Author: Patrick Matthäi
Revision Date: 2014-05-09 09:55:57 UTC

* New upstream release.
  - Drop merged patch 01-webadmin-dos.
  - Upstream provides a changelog now. Remove lintian overrides.

Author: Patrick Matthäi
Revision Date: 2014-05-09 09:55:57 UTC

* New upstream release.
  - Drop merged patch 01-webadmin-dos.
  - Upstream provides a changelog now. Remove lintian overrides.

Author: Patrick Matthäi
Revision Date: 2014-05-09 09:55:57 UTC

* New upstream release.
  - Drop merged patch 01-webadmin-dos.
  - Upstream provides a changelog now. Remove lintian overrides.

Author: Patrick Matthäi
Revision Date: 2014-05-09 09:55:57 UTC

* New upstream release.
  - Drop merged patch 01-webadmin-dos.
  - Upstream provides a changelog now. Remove lintian overrides.

Author: Matthias Klose
Revision Date: 2014-02-19 13:06:03 UTC

No-change rebuild for Python 3.4.

Author: Matthias Klose
Revision Date: 2014-02-19 13:06:03 UTC

No-change rebuild for Python 3.4.

Author: Thomas Ward
Revision Date: 2014-01-13 12:20:57 UTC

* SECURITY UPDATE: null pointer dereference in webadmin (LP: #1268658)
  - debian/patches/CVE-2013-2130.diff: Patch from Debian based on upstream to
    fix null pointer dereferences.
  - CVE-2013-2130

Author: Thomas Ward
Revision Date: 2014-01-13 12:20:57 UTC

* SECURITY UPDATE: null pointer dereference in webadmin (LP: #1268658)
  - debian/patches/CVE-2013-2130.diff: Patch from Debian based on upstream to
    fix null pointer dereferences.
  - CVE-2013-2130

Author: Patrick Matthäi
Revision Date: 2013-08-26 11:21:18 UTC

* Add upstream patch 02-CVE-2013-2130 to fix a NULL pointer dereference in
  the webadmin module as described in CVE-2013-2130.
  Closes: #720632
* Remove deprecated dh_pysupport.
* Remove unused hardening-no-fortify-functions lintian overrides.
* Add some lintian overrides for false positive spelling errors.
* Remove both .pyc files and hope that the Python module is still working.
* Limit dh_python3 to package znc-python. This helper is doing some realy
  strange things.
* Remove python:Depends.

Author: Patrick Matthäi
Revision Date: 2013-08-26 11:21:18 UTC

* Add upstream patch 02-CVE-2013-2130 to fix a NULL pointer dereference in
  the webadmin module as described in CVE-2013-2130.
  Closes: #720632
* Remove deprecated dh_pysupport.
* Remove unused hardening-no-fortify-functions lintian overrides.
* Add some lintian overrides for false positive spelling errors.
* Remove both .pyc files and hope that the Python module is still working.
* Limit dh_python3 to package znc-python. This helper is doing some realy
  strange things.
* Remove python:Depends.

Author: Daniel T Chen
Revision Date: 2013-04-11 15:52:57 UTC

Modified build infrastructure to be multiarch-Tcl-aware, fixing
FTBFS.

Author: Daniel T Chen
Revision Date: 2013-04-11 15:52:57 UTC

Modified build infrastructure to be multiarch-Tcl-aware, fixing
FTBFS.

Author: Micah Gersten
Revision Date: 2013-01-01 19:39:47 UTC

No-change backport to quantal (LP: #1085731)

Author: Micah Gersten
Revision Date: 2013-01-01 19:41:50 UTC

No-change backport to precise (LP: #1085760)

Author: Thomas Ward
Revision Date: 2012-12-18 06:29:44 UTC

* SECURITY UPDATE: denial of service caused by NULL pointer dereference
  (LP: #1090195)
  - debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL
    pointer dereference. Based on upstream patch.
  - CVE-2010-2448
  - CVE-2010-2488
* SECURITY UPDATE: denial of service caused by PING command without
  arguments (LP: #1090195)
  - debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly
    handle PING commands that have no arguments. Based on upstream patch.
  - CVE-2010-2812
* SECURITY UPDATE: denial of service via unknown vectors related to
  "unsafe substr() calls" (LP: #1090195)
  - debian/patches/cve-2010-2934.patch: modify IRCSock.cpp,
    modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to
    remove unsafe substr() calls. Based on upstream patch.
  - CVE-2010-2934

Author: Thomas Ward
Revision Date: 2012-12-18 06:29:44 UTC

* SECURITY UPDATE: denial of service caused by NULL pointer dereference
  (LP: #1090195)
  - debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL
    pointer dereference. Based on upstream patch.
  - CVE-2010-2448
  - CVE-2010-2488
* SECURITY UPDATE: denial of service caused by PING command without
  arguments (LP: #1090195)
  - debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly
    handle PING commands that have no arguments. Based on upstream patch.
  - CVE-2010-2812
* SECURITY UPDATE: denial of service via unknown vectors related to
  "unsafe substr() calls" (LP: #1090195)
  - debian/patches/cve-2010-2934.patch: modify IRCSock.cpp,
    modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to
    remove unsafe substr() calls. Based on upstream patch.
  - CVE-2010-2934

Author: Patrick Matthäi
Revision Date: 2012-05-30 18:54:05 UTC

* Add patch 01-swig-wrapper from Torsten Landschoff, which workarounds a
  regression in swig causing znc to FTBFS.
  Closes: #672035
* Overwrite some false positive hardening-no-fortify-functions lintian
  warnings.

