File: changelog

package info (click to toggle)
cpm 0.32-1.6
links: PTS, VCS
area: main
in suites: sid, trixie
size: 1,644 kB
sloc: ansic: 7,380; makefile: 509; perl: 406; sh: 303
file content (533 lines) | stat: -rw-r--r-- 21,544 bytes
parent folder | download | duplicates (5)
cpm (0.32-1) unstable; urgency=medium

  * Allow annotated keys
  * Show key fingerprint on key error
  * Bugfix, parsing certain kernel releases prevented memlock
  * Closes Debian #720891, "Cannot drop root privileges" on jessie/i386

 -- Kacper Wysocki <kwy@redpill-linpro.como>  Thu, 2 Oct 2014 11:14:39 +0100

cpm (0.31-1) unstable; urgency=medium

  * More descriptive key error messages.
  * Added ^K Keys to status line
  * Imported upstream release 0.31

 -- Stig Sandbeck Mathisen <ssm@debian.org>  Tue, 11 Mar 2014 19:38:36 +0100

cpm (0.30-1) unstable; urgency=medium

  * Imported upstream release 0.30
  * fix for kfreebsd/sparc PT_ATTACH
  * [5b1b6c3] Add "multiuser" documentation

 -- Stig Sandbeck Mathisen <ssm@debian.org>  Fri, 14 Feb 2014 10:35:17 +0100

cpm (0.29-1) unstable; urgency=medium

  * Imported upstream release 0.29
  * clear screen before init-screen, closes Debian #720892
  * improve kernel-release detection
  * don't shoot the parent, closes Ubuntu #1299229, failed to start cpm
  * [0bf769c] Enable parallel building
  * [4ed615d] Bump standards version (no changes)
  * [7ab4ba5] Use dh-autoreconf when building
  * [05230c4] Build with hardening flags

 -- Stig Sandbeck Mathisen <ssm@debian.org>  Wed, 12 Feb 2014 19:23:56 +0100

cpm (0.28-1) unstable; urgency=low

  * New upstream release
  * OSX/Darwin support
  * FreeBSD support
  * code cleanup

 -- Stig Sandbeck Mathisen <ssm@debian.org>  Tue, 14 May 2013 16:31:20 +0200

cpm (0.26-1) unstable; urgency=low

  [ Kacper Wysocki (Redpill-Linpro) ]
  * Support SHA256, SHA384 and SHA512 (Closes: #626783)
  * Bugfix for conversion failure.

  [ Stig Sandbeck Mathisen ]
  * Revert upstream l10n metadata change committed to the debian branch
  * Bump Standards-Version (no changes)

 -- Stig Sandbeck Mathisen <ssm@debian.org>  Fri, 10 Jun 2011 15:45:32 +0200
cpm (0.26) unstable; urgency=medium
  * support SHA256, SHA384 and SHA512 hashing algorithms
  * conversion failed for empty string

 -- Kacper Wysocki <kwy@redpill-linpro.com>  Mon, 16 May 2011 13:48:41 +0100

cpm (0.25) unstable; urgency=medium
  * depends properly on libxml2-utils for import script
  * check cracklib dictionary on runtime
  * adopted orphaned package
  * support RSA keys
  * Usability:
    + reset the terminal when quitting
    + update dialog when adding/deleting encryption keys
    + max compression
    + provide create-cpmdb
  * Bugs:
    + fix statusbar by using CDK5 define
    + Multiple-key management fixes
    + bump version and grab ownership
    + bugfix: missing arg to creat
    + fix gettext on install
    + handle manpages sanely
    + better key error handling

