nagios-nrpe (2.15-1ubuntu1.1) xenial; urgency=medium

  * debian/rules : Add "--enable-command-args". (LP: #1555258)
    This update enables the command-args support in nrpe 
    by not ignoring option "dont_blame_nrpe=1". By default, 
    the option is set as follow : "dont_blame_nrpe=0", which 
    has the same effect of having the command-args support 
    disabled at compile time like Debian does. Ubuntu has decided 
    to deviate from Debian upstream for that particular case to 
    allow/unblock the Ubuntu users of nrpe to make the choice for 
    themselves whether to accept the security risks that the feature 
    involve by manually enabling command-args in nrpe.cfg or not. 
    For more details as of why Debian has decided to disable the 
    feature can be found in debian/NEWS. (closes: #756479)

  * [5bf9b20] Add 10_remote_execution_exploit_fix.dpatch patch (LP: #1555258)
    As requested by the security team.

 -- Eric Desrochers <eric.desrochers@canonical.com>  Tue, 02 May 2017 14:21:47 -0400

nagios-nrpe (2.15-1ubuntu1) utopic; urgency=low

  [ Liam Young ]
  LP: #1348142
  * Merge from Debian unstable (2.15-1). Remaining changes:
    - debian/{rules,control}: Add hardening-includes to gain PIE security
      builds.
  * Changes gained from Debian:
    - 01_nodevrandom-and-docoptions.dpatch: Patch dropped. Debian are
      no longer carrying this patch and it does not seem to be needed.
      'l' is now listed as a doc option and it seems that using urandom
      for seeding srand is unlikely to realistically exhaust a machines
      entropy as was mentioned in Debian Bug #333552.
    - debian/patches/00list: 04_weird_output.dpatch dropped
    - debian/patches/05_pid_privileges.dpatch: Patch now matches debian
    - debian/patches/09_noremove_pid.dpatch: Patch now matches debian

 -- Liam Young <liam.young@canonical.com>  Thu, 24 Jul 2014 12:39:39 +0100

nagios-nrpe (2.15-1) unstable; urgency=high

  * [f2cea9f] Imported Upstream version 2.15
  * [023e909] Disable command-args in nrpe. (Closes: #745272)
  * [6369220] Use restorecon to set SE Linux context on $PIDDIR
    (Closes: #679241)
  * [a484e7d] Switch order of nagios-plugins recommends to prefer -basic.
    (Closes: #752243)
  * [b1ef043] Don't recommend a core implementation for the plugin
  * [16dbf01] Remove obsolete patch
  * [694b804] Remove luk from uploaders. (Closes: #719636)
  * [28d9004] Remove obsolete patch
  * [86ea67e] 08_CVE-2013-1362.dpatch is now obsolete
  * [74e3b07] Refresh patches
  * [1258ab2] Reword NEWS entry
  * [744eec6] configure is buggy: --disable- in fact enables a feautre.
  * [eec54b6] Adjust README.Debian for the removal or argument processing

 -- Alexander Wirt <formorer@debian.org>  Tue, 15 Jul 2014 18:30:36 +0200

nagios-nrpe (2.15-0ubuntu1) trusty; urgency=medium

  * New upstream release (2.15).
  * Updated patches:
    - 01_nodevrandom-and-docoptions.dpatch
    - 04_weird_output.dpatch
    - 05_pid_privileges.dpatch
    - 09_noremove_pid.dpatch
  * Dropped patches (upstream):
    - 08_CVE-2013-1362.dpatch

 -- Stéphane Graber <stgraber@ubuntu.com>  Mon, 13 Jan 2014 11:34:11 -0500

nagios-nrpe (2.13-4) unstable; urgency=low

  * [dcffec6] Do not remove the PID file after a connection error.
    Original patch from Hiren Patel. (Closes: #716949)

 -- Bernd Zeimetz <bzed@debian.org>  Mon, 15 Jul 2013 16:07:54 +0200

nagios-nrpe (2.13-3.1ubuntu1) trusty; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/{rules,control}: Add hardening-includes to gain PIE security
      builds.
    - debian/rules: Use dpkg-buildflags.

 -- Michael Terry <mterry@ubuntu.com>  Tue, 29 Oct 2013 09:14:34 -0700

nagios-nrpe (2.13-3.1) unstable; urgency=low

  [ Ivo De Decker ]
  * Non-maintainer upload.
  * Remove Luk Claes from uploaders (Closes: #719636)

  [ KURASHIKI Satoru ]
  * debian/patches/09_noremove_pid.dpatch:
    - Do not remove the PID file after a connection error
      (original patch from Hiren Patel). (Closes: #716949)

 -- Ivo De Decker <ivo.dedecker@ugent.be>  Sat, 05 Oct 2013 20:23:24 +0200

nagios-nrpe (2.13-3ubuntu2) saucy; urgency=low

  * debian/patches/09_noremove_pid.dpatch:
    - Do not remove the PID file after a connection error
      (original patch from Hiren Patel). (LP: #1126890)

 -- Michael Terry <mterry@ubuntu.com>  Fri, 24 May 2013 17:01:05 -0400

nagios-nrpe (2.13-3ubuntu1) saucy; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/{rules,control}: Add hardening-includes to gain PIE security
      builds.
    - debian/rules: Use dpkg-buildflags.

 -- Michael Terry <mterry@ubuntu.com>  Tue, 30 Apr 2013 09:24:13 -0700

nagios-nrpe (2.13-3) unstable; urgency=high

  * [e55afd1] Add 08_CVE-2013-1362.dpatch patch.
    If command arguments are enabled in the NRPE configuration, it was
    possible to pass $() as arguments as the checking for nasty caracters
    was not strict enough to catch $(). This allowed executing shell
    commands under a subprocess and pass the output as a parameter to the
    called script (if run under bash). CVE-2013-1362 (Closes: #701227)

 -- Alexander Wirt <formorer@debian.org>  Sat, 09 Mar 2013 08:42:05 +0100

# For older changelog entries, run 'apt-get changelog nagios-nrpe-plugin'