lp:ubuntu/wily-proposed/yubiserver

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

16. By Chrysostomos Nanakos <email address hidden> on 2015-08-15

* Upgrade automake.
* Fix FTBFS (Closes: Bug#794706).

15. By Chrysostomos Nanakos <email address hidden> on 2015-07-01

Fix upgrade failure from 'stretch'. Thanks to Andreas Beckmann
<email address hidden> for the bug report (Closes: Bug#790646).

14. By Chrysostomos Nanakos <email address hidden> on 2015-06-29

* Fix CVE vulnerabilities:
  CVE-2015-0842 yubiserver: SQL injection issues (potential auth bypass)
  CVE-2015-0843 yubiserver: Buffer overflows due to misuse of sprintf
* Code cleanup and refactoring.

13. By Chrysostomos Nanakos <email address hidden> on 2015-06-26

* Handle -l switch correctly. Thanks to Clemens Lang
  for the bug report (Closes: Bug#781552).
* Remove unowned directory after purge. Thanks to Andreas Beckmann for
  the bug report (Closes: Bug#770535).

12. By Nanakos Chrysostomos on 2014-10-24

Fix debian/yubiserver.postint chown/chmod errors. After
renaming yubiserver.sqlite db file to yubiserver.sqlite.init
and removing the installation of the db file to /var/lib/yubiserver
directory until the first initialization, chmod and chown failed
due to the missing db file.

11. By Nanakos Chrysostomos on 2014-10-03

* Refactor code and various cleanups.
* Rename yubiserver.sqlite db file to yubiserver.sqlite.init and
  make a copy under /etc/yubiserver directory. For the first time
  yubiserver starts, check if yubiserver.sqlite db file exists
  under the predefined directory, if not then copy it.
  That way we exclude the database file when generating md5sums file
  for the package. (Closes: Bug#760715)
* Update debian/watch file to use signed upstream tarballs.

10. By Nanakos Chrysostomos on 2014-02-23

* Fix buffer overruns.
  (Closes: Bug#721754)
* Initialize libgcrypt after fork()'ing yubiserver. Avoid "Oops, secure
  memory pool already initialized" libgcrypt messages every time
  aes128ecb_decrypt() function is called.

9. By Nanakos Chrysostomos on 2013-08-05

Fixed debian/yubiserver.postrm and added debian/yubiserver.preinst
to avoid fail while upgrading from 'testing'.
Thanks to Andreas Beckmann <email address hidden> for the bug filling.
(Closes: Bug#718735)

8. By Nanakos Chrysostomos on 2013-08-03

Fixed debian/yubiserver.postrm ignore any errors from deluser.
Thanks to Andreas Beckmann <email address hidden> for the bug filling
and Kamal Mostafa <email address hidden> for the immediate re-upload
of the package. (Closes: Bug#718602)

7. By Nanakos Chrysostomos on 2013-07-26

* Bumped S-V version to 3.9.4
* Clean lintian Errors and Warnings
* Added compile,depcomp,install-sh,missing and removed old symlinks.
  Thanks to Lucas Nussbaum <email address hidden> for pointing
  this out. (Closes: Bug#713230)
* Updated debian/yubiserver.postinst
   - Moved mkdir's to yubiserver.dirs.
 - Replaced whole directory chown's to unique entries
        concerning each directory and file used by yubiserver.
* Updated debian/yubiserver.postrm
      - Split purge operation to handle the removal of yubiserver user
        and clean /var/log/yubiserver and /var/run/yubiserver dir's.
      - Removal of package only affects the deletion of /var/rub/yubiserver
        directory.
* Updated debian/init
      - Init script creates /var/run/yubiserver directory if it doesn't
        exist according to Debian Policy 9.1.4 and 9.3.2.
* Fixed Makefile.am to compile cleanly after gcc's more restrictive
  rules about explicity library ordering.
  Thanks to Kamal Mostafa <email address hidden> for the related patch.