Skip to content

Debian Changelog serendipity (1.4.1-1)

2009

serendipity (1.4.1-1) unstable; urgency=low 

   * New upstream release.
   * Checked for policy 3.8.0, add README.source, refer to central
     copy of Apache 2 licence.
   * Remove other permissions from dirs under /var, and make
     uploads dir group readable, so that upload subdirs can be
     managed. Thanks Ingo Jürgensmann (closes: #502954).
   * Add note on 'nobody@example.org' appearing in RSS feed
     (closes: #502243).
   * Override embedded-javascript-library warning, since what we
     include in the package is not duplicated code.
   * Remove PHP4-related dependencies.
   * Minor packaging cleanups.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 17 Feb 2009 00:40:23 +0100

2008

serendipity (1.3.1-1) unstable; urgency=medium 

   * New upstream release.
     + Addressess two less critical cross site scripting issues:
       CVE-2008-1385, CVE-2008-1386

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 23 Apr 2008 12:01:21 +0200

serendipity (1.3-1) unstable; urgency=high 

   * New upstream release.
     + Addresses cross site scripting in published trackback.
       CVE-2008-1476

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 18 Mar 2008 20:18:42 +0100

serendipity (1.3~b1-1) unstable; urgency=medium 

   * New upstream beta release.
   * Addresses cross site scripting between authenticated users on a multi-
     user blog (CVE-2008-0124, closes: #469667).
   * Default Apache AllowOverride setting to "All", to make URL rewriting
     without mod_rewrite work out of the box.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 10 Mar 2008 17:02:51 +0100

serendipity (1.2.1-2) unstable; urgency=low 

   * Switch from ttf-bitstream to ttf-dejavu in spamblock plugin
     (Closes: #461290).
   * Make enabling of url rewriting work from within Serendipity'
     configuration interface (Closes: #448782).
   * Switch to debhelper version 6.

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 19 Jan 2008 19:38:52 +0100

2007

serendipity (1.2.1-1) unstable; urgency=low 

   * New upstream release.
     + Fixes CVE-2007-6205: XSS through OPML RSS feeds.
   * Packaging cleanups (remove cruft, checked for new policy, ...)

 -- Thijs Kinkhorst <thijs@debian.org>  Sun, 09 Dec 2007 10:26:09 +0100

serendipity (1.2-1) unstable; urgency=low 

   * New upstream release.
   * Supports sqlite3, so enable that in dbconfig-common aswell.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 27 Aug 2007 20:45:15 +0200

serendipity (1.1.4-1) unstable; urgency=high 

   * New upstream release.
     Fixes security issue in Extended properties for entries plugin,
     relevant for users of that plugin only.
   * Add watch file.

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 08 Aug 2007 13:32:15 +0200

serendipity (1.1.3-1) unstable; urgency=high 

   * New upstream release.
   * Addresses an SQL injection through the commentMode variable.
     This only allowed disclosure of MD5 password hashes.
   * Drop some very long keys from the SQL files, since these cause
     "too long key" problems with recent MySQL versions
     (Closes: #425380).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 19 Jun 2007 14:25:30 +0200

serendipity (1.1.2-1) unstable; urgency=low 

   * New upstream release.
   * Improves SQL error handling to address non-issue CVE-2007-1326.
   * Add symlink to SQL schemata under /usr/share/doc/serendipity.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 10 Apr 2007 16:12:08 +0200

2006

serendipity (1.0.4-1) unstable; urgency=medium 

   * New upstream bugfix release.
     - Addresses security problem in unsupported configuration, however,
       uploading with medium priority to protect even those with unwise
       settings (CVE-2006-6242, closes: 401614).
   * In default apache.conf, DirectoryMatch should be Directory.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 28 Nov 2006 13:45:42 +0100

serendipity (1.0.3-4) unstable; urgency=low 

   * Add note to README.Debian about register_globals and it needing
     to be off.
   * Enclose php_flag statements in apache.conf in <IfModule>s.
   * Correct serendipity_config_local.php for PostgreSQL when setting
     a port number. Document that Serendipity does not currently support
     running with a PostgreSQL on a non-default port number.

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 22 Nov 2006 21:20:28 +0100

serendipity (1.0.3-3) unstable; urgency=medium 

   * Properly support a remote database with dbconfig-common,
     thanks Ingo Jürgensmann (Closes: 397884).

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 10 Nov 2006 15:23:52 +0100

serendipity (1.0.3-2) unstable; urgency=low 

   * Got permission from upstream to free the "36 days ago" and "Chumbly"
     fonts; reincluding them in the package.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 7 Nov 2006 17:17:12 +0100

serendipity (1.0.3-1) unstable; urgency=low 

   * New upstream bugfix release.
   * Replace bundled CheckIP.php with link to Debian packaged one.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 7 Nov 2006 13:50:13 +0100

serendipity (1.0.2-1) unstable; urgency=medium 

   * Medium urgency upload for low-risk security issue.
   * New upstream bugfix release.
     - Fix a security issue with XSS on the admin backend for registered
       authors.

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 18 Oct 2006 15:59:29 +0200

serendipity (1.0.1-5) unstable; urgency=low 

   * Change default SQL data to have the Serendipity location match the
     location as specified in apache.conf.

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 27 Sep 2006 13:35:26 +0200

serendipity (1.0.1-4) unstable; urgency=high 

   * Also fix config script to be able to run when dbconfig-common is not
     present anymore (Closes: #388234).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 19 Sep 2006 12:42:48 +0200

serendipity (1.0.1-3) unstable; urgency=low 

   * Support sqlite as database type; add dependency on dbconfig-common >=
     1.8.20 to that effect, include a schema and update the scripts.
   * Fix postrm script to be able to purge when dbconfig-common is not
     present anymore.

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 19 Aug 2006 19:05:47 +0200

serendipity (1.0.1-2) unstable; urgency=low 

   * Add README.Debian with a 'getting started' section (Closes: #383538).
   * Change apache.conf default alias from /s9y to /serendipity as per Debian
     webapps policy.
   * Change php_value to php_flag in example apache.conf.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 18 Aug 2006 17:51:05 +0200

serendipity (1.0.1-1) unstable; urgency=low 

   * New upstream release.
   * Depends on pqsql-client should be postgresql-client.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 14 Aug 2006 20:31:23 +0200

serendipity (1.0-2) unstable; urgency=low 

   * Fix templates to not include the comment count in the RSS, this causes
     duplicates on aggregators like Planet. Via John Goerzen's blog.
   * Add fix for RFC2616 compliance (from Serendipity 1.1), since Planet
     requires this. It will be configurable in the next upstream release.
   * Replace Net/Socket.php and Net/URL.php with their packaged variants.
   * Some minor packaging cleanups.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 7 Aug 2006 15:28:01 +0200

serendipity (1.0-1) unstable; urgency=low 

   * Initial release (Closes: #312413).
   * Repackaged upstream tarball to remove two non-free fonts.

 -- Thijs Kinkhorst <thijs@debian.org>  Sun, 6 Aug 2006 22:05:54 +0200

Generated Tue Feb 17 04:39:08 2009 UTC by Parse::DebianChangelog (v1.1.1)
Contact debian-www@lists.debian.org in case of problems.