-suphp (0.6.2-2+lenny0) testing-security; urgency=high
+suphp (0.7.1-1) unstable; urgency=low
- * The following security issue is addressed with this update:
- - CVE-2008-1614: allows local users to gain privileges via a race
- condition in symlinks handling
+ * New upstream release (closes: #528379, #520182)
+ * debian/NEWS: add information about AddHandler -> AddType change introduced
+ in 0.6.2-2 (closes: #517805)
+ * debian/conf/suphp.conf, debian/patches/01_debian.dpatch: switch from
+ application/x-httpd-php to application/x-httpd-suphp to allow
+ simultaneous use of mod_suphp and mod_php (closes: #519005, #514725)
- -- Emmanuel Lacour <elacour@home-dn.net> Fri, 11 Apr 2008 11:31:28 +0200
+ -- Emmanuel Lacour <elacour@easter-eggs.com> Mon, 03 Aug 2009 15:15:38 +0200
+
+suphp (0.6.2-3) unstable; urgency=low
+
+ * debian/conf/suphp.conf: by default, deactivate suPHP for applications in
+ /usr/share (owned by uid 0) (closes: #472352, closes: #420007)
+ * debian/control: bump standard-version
+
+ -- Emmanuel Lacour <elacour@home-dn.net> Wed, 04 Jun 2008 10:04:08 +0200
+
+suphp (0.6.2-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix race condition in symlink handling by adding
+ 04_CVE-2008-1614.dpatch (Closes: #475431) Fixes: CVE-2008-1614
+
+ -- Steffen Joeris <white@debian.org> Sat, 10 May 2008 08:48:45 +0000
suphp (0.6.2-2) unstable; urgency=low