acidlab (0.9.6b20-13ubuntu1) dapper; urgency=low

  * Add optional dependencies for php5 (Closes Malone: #3861)

 -- Barry deFreese <bddebian@comcast.net>  Tue,  4 Apr 2006 15:11:25 -0400

acidlab (0.9.6b20-13) unstable; urgency=high

  * Patch [013] SECURITY fix:
    - Add proper filtering in all ImportHTTP variables using either the new
    functions to check for numeric/alphanumeric chars or the filterSql()
    function to prevent SQL injection attacks. This patch fixes CVE-2005-3325 
    but also other attack vectors not mentioned in the initial advisory
    (http://www.frsirt.com/english/advisories/2005/2188)
  * Patch [014] Updated dates of php selections up to 2007
  * Changed patch [010]: fix locations of Nessus
  * New patch [015]: fix location of Snort database, provided alternative
    Ports lookup and added alternative locations for DNS queries (Closes: #315135)
  * Fixed FSF address in debian/copyright
  * Patch [016]: Allow graphic data to be represented until 2007. This patch
    together with patch [014] means that acid's last date is 2007 which should be
    enough since we are going to replace it with BASE in the short term 
    (Closes: #314566, #307712, #303217, #270171)
  * Document the changes that need to be done in order to extend the available
    year options (Closes: #247730)
  * Added a debian/TODO to describe how to fix the issue with new years with a
    simple for each loop.
  * Acidlab now depends on "| debconf-2.0" as requested by Joey Hess, I
    changed debian/packages instead of debian/control this time (Closes: #331732)
  * To reduce the risk of possible vulnerabilities in the code, made the
    default apache.conf allow access only from localhost and document this in
    the README file
  * Document the fact that this version is actually 0.9.6b20+patches from the
    latest upstream release 0.9.6b23 and that the later will never be
    released. (Closes: #155212)
  * Added the upstream homepage to all package descriptions.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sun, 30 Oct 2005 22:05:35 +0100

acidlab (0.9.6b20-12) unstable; urgency=low

  * Added a dependency on "| debconf-2.0" as requested by Joey Hess

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Mon, 26 Sep 2005 20:59:09 +0200

acidlab (0.9.6b20-11) unstable; urgency=low

  * Php-adodb path (since 4.64-1) is now /usr/share/php/adodb, fixed
    the configuration and adjusted Depends:

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 19 Aug 2005 00:31:45 +0200

acidlab (0.9.6b20-10) unstable; urgency=low

  * Yada is a PITA to work with. Build-Depends-Indep should be
    correct now. (Closes: #273978)

 -- Jeremy T. Bouse <jbouse@debian.org>  Wed, 29 Sep 2004 00:15:21 -0700

acidlab (0.9.6b20-9) unstable; urgency=high

  * Actually fix the Depends in the right location

 -- Jeremy T. Bouse <jbouse@debian.org>  Thu, 23 Sep 2004 09:24:42 -0700

acidlab (0.9.6b20-8) unstable; urgency=high

  * Updated Depends regarding PHP4 and libphp-adodb
  * Updated path for phplot (Closes: #267005)

 -- Jeremy T. Bouse <jbouse@debian.org>  Mon, 20 Sep 2004 00:03:01 -0700

acidlab (0.9.6b20-7) unstable; urgency=medium

  * Added missing Build-Depends on sharutils, FTBFS bug introduced
    in 0.9.6b20-5.1 (Closes: #229153)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Fri, 23 Jan 2004 16:18:12 +0100

acidlab (0.9.6b20-6) unstable; urgency=low

  * Patch [012] Modified acid_db_setup.php and create_acid_tbls_pgsql.sql substituting
    datetime -> timestamp since that type is now deprecated in PostgreSQL
    (even though the changelog for PostgreSQL does not mention the fact of
    _when_ was it removed from the RDBS since it worked in 7.0, oh well)
    (Closes: #223508)

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Sat, 10 Jan 2004 12:23:14 +0100

acidlab (0.9.6b20-5.1) unstable; urgency=low

  * NMU (approved by maintainer)
    - Move all the code (save the graphing side) to latest upstream
    version fixing a number of bugs. This version is still labeled
    0.9.6b20 since it is not _fully 0.9.6b23. Relevant changes
    - Proper support for newer PostgreSQL versions with changes introduced
    in 0.9.6b21 (Closes: #223508, #174052)
  * Removed patches 004-007 since they no longer apply to the new
    sources.
  * Patch [008]: update Whois servers' IP addresses (Closes: #183623)
  * Patch [009]: Will add portscan2 to main page stats (Closes: #183666)
  * Patch [010]: Add Nessus references to signatures (Closes: #182552)
  * Provided a way to download certain URLs that will get installed as 
    local documentation: debian/rules-add. It's not added to
    debian/rules, like I usually do, since there is no way in yada to make
    it create targets not associated to build/install/clean (Closes: #223523)
  * Documentation is provided in an acidlab-doc package.
  * Created dummy packages acidlab-pgsql and acidlab-mysql in order to
    ease installation (Closes: #219700)
  * Added versioned dependancies for libphp-adodb (Closes: #165114)
  * Avoid using /tmp/ in postinst, and user /etc/acidlab/ for temporary
    files instead in order to avoid race-conditions or symlink attacks
    (using directories users can write to is asking for trouble)
  * Patch [011]: Added trim() to GetSingleSignatureReference in order 
    to avoid problems when signatures contain spaces (this happens 
    with snortcenter)
  * Added proper copyright notice.
  * Changed postrm code so that the package can be removed if it's not fully
    installed/configured with debconf.
  * Added myself as co-maintainer.

 -- Javier Fernandez-Sanguino Pen~a <jfs@computer.org>  Thu, 11 Dec 2003 19:51:39 +0100

acidlab (0.9.6b20-5) unstable; urgency=low

  * Change in adodb's path due to change in package location
  * Attempting to correct permissionson acid_conf.php (Closes: #158720)

 -- Jeremy T. Bouse <jbouse@debian.org>  Thu, 29 Aug 2002 06:27:59 -0700

acidlab (0.9.6b20-4) unstable; urgency=low

  * Corrected permissions on acid_conf.php (Closes: #157434)

 -- Jeremy T. Bouse <jbouse@debian.org>  Tue, 20 Aug 2002 13:12:12 -0700

acidlab (0.9.6b20-3) unstable; urgency=low

  * Bug fix package release to close several bugs in BTS
  * Corrected dependencies (Closes: #144449, #154677)
  * Applied patch [006] to correct acid_db.inc (Closes: #143760)
  * Applied patch [007] to correct acid_ag_main.php (Closes: #154331)

 -- Jeremy T. Bouse <jbouse@debian.org>  Mon, 29 Jul 2002 00:29:48 -0700

acidlab (0.9.6b20-2) unstable; urgency=low

  * Corrected permissions/ownership of acid_conf.php (Closes: #139018) 

 -- Jeremy T. Bouse <jbouse@debian.org>  Thu, 21 Mar 2002 08:15:03 -0800

acidlab (0.9.6b20-1) unstable; urgency=low

  * Initial Debian version. (Closes: #108787)

 -- Jeremy T. Bouse <jbouse@debian.org>  Sat,  2 Mar 2002 13:24:41 -0800