File: changelog

package info (click to toggle)
golang-github-go-ldap-ldap 2.4.1-1%2Bdeb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 316 kB
  • sloc: makefile: 30; sh: 1
file content (39 lines) | stat: -rw-r--r-- 1,468 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
golang-github-go-ldap-ldap (2.4.1-1+deb9u1) stretch; urgency=medium

  * Team upload.
  * Require explicit intention for empty password.
    This is normally used for unauthenticated bind, and
    https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends:
    "Clients SHOULD disallow an empty password input to a Name/Password
    Authentication user interface"
    This is (mostly) a cherry-pick of 95ede12 from upstream, except
    the bit in ldap_test.go, which is unrelated to the security issue.
    This fixes CVE-2017-14623. (Closes: #876404)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 29 Nov 2017 23:45:26 +0100

golang-github-go-ldap-ldap (2.4.1-1) unstable; urgency=medium

  * New upstream version.
  * Bump Standards-Version to 3.9.8.

 -- Alexandre Viau <aviau@debian.org>  Tue, 16 Aug 2016 12:19:35 -0400

golang-github-go-ldap-ldap (2.3.0-1) unstable; urgency=medium

  * New upstream version
  * Added watch file
  * Refreshed disable-internet-tests.patch
  * Replaced Vcs-Git by secure (https) url
  * Make use of XS-Go-Import-Path
  * Changed my email to @debian.org
  * Bumped Standards-Version to 3.9.7
  * New /usr/share/gocode/src/gopkg.in/ldap.v2 symlink

 -- Alexandre Viau <aviau@debian.org>  Mon, 21 Mar 2016 23:52:07 -0400

golang-github-go-ldap-ldap (0.0~git20150817.24.12f2865-1) unstable; urgency=medium

  * Initial release (Closes: #798022)

 -- Alexandre Viau <alexandre@alexandreviau.net>  Wed, 02 Sep 2015 21:13:23 -0400