Disable SSLv2 and weak ciphers in the TLS driver.
  - debian/patches/disable-ssl2.patch, patch from Debian
  - debian/patches/disable-insecure-ssl-cyphers.patch, patch from Debian
  - LP: #1239307

Author: Konstantin Khomoutov
Revision Date: 2013-02-16 16:59:21 UTC

[ Konstantin Khomoutov ]
* Do not run ejabberdctl as root in prerm and logrotate scripts
  (closes: #691125, thanks to Michael Stapelberg and Felix Geyer).
* Add upstream patch fixing receiving JPEG vCard photos via LDAP
  (closes: #660186).
* Add upstream patch fixing parsing HTTPS requests split into
  multiple packets (closes: #698309).

Author: Konstantin Khomoutov
Revision Date: 2013-02-16 16:59:21 UTC

[ Konstantin Khomoutov ]
* Do not run ejabberdctl as root in prerm and logrotate scripts
  (closes: #691125, thanks to Michael Stapelberg and Felix Geyer).
* Add upstream patch fixing receiving JPEG vCard photos via LDAP
  (closes: #660186).
* Add upstream patch fixing parsing HTTPS requests split into
  multiple packets (closes: #698309).

Author: Konstantin Khomoutov
Revision Date: 2012-05-20 14:51:12 UTC

[ Konstantin Khomoutov ]
* Provide custom implementation of xmerl_regexp:sh_to_awk/1
  (closes: #670307).
* Add use_dpkg_buildflags.patch (thanks to Simon Ruderich,
  closes: #664034).
* Add relax-digest-uri-handling.patch (closes: #654853).
* Add Slovak translation (thanks to Slavko, closes: #647115).
* Add Italian translation (thanks to Beatrice Torracca, closes: #682987).

Author: Gerfried Fuchs
Revision Date: 2012-02-15 08:10:21 UTC

Revert bumping erlang-dev Build-Depends version to >= 1:15.b, there is no
1:15.b in precise.

Author: Felix Geyer
Revision Date: 2011-06-16 11:53:01 UTC

* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
  - debian/patches/CVE-2011-1753.patch: patch from upstream
  - CVE-2011-1753

Author: Felix Geyer
Revision Date: 2011-06-16 12:06:06 UTC

* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
  - debian/patches/CVE-2011-1753.patch: patch from upstream
  - CVE-2011-1753

Author: Jamie Strandboge
Revision Date: 2011-06-10 15:03:15 UTC

fake sync from Debian

Author: Felix Geyer
Revision Date: 2011-06-16 12:06:06 UTC

* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
  - debian/patches/CVE-2011-1753.patch: patch from upstream
  - CVE-2011-1753

Author: Felix Geyer
Revision Date: 2011-06-16 11:53:01 UTC

* SECURITY UPDATE: billion laughs DoS vulnerability (LP: #791730)
  - debian/patches/CVE-2011-1753.patch: patch from upstream
  - CVE-2011-1753

Author: Jamie Strandboge
Revision Date: 2011-06-10 15:03:15 UTC

fake sync from Debian

Author: Nico Golde
Revision Date: 2011-05-30 23:53:46 UTC

* Non-maintainer upload by the Security Team.
* Disable entity expansion completely to prevent against
  billion laugs DoS attack (CVE-2011-1753).

Author: Konstantin Khomoutov
Revision Date: 2010-10-23 17:05:48 UTC

[ Konstantin Khomoutov ]
Add patch http-poll-binary-parse.patch fixing EJAB-1325 (closes: #601094).

Author: Rhonda D'Vine
Revision Date: 2010-09-15 21:03:06 UTC

[ Gerfried Fuchs ]
* New debconf translation:
  - Danish by Joe Hansen (closes: #592271)
* Run debconf-updatepo on all other translations.

[ Konstantin Khomoutov ]
* Remove /var/run/ejabberd on package purge (LP: #615473).
* Add mod-vcard-ldap-photo.patch fixing EJAB-1258 (LP: #613854).
* Bump standards version to 3.9.1.

Author: Konstantin Khomoutov
Revision Date: 2010-02-04 03:38:02 UTC

Integrate upstream patches for EJAB-1173,
fixing CVE-2010-0305 (closes: #568383).

