cfrpki (1.4.2-1~deb11u1) bullseye-security; urgency=high

  * Rebuild for bullseye-security. Fixes:
    - Certificate chain loop.
    - RRDP Gzip bomb (CVE-2021-43174 CVE-2021-3912).
    - RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
    - ROA with ASCII NUL char (CVE-2021-3910).
    - Malformed ROAs (CVE-2021-3911).
    - Repo contains 100GB of trash.
    - Dot-dot-slash path traversal (CVE-2021-3907).
    - Improper preservation of permissions (CVE-2021-3978).

 -- Marco d'Itri <md@linux.it>  Sun, 26 Dec 2021 14:38:26 +0100

cfrpki (1.4.2-1) unstable; urgency=medium

  * New upstream release.

 -- Marco d'Itri <md@linux.it>  Sun, 28 Nov 2021 00:42:04 +0100

cfrpki (1.4.0-1) unstable; urgency=high

  * New upstream release.

 -- Marco d'Itri <md@linux.it>  Wed, 10 Nov 2021 23:02:55 +0100

cfrpki (1.3.0-1) unstable; urgency=medium

  * New upstream release. Fixes:
    + Prevent ROA issuers from making cfrpki emit an invalid VRP
      "MaxLength" value, hence causing RTR sessions to terminate.
      (CVE-2021-3761, Closes: #994572)

 -- Marco d'Itri <md@linux.it>  Sat, 18 Sep 2021 23:59:55 +0200

cfrpki (1.2.2-1) unstable; urgency=medium

  * New upstream release.

 -- Marco d'Itri <md@linux.it>  Sun, 10 Jan 2021 00:38:17 +0100

cfrpki (1.1.4-3) unstable; urgency=medium

  * Re-upload to unstable.

 -- Marco d'Itri <md@linux.it>  Thu, 23 Apr 2020 14:49:56 +0200

cfrpki (1.1.4-2) experimental; urgency=medium

  * Initial release.

 -- Marco d'Itri <md@linux.it>  Thu, 23 Apr 2020 14:25:46 +0200