ppp (2.4.7-1+2ubuntu1.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in pppd EAP-TLS implementation
    - debian/patches/CVE-2018-11574.patch: check lengths in pppd/eap.c,
      pppd/eap-tls.c.
    - CVE-2018-11574

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 12 Jun 2018 13:28:33 -0400

ppp (2.4.7-1+2ubuntu1) xenial; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/patches/load_ppp_generic_if_needed: load ppp_generic kernel
      module if needed.
    - debian/patches/ppp-2.4.6-eaptls-mppe-0.997.patch: EAP-TLS/MPPE support
      patch from Jan Just Keijser.
    - debian/control: add libssl-dev to Build-Depends for the EAP-TLS patch.
    - debian/ppp.preinst: deal with the change in LSB headers start runlevels
      of pppd-dns due to dropping our changes (which are no longer necessary
      since resolvconf is installed in most systems and has been for a while);
      this should probably be kept until the next LTS.
  * debian/ppp.symbols:
    - Update the symbols to include changes from our Ubuntu patches.

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com>  Thu, 28 Jan 2016 10:01:37 +0100

ppp (2.4.7-1+2) unstable; urgency=medium

  * Replace my email address for my debian.org address.
  * Upload to unstable.

 -- Chris Boot <bootc@debian.org>  Wed, 27 Jan 2016 08:48:40 +0000

ppp (2.4.7-1+2~exp3) experimental; urgency=medium

  * Remove obsolete conffile /etc/bash_completion.d/pon. (Closes: #807238)
  * Remove redundant full stop in pppd-dns.service systemd unit file.
    (Closes: #794348)
  * Ignore $global$ symbol which appears only on hppa.

 -- Chris Boot <bootc@debian.org>  Wed, 30 Dec 2015 18:16:20 +0000

ppp (2.4.7-1+2~exp2) experimental; urgency=medium

  * Update symbols file to ignore "private" symbols (starting with an
    underscore) which invariably come from static glibc libraries, along with
    any symbols with a "version" starting GLIBC_. These don't come from pppd
    and vary between architectures and glibc versions. Fixes FTBFS on i386 and
    x32.

 -- Chris Boot <debian@bootc.net>  Sun, 06 Dec 2015 15:43:58 +0000

ppp (2.4.7-1+2~exp1) experimental; urgency=medium

  * Enable "pie" hardening flag.
  * Add a symbols file for ppp and validate it during builds.
    - debian/patches/pppd-soname-hack.patch: add a SONAME to pppd so that
      dpkg-gensymbols will inspect it.
    - debian/rules: override dh_makeshlibs to inspect pppd and fail hard if
      the symbols change compared to the symbols file.
    - debian/ppp.symbols: symbols generated for this version of pppd (on
      amd64).
    - debian/README.source: document this unusual setup.
  * Upload to experimental.

 -- Chris Boot <debian@bootc.net>  Sat, 05 Dec 2015 13:35:51 +0000

ppp (2.4.7-1+1ubuntu1) xenial; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/patches/load_ppp_generic_if_needed: load ppp_generic kernel
      module if needed.
    - debian/patches/ppp-2.4.6-eaptls-mppe-0.997.patch: EAP-TLS/MPPE support
      patch from Jan Just Keijser.
    - debian/control: add libssl-dev to Build-Depends for the EAP-TLS patch.
    - debian/ppp.preinst: deal with the change in LSB headers start runlevels
      of pppd-dns due to dropping our changes (which are no longer necessary
      since resolvconf is installed in most systems and has been for a while);
      this should probably be kept until the next LTS.

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@canonical.com>  Thu, 07 Jan 2016 13:27:59 +0100

ppp (2.4.7-1+1) unstable; urgency=medium

  * Upload to unstable.

 -- Chris Boot <debian@bootc.net>  Fri, 04 Dec 2015 08:18:14 +0000

ppp (2.4.7-1+1~exp2) experimental; urgency=medium

  * Add a --plugin-dir option to dh_ppp that can be used to obtain the path to
    the ppp plugin directory.

 -- Chris Boot <debian@bootc.net>  Thu, 19 Nov 2015 13:59:17 +0000

ppp (2.4.7-1+1~exp1) experimental; urgency=medium

  * New upstream release.
  * Remove all of the patches cherry-picked from 2.4.7 upstream.
  * Update lintian overrides to account for changed plugin path.
  * Promote myself to the Maintainer field with Marco's approval. Move Marco
    to the Uploaders field. Thank you for many years spent maintaining this
    package!
  * Correct lintian warning maintainer-script-without-set-e in all maintainer
    scripts.
  * Switch to debhelper 9, including the command sequencer:
    - Set debian/compat to 9.
    - Bump Build-Depends on debhelper to >= 9~.
    - Rewrite debian/rules.
    - Use ppp.manpages rather than overriding dh_installman.
    - Use *.install files rather than copying files; move files around in
      debian/extra to make this clearer.
    - Use ppp.examples rather than calling dh_installexamples ourselves.
  * Remove some very old unused patches from debian/extra/PATCHES.
  * Update debian/watch (new upstream download URL) and debian/rules
    get-orig-source target.
  * Introduce ABI tracking to help packages that build plugins:
    - Introduce a new ABI version field to the package version number.
    - Document the version numbering scheme in README.source.
    - Add dh_ppp script, 'ppp' debhelper addon and /usr/share/ppp-dev/substvars
      file to help generate Depends or Breaks lines.
    - Document the debhelper tools in ppp-dev's README.Debian.
    - At build time, make sure the package's upstream version matches the
      version in pppd/patchlevel.h, and make sure there is an ABI revision in
      the package version.
  * Install pon/poff bash_completion file to
    /usr/share/bash-completion/completions.
  * Upload to experimental.

 -- Chris Boot <debian@bootc.net>  Fri, 06 Nov 2015 15:32:25 +0000

# For older changelog entries, run 'apt-get changelog ppp'