 -- Kacper Wysocki <kwy@redpill-linpro.com>  Wed Jan 12 17:14:27 2011 +0100

cpm (0.25beta) unstable; urgency=medium
  * Security
    + The result of the cleanenv() call was not used for further error
      processing. Now this will be done.
    + Fix the stdin/stdout/stderr sanity check at startup so /dev/null is
      no longer necessary
      (patch provided by Lubomir Rintel <lkundrak@v3.sk>)
  * Bugs
    + ncursesw now is preferred over ncurses so the special characters for
      boxes now work again. Thanks to Thomas E. Dickey for support.
    + Correctly destroy the window when CTRL+C is pressed
      (patch provided by Marek Mahut <mmahut@fedoraproject.org>)
    + Modified install part in the Makefile so it should now work with
      none-GNU install tools.
      (patch provided by June Tate-Gans <mondoshawan@users.sourceforge.net>)
    + Under certain circumstances guiDialogAddNode() did not show an empty
      inputbox but the currently selected node instead. Now the inputbox is
      always empty.
    + Fixed wrong names of parameters in configure. The displayed variables
      mostly had the -dir prefix, the configured switches were missing those
      prefixes.
    + Added a call to EarlyExitOf() to fix keyhandling problems in CDK5.
  * General
    + Added commandline switch --environment to list the environemt after
      cleanup. This is mostly for debugging.
    + Added commandline switch --debuglevel with a numeric value between
      0 (off) to 99 (maximum debug information). This is for development
      reasons and bug tracking issues only and must be enabled at
      compiletime using the CFLAG -DTRACE_DEBUG
    + Added NCURSES_NO_UTF8_ACS to the list of permitted environment variables
      which get passed into the applications environment
    + Added distclean make target.
      (patch provided by Thomas E. Dickey <dickey@his.com>)
    + Renamed all configure options which require a path argument to
      --xxx-dir, e.g. --with-curses to -with-curses-dir
    + Added configure options --with-curses, --with-ncurses, --with-ncursesw
      and --with-pdcurses to choose the used curses library
    + Fixed method to determine the number of elements in the CDK
      alphalist widget so it's compatible with CDK4 and CDK5.
    + Added a guessing method to configure to find the dictionaries for
      cracklib without any further commandline argument.
    + Added support for Solaris 10 (x86)

 -- Harry Brueckner <harry_b@mm.st>  Mon,  9 Mar 2009 10:23:35 +0100

cpm (0.24beta) unstable; urgency=low
  * Note
    + This release was never published.
  * Security
    + In case the current locked memory limit is too low, cpm now tries to
      raise the limit to the maximum value.
      (by Kurt Neufeld <kneufeld@burgundywall.com>)
  * CLI
    + Fixed the wrapper script so it now can handle systemwide DatabaseFile
      definitions in resource files.
      (by Carl Cravens <ravenx99@users.sourceforge.net>.
  * General
    + Added support of a symlink named "cpmv" which automatically switches
      to read-only mode.
    + Fixed a bug in the key handling part where a key was double-encoded
      for a check, which caused keys containing umlauts or other special
      characters to cause problems.

 -- Harry Brueckner <harry_b@mm.st>  Tue, 21 May 2007 18:55:18 +0100

cpm (0.23beta) unstable; urgency=medium
  * Bugs
    + The check for the availability of a secure key failed if the used
      key had a comment.
  * GUI
    + The statusline now reflects the correct ESC command which now switches
      from 'Exit' to 'Back' on deeper levels.
    + Modified the CDK support so it now runs with the current version 5 of
      this library. It's still not usable because of some bugs in CDK.
  * General
    + Finally the Debian repository is signed. For this, some scripts were
      modified.
    + Added some more search patterns to the default rc-file.
    + Modified the default password alphabet for automatically created
      passwords.

 -- Harry Brueckner <harry_b@mm.st>  Wed, 12 Jul 2006 19:13:18 +0100

cpm (0.22beta) unstable; urgency=medium
  * Bugs
    + Fixed bug #1457707 where a new comment caused a segmentation fault when
      the comment was left empty.
    + Fixed bug #1458208 where CTRL+E caused a weird string to show up at
      certain occasions. The list control was not checked correctly for the
      available number of entries.
  * GUI
    + Added a dialog to ask the user if the lockfile should be removed in case
      it exists on program startup.

 -- Harry Brueckner <harry_b@mm.st>  Sun, 26 Mar 2006 16:01:57 +0100

cpm (0.21beta) unstable; urgency=low

  * Bugs
    + Fixed bug #1437432 which created a lockfile even if cpm was started
      with the --readonly option.
  * GUI
    + GPGME 1.1 is now supported and the binary directly encrypts the
      datafile for the same recipients as it was encrypted before; the
      wrapper script is no longer necessary.