Author: Sergei Golovan
Revision Date: 2009-01-15 19:44:58 UTC

New upstream release.

Author: Sergei Golovan
Revision Date: 2008-06-20 10:07:29 UTC

* Improved a patch which removes message rejecting intervals for
  server-to-server recipients.
* Bumped standards version to 3.8.0.

Author: Sergei Golovan
Revision Date: 2008-01-01 17:09:57 UTC

* Added a patch which fixes access rule check in mod_irc.
* Added a patch which fixes ejabberd build using erlang R12B-0.
* Increased number of erlang ports in /etc/ejabberd/default. The default
  value of 1024 allows too few simultaneous connections (from 300 to 500
  for both clients and servers depending of whether they use SSL or traffic
  compression).
* Fixed shell backquotes in ejabberd and ejabberdctl manual pages. Also
  bumped their versions to 1.1.4.
* Added a note about binding to privileged ports to README.Debian.
* Fixed a race condition between starting log handler and port listener.
  Otherwise, error reports about port binding can't get into log file
  (closes: #458518).

Author: Torsten Werner
Revision Date: 2007-06-10 19:19:20 UTC

[ Sergei Golovan ]
* Added binary package dependency on erlang-abi-* virtual package to
  prevent installation of ejabberd which uses incompatible erlang ABI.
* Included ejabberd headers to binary package to make building external
  modules for ejabberd possible (closes: #428081).

Author: Torsten Werner
Revision Date: 2007-02-27 08:28:31 UTC

[ Sergei Golovan ]
Fixed users database and logs directoriy permissions (closes: #412583).

Author: Torsten Werner
Revision Date: 2006-09-14 07:20:39 UTC

[ Sergei Golovan ]
* Security fix! Fixed vulnerability in mod_muc_log where users were
  able to insert an HTML code to MUC weblogs (fix is backported from
  ejabberd SVN).
* Added LSB keyword section to init.d script.

[ Torsten Werner ]
* setting urgency to medium because of a securetty issue

Author: Sebastian Dröge
Revision Date: 2006-03-18 13:19:04 UTC

* Fakesync with Debian
* UVF exception granted by Matt Zimmerman.
  See http://article.gmane.org/gmane.linux.ubuntu.motu/429

Author: Torsten Werner
Revision Date: 2005-05-25 23:55:28 UTC

* New upstream release, closes: #309526
* added --enable-odbc to configure
* small fix to init script
* thanks to Sergei Golovan <sgolovan@nes.ru> for helping

Author: Torsten Werner
Revision Date: 2004-11-30 22:05:28 UTC

* changed to versioned (Build-)Depends: erlang (>= 1:10), closes: #282836
* fixed error in init script, closes: #283205
* scripts ejabberd and ejabberdctl export $HOME environment variable now
* usage message for ejabberdctl updated to reflect the different call syntax
  thanks to Sergei Golovan (both changes)
* updated the Description proposed by Andreas van Cranenburgh

Author: Kees Cook
Revision Date: 2007-03-06 09:54:20 UTC

* SECURITY UPDATE: ejabberd user database is world-readable.
* debian/postist: permissions updated (LP: #88136).

Author: Lionel Porcheron
Revision Date: 2007-03-06 10:47:19 UTC

* SECURITY UPDATE: ejabberd user database is world-readable.
* debian/ejabberd.postist: permissions updated (LP: #88136).

Author: Hadmut Danisch
Revision Date: 2008-09-01 15:52:44 UTC

Automated backport upload; no source changes.

Author: Kees Cook
Revision Date: 2007-03-06 09:54:20 UTC

* SECURITY UPDATE: ejabberd user database is world-readable.
* debian/postist: permissions updated (LP: #88136).

Author: Lionel Porcheron
Revision Date: 2007-03-06 10:47:19 UTC

* SECURITY UPDATE: ejabberd user database is world-readable.
* debian/ejabberd.postist: permissions updated (LP: #88136).

Author: Konstantin Khomoutov
Revision Date: 2009-05-10 01:32:38 UTC

* Non-maintainer upload to fix compatibility with Erlang/OTP R13B
  (dynamic_compile_loglevel.patch added).
* Raise requirement for the erlang-dev package version to >= 1:13.b
  to simplify transition of Debian to Erlang/OTP R13B.