-gforge (4.6.99+svn6585-1) unstable; urgency=low
+gforge (4.7.1-1+) experimental; urgency=low
- * Added support for nss shadow
- * Commented allusers and allgroups entries in nss config as a workaround
- for failing postgreqsl restart, also changed getent calls in install-chroot.sh
+ * Fixed bashisms in /usr/lib/gforge/bin/setup, thanks to Gonéri Le
+ Bouder (Closes: #514768).
- -- Christian Bayle <bayle@debian.org> Fri, 15 Aug 2008 20:05:16 +0200
+ -- Roland Mas <lolando@debian.org> Tue, 10 Feb 2009 19:57:41 +0100
+
+gforge (4.7.1-1) experimental; urgency=low
+
+ * New upstream release.
+
+ -- Roland Mas <lolando@debian.org> Thu, 05 Feb 2009 21:01:10 +0100
+
+gforge (4.7-1) experimental; urgency=low
+
+ [ Roland Mas ]
+ * New upstream release.
+ * Made PostgreSQL dependency stricter: some of the views only work with
+ versions >= 8.1 (closes: #498811).
+
+ [ Christian Bayle ]
+ * Enable apache2 mod rewrite
+
+ -- Roland Mas <lolando@debian.org> Sun, 01 Feb 2009 19:22:16 +0100
+
+gforge (4.7~rc2-7) unstable; urgency=high
+
+ * Fixed yet another SQL injection vulnerability due to insufficient
+ input sanitizing (CVE-2008-2381).
+
+ -- Roland Mas <lolando@debian.org> Wed, 17 Dec 2008 15:26:59 +0100
+
+gforge (4.7~rc2-6) unstable; urgency=high
+
+ * Removed gforge-plugins-extra binary package (closes: #504758). I
+ can't promise to do security support for it, and it's quite
+ susceptible to security holes since it ships local copies of PHP
+ libraries.
+
+ -- Roland Mas <lolando@debian.org> Sat, 15 Nov 2008 20:06:46 +0100
+
+gforge (4.7~rc2-5) unstable; urgency=high
+
+ * Fix several SQL injection vulnerabilities due to insufficient input
+ sanitizing.
+
+ -- Roland Mas <lolando@debian.org> Mon, 06 Oct 2008 16:12:50 +0200
gforge (4.7~rc2-4) unstable; urgency=low
-- Roland Mas <lolando@debian.org> Sun, 31 Aug 2008 20:33:58 +0200
+gforge (4.7~rc2-1-svn6585) unstable; urgency=low
+
+ * Added support for nss shadow
+ * Commented allusers and allgroups entries in nss config as a workaround
+ for failing postgreqsl restart, also changed getent calls in install-chroot.sh
+
+ -- Christian Bayle <bayle@debian.org> Fri, 15 Aug 2008 20:05:16 +0200
+
gforge (4.7~rc2-1) unstable; urgency=low
* Changed version number to reflect the upstream tagging of r6582 to