minissdpd (1.1.20120121-1+deb7u1build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

 -- Tyler Hicks <tyhicks@canonical.com>  Fri, 01 Jul 2016 13:36:35 -0500

minissdpd (1.1.20120121-1+deb7u1) wheezy-security; urgency=high

  * Non-maintainer upload by the Wheezy LTS Team. 
  * patch for CVE-2016-3178 + CVE-2016-3179
    The minissdpd daemon contains a improper validation of array index 
    vulnerability (CWE-129) when processing requests sent to the Unix 
    socket at /var/run/minissdpd.sock the Unix socket can be accessed 
    by an unprivileged user to send invalid request causes an 
    out-of-bounds memory access that crashes the minissdpd daemon.
 
 -- Thorsten Alteholz <debian@alteholz.de>  Mon, 28 Mar 2016 12:03:02 +0100

minissdpd (1.1.20120121-1) unstable; urgency=low

  * New upstream version.
  * Fixed the init script to handle when start-stop-daemon returns 1, and
  handling of the VERBOSE variable.
  * Switching from dpatch to quilt, and from source format 1.0 to 3.0.

 -- Thomas Goirand <zigo@debian.org>  Fri, 17 Feb 2012 19:23:48 +0800

minissdpd (1.1.20111007-4) unstable; urgency=low

  * Fixed English grammar mistakes, thanks to Martin Eberhard Schauer
  <Martin.E.Schauer@gmx.de> (Closes: #653027).
  * Added a debian/gbp.conf
  * Added support for "status" action to init.d script, thanks to patch from
  Peter Eisentraut <petere@debian.org> (Closes: #652916).

 -- Thomas Goirand <zigo@debian.org>  Fri, 23 Dec 2011 19:53:11 +0800

minissdpd (1.1.20111007-3) unstable; urgency=low

  * Exits if binary isn't found (Closes: #646746).

 -- Thomas Goirand <zigo@debian.org>  Thu, 27 Oct 2011 19:28:20 +0800

minissdpd (1.1.20111007-2) unstable; urgency=low

  * Calling dpatch directly in debian/rules because the patch wasn't applied at
  all, so this bug was still remaining, thanks to Christoph Egger
  <christoph@debian.org> for reporting it (Closes: #635911).

 -- Thomas Goirand <zigo@debian.org>  Mon, 10 Oct 2011 15:16:20 +0800

minissdpd (1.1.20111007-1) unstable; urgency=low

  * New upstream version including the bugfixes to bugs sent to the Debian
  BTS (Closes: #644508, #644509, #644510, #644511, #630665).
  * Added a patch to disable calls to link_ntoa in Debian/kFreeBSD
  (Closes: #635911).
  * debian/copyright is now in DEP5 format.

 -- Thomas Goirand <zigo@debian.org>  Sun, 09 Oct 2011 17:49:12 +0000

minissdpd (1.0.20110729-1) unstable; urgency=high

  * New upstream release 1.0.20110729, fixing root exploit issue reported on
  launchpad (Closes: #635836) (LP: #813313), thanks to Moritz Muehlenhoff
  <jmm@debian.org> for the bug report, and to falks at Ubuntu for the
  investigation of the issue.
  * Added build-arch: and build-indep: targets in debian/rules.
  * Bumped standard-version to 3.9.2.

 -- Thomas Goirand <zigo@debian.org>  Fri, 29 Jul 2011 14:41:55 +0200

minissdpd (1.0-2) unstable; urgency=low

  * Watch file was wrong (it was the one of miniupnpc).
  * Uploading to unstable from now on.

 -- Thomas Goirand <zigo@debian.org>  Fri, 11 Mar 2011 19:59:51 +0800

minissdpd (1.0-1) experimental; urgency=low

  * Initial release (Closes: #608270).

 -- Thomas Goirand <zigo@debian.org>  Wed, 29 Dec 2010 16:49:20 +0800
