radsecproxy (1.6.8-1) unstable; urgency=medium

  * New upstream release.
  * Build against OpenSSL 1.0, as 1.6 series isn't compatible with OpenSSL 1.1.
    (Closes: #828527)
  * Bump Standards-Version to 3.9.8, no changes needed.
  * Depend on lsb-base for /lib/lsb/init-functions.
  * Add hardening build flags (hardening=+all).

 -- Faidon Liambotis <paravoid@debian.org>  Fri, 16 Dec 2016 15:59:31 +0200

radsecproxy (1.6.7-1) unstable; urgency=medium

  * New upstream release.
  * Point Homepage and debian/watch to the new website.
  * Bump Standards-Version to 3.9.7, no changes needed.

 -- Faidon Liambotis <paravoid@debian.org>  Wed, 23 Mar 2016 02:02:13 +0200

radsecproxy (1.6.5-1) unstable; urgency=medium

  * New upstream release. 
  * Bump Standards-Version to 3.9.6.
  * Verify upstream's GPG signatures; add debian/upstream/signing-key.asc and
    modify debian/watch accordingly.
  * Minor adjustment to the long description. (Closes: #542454)
  * Add --retry to --stop to fix spurious restart issue. Thanks to Michael
    Vogt for the fix. (Closes: #711313)
  * Add build dependency on dh-autoreconf and autoreconf during build time, as
    it helps when adding new architectures to the archive. (Closes: #727952,
    #744500)
  * Add systemd unit file, along with the corresponding dh-systemd
    integration.
  * Switch pid file from /var/run to /run on both init script & systemd unit.
  * Rewrite debian/copyright to the machine-parseable format. 

 -- Faidon Liambotis <paravoid@debian.org>  Wed, 22 Oct 2014 23:50:56 +0300

radsecproxy (1.6.2-1) unstable; urgency=high

  * Urgency set to high for a security release.
  * New upstream release, fixing two security issues:
    - When verifying clients, don't consider config blocks with CA settings
      ('tls') which differ from the one used for verifying the certificate
      chain (RADSECPROXY-43, CVE-2012-4523). Reported by Ralf Paffrath.
    - Fix the issue with verification of clients when using multiple 'tls'
      config blocks for DTLS too (RADSECPROXY-43, CVE-2012-4566). Reported by
      Raphael Geissert.
  * Drop most of debian/patches/fix_manpages, merged upstream.

 -- Faidon Liambotis <paravoid@debian.org>  Tue, 06 Nov 2012 12:56:27 +0200

radsecproxy (1.6-1) unstable; urgency=low

  * New upstream release.
  * Enable F-Ticks, a new upstream feature.
    - Add build dependency on nettle-dev.
  * Ship upstream's manpages.
    - Add build dependency on docbook2x.
    - Add debian/patches/fix_manpages to adapt the manpage to our filepaths.
  * Ship the radsecproxy-hash binary, used to calculate hashed CSI values.
  * Use unapply-patches & abort-on-upstream-changes local-options.
  * Bump debhelper compat to 9, mainly to enable hardening flags.
  * Bump Standards-Version to 3.9.3, no changes needed. 
  * Add NORDUnet A/S copyright notice to debian/copyright.

 -- Faidon Liambotis <paravoid@debian.org>  Mon, 28 May 2012 15:56:52 +0300

radsecproxy (1.5-1) unstable; urgency=low

  * New upstream release.

 -- Faidon Liambotis <paravoid@debian.org>  Wed, 16 Nov 2011 20:49:19 +0200

radsecproxy (1.4.3-1) unstable; urgency=low

  * New upstream release. 
  * Change upstream author to Linus Nordberg in debian/copyright. 
  * Switch to 3.0 (quilt) source package format. 
  * Bump debhelper compatibility level to 8.
  * Update Standards-Version to 3.9.2, no changes needed.

 -- Faidon Liambotis <paravoid@debian.org>  Fri, 22 Jul 2011 20:04:47 +0300

radsecproxy (1.4-1) unstable; urgency=low

  * New upstream release.
  * Add $remote_fs and $syslog to init script's Required-Start and $named to
    Should-Start.
  * Ship naptr-eduroam.sh script along with the README in examples.

 -- Faidon Liambotis <paravoid@debian.org>  Sat, 12 Jun 2010 18:30:04 +0300

radsecproxy (1.3.1-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version to 3.8.2, no changed needed. 
  * Build-Depend on debhelper >= 7.0.50 because of the use of overrides in dh. 

 -- Faidon Liambotis <paravoid@debian.org>  Wed, 05 Aug 2009 12:49:20 +0300

radsecproxy (1.3-1) unstable; urgency=low

  * Initial release. (Closes: #532481)

 -- Faidon Liambotis <paravoid@debian.org>  Tue, 16 Jun 2009 05:13:48 +0300
