diff --git a/debian/changelog b/debian/changelog
index e85300d730a0f998290e239c6bf7d1469582cf20..792b53ff82961d4afaffc8c5ad238a1ca5f18990 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
+collectd (5.1.0-3+deb7u3) wheezy-security; urgency=high
+
+ * CVE-2017-7401: Fix an endless loop DoS vulnerability in parse_packet().
+ When a correct "Signature part" is received by a Collectd instance
+ configured without the AuthFile option, an endless loop occurs due to a
+ missing pointer increment to the next unprocessed part. (Closes: #859494)
+
+ -- Chris Lamb <lamby@debian.org> Tue, 04 Apr 2017 16:45:15 +0200
+
+collectd (5.1.0-3+deb7u2) wheezy-security; urgency=high
+
+ * debian/patches/bts833013-gcry-init.dpatch: Fix initialization of
+ libgcrypt: Initialize the library before using any other functions to
+ ensure that thread-safety is set up appropriately. This fixes potential
+ crashes of the network plugin and a regression introduced in
+ 5.1.0-3+deb7u1 which ultimately surfaced the issue. Thanks to Antoine
+ Sirinelli for reporting this. (Closes: #833013)
+
+ -- Sebastian Harl <tokkee@debian.org> Wed, 03 Aug 2016 22:59:23 +0200
+
+collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high
+
+ * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network
+ plugin. Emilien Gaspar has identified a heap overflow in parse_packet(),
+ the function used by the network plugin to parse incoming network packets.
+ Thanks to Florian Forster for reporting the bug in Debian.
+ (Closes: #832507, CVE-2016-6254)
+ * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of
+ gcry_control. A team of security researchers at Columbia University and
+ the University of Virginia discovered that GCrypt's gcry_control is
+ sometimes called without checking its return value for an error. This may
+ cause the program to be initialized without the desired, secure settings.
+ (Closes: #832577)
+
+ -- Sebastian Harl <tokkee@debian.org> Thu, 28 Jul 2016 20:52:12 +0200
+
+collectd (5.1.0-3) unstable; urgency=low
+
+ * debian/patches/migrate-4-5-df.dpatch, debian/collectd-core.postinst:
+ - Added patch to fix the migration of 'df' values in migrate-4-5.px;
+ thanks to 'markuskaindl' for reporting this on IRC.
+ - Pass --rrdfilter and --rrdtool parameters to migrate-4-5.px in order to
+ let the script find those binaries/scripts.
+ (Closes: #681363)
+ * debian/collectd-core.collectd.init.d:
+ - Catch disabled state in start and restart and don't exit with an error
+ status. Amongst others, this fixes an upgrade of collectd when the
+ daemon is disabled. Thanks to Florian Ernst for reporting this and
+ Evgeni Golov for providing (an early) patch (Closes: #681216).
+ - Don't use 'set -e' and 'exit 0' (at the end) in order to let return
+ statuses propagate correctly. (cf. #681216)
+
+ -- Sebastian Harl <tokkee@debian.org> Sun, 15 Jul 2012 11:17:10 +0200
+
+collectd (5.1.0-2) unstable; urgency=low
+
+ * debian/collectd-core.postinst:
+ - Don't create unused temp. directory.
+ * debian/control, debian/rules:
+ - Build depend on libmodbus-dev and enabled modbus plugin. 5.1 now
+ supports libmodbus 3; thanks to Ivo De Decker for reporting this
+ (Closes: #639796).
+ * debian/po:
+ - Updated Swedish debconf translation; thanks to Martin Bagge
+ (Closes: #677842).
+ - Added Slovak debconf translation; thanks to 'helix84'
+ (Closes: #677902).
+ - Updated Danish debconf translation; thanks to Joe Dalton
+ (Closes: #677908).
+ - Updated Czech debconf translation; thanks to Martin Šín
+ (Closes: #677949).
+ - Updated Russian debconf translation; thanks to Yuri Kozlov
+ (Closes: #678016).
+ - Updated Portuguese debconf translation; thanks to Américo Monteiro
+ (Closes: #678048).
+ - Updated Polish debconf translation; thanks to Michał Kułach
+ (Closes: #678157).
+ - Updated Galician debconf translation; thanks to Jorge Barreiro
+ (Closes: #678467).
+ - Updated French debconf translation; thanks to Steve Petruzzello
+ (Closes: #678614).
+ - Updated Spanish debconf translation; thanks to Omar Campagne
+ (Closes: #679281).
+ * debian/collectd-core.collectd.init.d:
+ - Source /lib/lsb/init-functions in order to make systemd work in
+ compatibility mode; thanks to Michael Stapelberg for reporting this
+ (Closes: #679544).
+ - Use log_* and status_of_proc functions from LSB's init functions to
+ make collectd's output look like all the other output; thanks to
+ Matthias Urlichs for pointing this out (Closes: #679355).
+
+ -- Sebastian Harl <tokkee@debian.org> Sat, 30 Jun 2012 13:27:41 +0200
+
collectd (5.1.0-1) unstable; urgency=low
* New upstream release (Closes: #630968):