gosa (2.6.11-3+squeeze5) squeeze-lts; urgency=medium

  * debian/patches:
    + Add 0006_code-injection-in-samba-hash-generation.patch. Don't
      allow code injection via user password changes when using
      GOsa's samba plugin. User password strings are now
      passed on to the Samba hash creation hook as a base64 encoded
      string. (CVE-2015-8771).
    + Add 0007_update-sambaHashHook-description.patch. Document
      changes of the Samba NT/LM hash creation hook accordingly.
    + Add 1022_add-b-switch-to-mkntpasswd-script.patch. Add -b
      switch to mkntpasswd script. Allows providing user password
      strings in base64 encoded format.
  * debian/gosa.NEWS:
    + Add information on password strings now getting base64 encoded
      prior to handing it over to the sambaHashHook script.

 -- Mike Gabriel <sunweaver@debian.org>  Fri, 29 Jan 2016 10:29:20 +0100

gosa (2.6.11-3+squeeze4) squeeze-lts; urgency=medium

  * debian/patches:
    + Add 1003_add-set-post-function.patch. Provide set_post
      function from Gosa 2.7, fix breakage due to previous upload.
      (Closes: #775816).

 -- Mike Gabriel <sunweaver@debian.org>  Wed, 11 Mar 2015 05:37:23 +0100

gosa (2.6.11-3+squeeze3) squeeze-lts; urgency=medium

  * debian/control:
    + Change Maintainer: Debian Edu Packaging Team (current
      maintenance team for GOsa² in Debian unstable).
    + Drop from Uploaders: Cajus Pollmeier (retired DD).
    + Add to Uploaders: Mike Gabriel (current GOsa² maintainer).
  * debian/patches:
    + Add 0003_xss-vulnerability-on-login-screen.patch. Fix XSS issue
      during login. Picked from GOsa² upstream and from the GOsa² package
      in Debian unstable.
    + Add 1002_trim-decrypt.patch. Fix authentication of GOsa² against
      the underlying LDAP server(s) via the gosa-admin DN. (Closes:
      #768509). The issue has been fixed in Debian unstable a while back
      (see Debian bug #748065) and currently only affects GOsa² in Debian
      squeeze and wheezy. The bug occurred after fixing DSA 3064-1 in php5.

 -- Mike Gabriel <sunweaver@debian.org>  Thu, 18 Dec 2014 10:53:45 +0100

gosa (2.6.11-3+squeeze2) stable; urgency=low

  * Backport shellvar escaping code. Closes: #665950.

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 09 Jul 2012 20:44:30 +0200

gosa (2.6.11-3+squeeze1) stable; urgency=low

  * Fix DHCP host removal. Closes: #650258
  * Backport user generator unicode character transliteration. Closes: #657086

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 30 Jan 2012 09:32:09 +0100

gosa (2.6.11-3) unstable; urgency=low

  * Don't install gosa-core/contrib/desktoprc to /etc/gosa/desktoprc of
    gosa-desktop package, as it is rewritten during configuration anyway
    (Closes: #603426)
  * Remove acl debug code (Closes: #603421)
  * Correct typo error in contentcsv.tpl (Closes: #604745)
  * Correct gosa 2.6 & assigned acl role to group

 -- Benoit Mortier <benoit.mortier@opensides.be>  Sun, 05 Dec 2010 13:01:13 +0100

gosa (2.6.11-2) unstable; urgency=low

  * Corrected wrong dirs on gosa-plugin-mail 
  * Corrected wrong dirs on gosa-plugin-gofon
  * Added missing scripts in gosa-dev package
  * Added missing README.squid to gosa-plugin-squid package
  * Added patch for security in using gosa hook for password
  * package explicitly depends on preform MPM (Closes: #591043)
  * default config refers to missing FCGIWrapper (Closes: #591046)

 -- Benoit Mortier <benoit.mortier@opensides.be>  Sun, 17 Oct 2010 16:00:00 +0200

gosa (2.6.11-1) unstable; urgency=low

  [ Cajus Pollmeier ]
  * New upstream release

  [ Benoit Mortier ]

  * Samba schema file is incompatible with Samba shipped with lenny
    (Closes: #582899)
  * package explicitly depends on preform MPM (Closes: #591043)
  * default config refers to missing FCGIWrapper (Closes: #591046)

 -- Benoit Mortier <benoit.mortier@opensides.be>  Fri, 13 Aug 2010 11:00:29 +0200

gosa (2.6.10-2) unstable; urgency=low

  * Removed faulty patch due to 3.0 source conversion
  * Prevented /usr/share/doc/gosa.conf to be compressed
    to make setup configuration file saving work again

 -- Benoit Mortier <benoit.mortier@opensides.be>  Tue, 27 Jul 2010 18:49:07 +0200

gosa (2.6.10-1) unstable; urgency=low

  [ Cajus Pollmeier ]
  * New upstream release

  [ Benoit Mortier ]
  * Switch to dpkg-source 3.0 (quilt) format
  * gosa fails with: "Fatal error: Call to undefined function
    print_array() (Closes: #573220)
  * GOSa fails to add IP and MAC addresses to samba created hosts
    (Closes: #582896)

 -- Benoit Mortier <benoit.mortier@opensides.be>  Tue, 20 Jul 2010 12:48:02 +0200

gosa (2.6.9-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 15 Mar 2010 11:28:48 +0100

gosa (2.6.8-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 15 Feb 2010 14:19:14 +0100

gosa (2.6.7-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Wed, 27 Jan 2010 21:53:12 +0100

gosa (2.6.6-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 05 Oct 2009 15:03:41 +0200

gosa (2.6.5-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Wed, 25 Feb 2009 13:36:18 +0100

gosa (2.6.4-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Fri, 06 Feb 2009 11:35:38 +0100

gosa (2.6.3-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Thu, 15 Jan 2009 11:43:15 +0100

gosa (2.6.2-1) unstable; urgency=low

  * New upstream release 

 -- Cajus Pollmeier <cajus@debian.org>  Fri, 19 Dec 2008 09:51:32 +0100

gosa (2.6.1-1) unstable; urgency=low

  * New upstream release

 -- Cajus Pollmeier <cajus@debian.org>  Mon, 07 Apr 2008 11:18:53 +0200