 -- Harry Brueckner <harry_b@mm.st>  Fri, 24 Feb 2006 17:32:23 +0100

cpm (0.20beta) unstable; urgency=medium

  * Bugs
    + Fixed bug #1370314 which didn't allow @ characters in strings during the
      security checks.
  * GUI
    + The configuration option 'TemplateLock' now can be used so it's no longer
      possible to extend the tree structure with unknwon nodes. If set to 'no'
      the behaviour is like it has been before.
    + If no encryption key has been specified, the user is now asked if he
      wants to quit without saving.
  * General
    + Fixed CLI search 3 check so the regex error message test is ignored;
      it's enough to verify that there is an error, not which error exactly
      since the message has been changed between versions
    + Fixed bug in the configure script which did not examine the cdk.h file
      properly and also added a check for the version of GPGME
    + Modified the apt repository on the server to be able to hold repositories
      for several Debian versions
    + Added Debian package for Debian Sarge.

 -- Harry Brueckner <harry_b@mm.st>  Sat,  1 Dec 2005 09:26:44 +0100

cpm (0.19beta) unstable; urgency=low

  * Bugs
    + Fixed wrong encoding of the user identity which was extracted from the
      GPG realm
    + Wrong max. memory limits were not reported correctly since the
      application run out of memory before it could report it; now memory does
      not get locked if not enough memory is available
  * General
    + Switched from CVS to darcs
    + Added UTF-8 encoding check during program startup

 -- Harry Brueckner <harry_b@mm.st>  Mon, 26 Sep 2005 19:38:56 +0100

cpm (0.18beta) unstable; urgency=low

  * Bugs
    + Fixed a bug in the configure script where --with-xml2 did not work like
      it was expected
    + Datafiles with size 0 now create an error and no segmentation fault
  * General
    + Added check to the configure script so CDK versions >4.9.10 can no longer
      be used since these versions can not handle empty lists properly
    + The default gpg key is no longer used to sign the database files;
      instead all keys which are used for encryption and have the ability to
      be used for signing are used

 -- Harry Brueckner <harry_b@mm.st>  Fri, 16 Sep 2005 19:00:47 +0100

cpm (0.17beta) unstable; urgency=low

  * Bugs
    + Some versions of CDK could not be used for compilation; the --with-cdk-v4
      option fixes those problems (e.g. with CDK version 4.9.10)
    + Added a warning to the Gentoo ebuild

 -- Harry Brueckner <harry_b@mm.st>  Fri,  2 Sep 2005 17:25:23 +0100

cpm (0.16beta) unstable; urgency=medium

  * Bugs
    + Fixed bug in the environment variable check where GPG_AGENT_INFO needs
      the ':' character
  * CLI
    + Duplicate search results are no longer displayed. The output list is
      made unique and the entries are alphabetically sorted.
  * GUI
    + The GUI now compiles with later CDK versions as well (highest tested
      version is 5.0-20050424)
  * General
    + Added check for the 'max locked memory' setting in the security checks;
      the behaviour can be controlled by the configure option --with-memlock
    + Makefile cleanup to cleanup temorary files of the check process

 -- Harry Brueckner <harry_b@mm.st>  Sun, 28 Aug 2005 20:37:54 +0100

cpm (0.15beta) unstable; urgency=low

  * Bugs
    + Bug #1235984 has been fixed
    + Bug #1235987 has been fixed
  * CLI
    + Added regular expression search
  * GUI
    + Resizing of the terminal does not trigger any weird keys anymore
    + The info panel uses the full screen width
    + Fixed invalid display of umlauts in GPG keys
  * General
    + added a gettext check to verify if the locale for de_DE is installed;
      otherwise the gettext check would fail one step later

 -- Harry Brueckner <harry_b@mm.st>  Sun,  7 Aug 2005 21:54:28 +0100

cpm (0.14beta) unstable; urgency=medium

  * CLI
    + Added an additional test for the CLI search
  * GUI
    + If you go deeper than password level, the password is not listed in the
      headline area of the GUI
    + In the comment field, manual line breaks are possible by specifying \n
      in the editor
    + When a comment is empty, the node in the XML document is removed
    + The screen now gets properly refreshed when popup windows close
    + Special entity characters like & did not get encoded properly in the
      comment field
  * General
    + Added a xmllint call to the import process so the created XML code gets
      generally validated
    + Added configure option --without-crack-lib to not use the library; this
      way cpm can be compiled on sytems without that library
    + Added missing zlib dependency to the Debian package.
    + Moved the import tools to a new directory in /usr/share/cpm with the
      proper permissions