Author: Patrick Matthäi
Revision Date: 2012-04-06 20:42:26 UTC

* New upstream release.
* Remove note about not existing znc.conf.gz example.

Author: Thomas Ward
Revision Date: 2012-01-12 22:55:17 UTC

* Source backport for oneiric (LP: #914996)
* Removed conflicting build-dep `swig`, to allow backporting to succeed

Author: Thomas Ward
Revision Date: 2012-01-12 22:54:21 UTC

* Source backport for natty (LP: #914996)
* Removed conflicting build-dep `swig`, to allow backporting to succeed

Author: Michael Bienia
Revision Date: 2011-06-01 20:16:11 UTC

debian/patches/02-fix-ld-as-needed-linking.diff:
Fix a "ld --as-needed" linking error in modules/modpython/Makefile.inc
(lp: #790496).

Author: Scott Kitterman
Revision Date: 2011-05-11 13:34:53 UTC

Automated backport upload; no source changes.

Author: Patrick Matthäi
Revision Date: 2010-08-18 19:24:22 UTC

Add patch 04-null-pointer-dereference.diff from upstream, which fixes an
NULL pointer dereference in the route_replies module.

Author: Patrick Matthäi
Revision Date: 2010-08-18 19:24:22 UTC

Add patch 04-null-pointer-dereference.diff from upstream, which fixes an
NULL pointer dereference in the route_replies module.

Author: Patrick Matthäi
Revision Date: 2009-12-19 15:58:51 UTC

* New upstream release.
  - connect_throttle module has been dropped.
  - Remove dropped znc.conf from examples.
* Merge 0.076-1~bpo50+1 changelog.
* Convert package to the 3.0 (quilt) format.

Author: Patrick Matthäi
Revision Date: 2008-12-06 23:28:22 UTC

* Add missing ${misc:Depends}. Thanks lintian.
* Fix debian/watch, so that it does not take the new znc-extra tarball.

Author: Patrick Matthäi
Revision Date: 2008-07-10 14:02:50 UTC

* New upstream release.
  - Bumping urgency to high, because this release fixes a local privilege
    escalation. For more informations see svn commit 1113 on the upstream
    subversion repository. This bug does not exist in the stable version.
* Removed note on a not existing file in README.Debian.
* Removed the indefinite article "an" from the short description.

Author: Joey Hess
Revision Date: 2007-12-04 13:12:15 UTC

* New upstream release:
  * Added saslauth module.
  * Add del command to autoattach.
  * Make awaynick save its settings and restore them when it is loaded again.
  * Added disconnect and connect commands to *status.
  * CTCPReply = VERSION now ignores ctcp version requests (as long as no
    client is attached). This works for every CTCP request.
  * Add -W to our default CXXFLAGS.
  * Remove save command from perform, it wasn't needed.
  * Add list command to stickychan.
  * --with-module-prefix=x now really uses x and not x/znc (Inspired by
    CNU :) ).
  * Use a dynamic select timeout (sleep until next cron runs). This should
    save some CPU time.
  * Fix NAMESX / UHNAMES, round two (multi-client breakage).
  * Module API change (without any breakage): OnLoad gets sMessage instead
    of sErrorMsg.
  * Fix a mem-leak.
  * Disable auto-rejoin on kick and add module kickrejoin.
  * Respect $CXXFLAGS env var in configure.
  * Removed some executable bits on graphiX' images.
  * Added README file and removed docs/.
  * Removed the antiidle module.
  * Fixes for GCC 4.3 (Debian bug #417793).
  * Some dead code / code duplications removed.
  * Rewrote Makefile.ins and don't strip binaries anymore by default.

Author: Joey Hess
Revision Date: 2007-05-14 13:44:45 UTC

* New upstream release.
* Patch from tbm fixing FTBFS with gcc 4.3. Closes: #417793
* Add a basic README.Debian. Closes: #411495

Author: Joey Hess
Revision Date: 2006-12-14 17:08:30 UTC

Apply patch from CVS to fix a security hole that allowed a logged-in
user to get/put any accessible file on the host running znc, rather than
only files they should be allowed to access. Closes: #403141

Author: Patrick Matthäi
Revision Date: 2009-07-24 13:46:00 UTC

* New upstream release.
  - Bump urgency to high. This release fixes an high-impact directory
    traversal buf, where unpriviliged users can save about DCC SEND files on
    the server with the rights of the znc process. The attacker could also
    use the exploit to get a shell on the server.
    Closes: #537977
  - Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as
    build-dependency.
* Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1
  changelog.
* Bump Standards-Version to 3.8.2 (no changes needed).