projects / invirt/packages/invirt-web.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix pts mem vulnerability, with new -encrypt option
[invirt/packages/invirt-web.git] / debian / changelog
diff --git a/debian/changelog b/debian/changelog
index d70d063..f7ad007 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+invirt-web (0.0.16) unstable; urgency=low
+
+  * Fix a security vulnerability: traditional `pts mem` is in cleartext
+    and could be spoofed.  Use new -encrypt option, which needs tokens.
+
+  * make initscript stop command not leave apache2 processes lying around
+    (so that restart works)
+
+ -- Greg Price <price@mit.edu>  Tue, 30 Dec 2008 17:31:48 -0500
+
 invirt-web (0.0.15) unstable; urgency=low
 
   * config.{authn[0] => kerberos}.realm
Unnamed repository; edit this file 'description' to name the repository.