 -- Harry Brueckner <harry_b@mm.st>  Thu, 22 Jul 2005 14:30:14 +0100

cpm (0.13beta) unstable; urgency=medium

  * Bugs
    + Fixed short options in the wrapper script
    + Fixed memory leak when file was written in --noencrypt mode (this had
      absolutely no effect on encrypted files)
    + Fixed problems with the encoding of special characters, encoding should
      now be properly implemented
  * General
    + man page slightly modified
    + renamed the import script cvs2cpm.pl to the correct name csv2cpm.pl

 -- Harry Brueckner <harry_b@mm.st>  Sun,  3 Jul 2005 12:21:47 +0100

cpm (0.12beta) unstable; urgency=low

  * Bugs
    + Short options which don't take an argument did not get recognized
      correctly
    + The save dialog did get displayed even when the file was opened in
      read-only mode
    + Fixed a memory leak in the CLI search routine which was the reason that
      the search did not find matches
  * General
    + Added GPG signatures of the tar.gz and tar.bz2 files to the website

 -- Harry Brueckner <harry_b@mm.st>  Wed, 15 Jun 2005 09:09:14 +0100

cpm (0.11beta) unstable; urgency=low

  * Bugs
    + Fixed bug with the help screen; pressing CTRL+H caused a core dump due to
      the new and improved guiDialogOk() function which can reformat long lines
  * General
    + man page for cpm added

 -- Harry Brueckner <harry_b@mm.st>  Tue,  7 Jun 2005 15:11:34 +0100

cpm (0.10beta) unstable; urgency=high

  * Bugs
    + Fixed a bug in the de- and encryption function which might cause large
      files to get garbled
    + Fixed core dump when a none-validatable document was read; the program
      didn't terminate properly in this case
  * General
    + Added a much better encryption test - which caused the now fixed bugs
      to show up

 -- Harry Brueckner <harry_b@mm.st>  Fri,  3 Jun 2005 09:30:56 +0100

cpm (0.9beta) unstable; urgency=medium

  * Bugs
    + Fixed outdated calls to tail where '+n' was used instead of '--lines=+n'
  * General
    + Added several security checks to prevent core dumps, swapping of the
      application's memory, ptracing and environment variable checks
    + Added zlib compression support so the XML data inside the encrypted file
      is compressed and 'known plaintext' attacks against the encrypted
      database are harder to mount
    + Added filelocking mechanism so multiple users can not overwrite each
      other's data (when more than one user opens a file, only the first one
      gets writepermissions)
    + Signal handlers for SIGINT and SIGTERM remove the lockfile, if it exists
    + Added several more tests for the 'make check' run, to provide a more
      secure package creation process
    + Added a check during package creation using flawfinder; code has been
      cleaned up to match the checks
    + Added --readonly commandline option
    + Modified version check so it now properly handles the difference between
      version 0.1, 0.2 and 0.10.
    + Internal code and configuration/runtime information cleanup
    + Fixed dependency in the Gentoo ebuild file

 -- Harry Brueckner <harry_b@mm.st>  Tue, 31 May 2005 10:29:07 +0100

cpm (0.8beta) unstable; urgency=medium

  * Bugs
    + Fixed a bug in the fileExists() function which did not check the
      requested filename
  * General
    + Added Gentoo ebuild file (by Marc Jauvin <marc@r4l.com>)
    + Fixed the Makefile so it should now work with the Gentoo ebuild process
      (patch provided by Marc Jauvin <marc@r4l.com>)
    + Added backup files when data is saved; this feature can be configured by
      the resource directive 'CreateBackup'.
    + Added a general import interface so it should be easy to add new formats
    + Added a conversion tool for Password Safe
      (http://passwordsafe.sourceforge.net/)
    + Created files now get their permissions fixed right after they are
      created; this should be safer than after closing the file
    + File status are checked on filehandles where possible; this should make
      it harder to trick the code
  * GUI
    + Set the default colors to transparent so the GUI also looks nice on
      transparent terminals

 -- Harry Brueckner <harry_b@mm.st>  Fri, 13 May 2005 19:47:21 +0100

cpm (0.7beta) unstable; urgency=low

  * Bugs
    + The source did not compile on Gentoo Linux. configure failed on the
      library checks due to the wrong order of the library checks. This issue
      was fixed with the help of Christopher Hesse <christopher.hesse@case.edu>.
  * General
    + A DTD has been added and the data files are now verified against
      this DTD with each program start
    + configure now also knows the parameter --with-crack-dict to specify the
      path to the cracklib dictionary files

 -- Harry Brueckner <harry_b@mm.st>  Wed, 11 May 2005 14:53:32 +0100

cpm (0.6beta) unstable; urgency=low

  * Bugs
    + Fixed a core dump if an unsigned file was used during the decryption
  * CLI
    + Added the --key option.
    + Added automatic addition of the used encryption key to the default keys
  * GUI
    + Added a key listing to the save data dialog so the user now sees the
      used keys before encrypting the message
    + Added a warning if none of the users secret keys is used to encrypt the
      database
    + During the creation of random passwords a dialog is displayed, which
      explains how to create entropy in case /dev/random runs out of
      numbers
    + Added a more descriptive error message for hash and validity error
      messages (gpgme)
  * General
    + Added a wrapper script so gpg can now be used to find the recipients of
      the database file and this information is passed on to CPM via the new
      --key option
    + Added the wrapper script to the installation

 -- Harry Brueckner <harry_b@mm.st>  Tue, 26 Apr 2005 10:00:35 +0100

cpm (0.5beta) unstable; urgency=low

  * Bugs
    + Fixed severe bug in the tar archive which made it impossible to compile
      the source. control.in and the gettext files were missing; check added
      so this won't happen again
    + Fixed missing resource file parsing for flag 'CrackLibCheck' which
      was already in the example resource file but nut yet supported
  * GUI
    + Added <CTRL><W> to save the database
    + Added a statusline
  * General
    + Added the --configtest option and added a check to the package
      preparation to check the current example configuration

 -- Harry Brueckner <harry_b@mm.st>  Thu, 21 Apr 2005 20:15:55 +0100

cpm (0.4beta) unstable; urgency=low

  * Bugs
    + fixed wrong autoconf setup; config.h.in wasn't updated properly
    + fixed check procedure which now stops when an error occurs
  * General
    + Added usage of cracklib
    + Added cracklib check to the password generation function
    + Added configuration of which templates are used as passwords
    + Added cracklib support to check password templates via cracklib for
      secure passwords
    + Added gettext support
    + Added first German translation data
    + Added gettext check for the check make target
    + Added check for maximum argument length on the commandline, the resource
      file and all user input

 -- Harry Brueckner <harry_b@mm.st>  Wed, 20 Apr 2005 16:43:12 +0100

cpm (0.3beta) unstable; urgency=medium

  * Bugs
    + Fixed SIGSEG when options like --file were passed to the binary
      without handing over a filename
    + Fixed wrong error message which assumed the file as read-only when
      the GID of the file was in a supplemental group.
    + Removed the creation of backup files since this is not possible if the
      file is not owned by the current user.
  * General
    + Moved some functions into a general function collection file.
  * GUI
    + Fixed the commands edit, delete and comment to behave like the
      navigation; only the highlighted entry is used now
    + I hopefully fixed a little problem which occures when slow connections
      are used. The draw functions of CDK are hopefully a little faster now.
  * Migration of PMS
    + Added a little script to migrate from PMS
    + Dennis Pries <eisbaer82@users.sourceforge.net> agreed that I take
      over his project PMS (hosted at
      http://sourceforge.net/projects/passwordms/) since he no longer has
      the time to maintain it.
      We both agreed that CPM will be the official followup of PMS.

 -- Harry Brueckner <harry_b@mm.st>  Tue, 19 Apr 2005 10:40:12 +0100

cpm (0.2eta) unstable; urgency=low

  * GUI
    + Moved the stderr error messages on program startup (in GUI mode) into
      dialog boxes.
    + The headline of the navigation list now shows your current 'location'
      and the data path you are currently in.
    + Modified the selection of a node to descend into the tree. Now the
      highlighted entry is used and it's not tried to add a new node.

 -- Harry Brueckner <harry_b@mm.st>  Fri, 15 Apr 2005 09:04:44 +0100

cpm (0.1beta) unstable; urgency=low

  * Initial Release.

 -- Harry Brueckner <harry_b@mm.st>  Thu, 14 Apr 2005 09:52:12 +0100