libapache-mod-ssl (2.8.9-2.5) oldstable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Backported patch for to fix access restriction bypass
    [pkg.sslmod/ssl_engine_kernel.c, CAN-2005-2700]

 -- Martin Schulze <joey@infodrom.org>  Fri,  9 Sep 2005 09:34:39 +0200

libapache-mod-ssl (2.8.9-2.4) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Rebuild to fix broken manpage symlink (Closes: #261180)

 -- Matt Zimmerman <mdz@debian.org>  Sun, 25 Jul 2004 14:37:58 -0700

libapache-mod-ssl (2.8.9-2.3) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Apply patch from upstream to fix CAN-2004-0700 (Format string
    vulnerability in the ssl_log function)

 -- Matt Zimmerman <mdz@debian.org>  Mon, 19 Jul 2004 16:41:20 -0700

libapache-mod-ssl (2.8.9-2.2) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Apply patch from upstream to fix CAN-2004-0488 (Stack-based buffer
    overflow in the ssl_util_uuencode_binary function)

 -- Matt Zimmerman <mdz@debian.org>  Mon, 19 Jul 2004 10:19:18 -0700

libapache-mod-ssl (2.8.9-2.1) stable-security; urgency=high

  * Non-maintainer upload by Security Team
  * Applied patch from Joe Orton to fix cross site scripting through
    hostnames (CAN-2002-1157)

 -- Martin Schulze <joey@infodrom.org>  Tue, 15 Oct 2002 21:05:37 +0200

libapache-mod-ssl (2.8.9-2) testing-security; urgency=low

  * SECURITY: overflow fix in ssl_engine_compat.c

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 25 Jun 2002 00:02:03 +0200

libapache-mod-ssl (2.8.9-1) unstable; urgency=low

  * New upstream release, for apache 1.3.26
  * Fixed build dependencies (Closes: #137936)

 -- Robert van der Meulen <rvdm@debian.org>  Thu, 20 Jun 2002 21:05:26 +0200

libapache-mod-ssl (2.8.7-1) unstable; urgency=medium

  * New upstream release, for use with apache 1.3.23. (Closes: #133126)
  * SECURITY: new upstream fixes buffer overflow condition (Closes: #136656)
  * finally fixed mkcert.sh issue.. (Closes: #118275)
  * Marked all /etc files as conffiles.
  * Set execute bits on mod-ssl-makecert.sh to make lintian happy.
  * [README.Debian] Corrected outdated file locations.
  * Followed policy checklist and updated Standards-Version.

 -- Robert van der Meulen <rvdm@debian.org>  Mon,  4 Mar 2002 16:37:43 +0100

libapache-mod-ssl (2.8.5-4) unstable; urgency=low

  * Fixed build depends (Closes: #128746)
  * added mkcert.sh (Closes: #118275) 

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 29 Jan 2002 20:13:22 +0100

libapache-mod-ssl (2.8.5-3) unstable; urgency=low

  * Re-added mod-ssl-makecert.sh (Closes: #118275)
  * Opened up the files in /usr/share/doc/libapache-mod-ssl/examples 
    (Closes: #128292) 

 -- Robert van der Meulen <rvdm@debian.org>  Thu, 10 Jan 2002 11:49:31 +0100

libapache-mod-ssl (2.8.5-2) unstable; urgency=low

  * Fixed Dependency problems (Closes: #117178) 

 -- Robert van der Meulen <rvdm@debian.org>  Fri, 26 Oct 2001 15:08:29 +0200

libapache-mod-ssl (2.8.5-1) unstable; urgency=low

  * New upstream release
  * apache 1.3.22 recompile
  * Removed mkcert.sh script (Closes: #112586)

 -- Robert van der Meulen <rvdm@debian.org>  Wed, 24 Oct 2001 23:25:02 +0200

libapache-mod-ssl (2.8.4-1) unstable; urgency=low

  * New upstream release
  * patch to new upstream version supplied by Luca Filipozzi 
    <lfilipoz@debian.org> 

 -- Robert van der Meulen <rvdm@debian.org>  Fri, 15 Jun 2001 11:04:27 -0700

libapache-mod-ssl (2.8.2-2) unstable; urgency=low

  * Forgot to set the 'new maintainer' field in debian/control.
  * Tossed libdb2; depending on libdb3 now. 

 -- Robert van der Meulen <rvdm@debian.org>  Mon,  4 Jun 2001 15:32:22 +0200

libapache-mod-ssl (2.8.2-1) unstable; urgency=low

  * New maintainer.
  * 'fixed' documentation to say apache needs to be stopped and started,
    instead of just 'reloaded'. (Closes: #79793)

 -- Robert van der Meulen <rvdm@debian.org>  Tue, 15 May 2001 21:08:07 +0200

libapache-mod-ssl (2.8.2-0.1) unstable; urgency=low
 
  * NMU
  * New upstream version for Apache 1.3.19 (Closes: #92116, #90157)
  * Add in undocumented link (Closes: #47361)
  * Fix lintian errors - spelling, /usr/doc, others
  * Fix dependencies (Closes: #86164)
  * Fix perms (Closes: #79772)
  * This was already fixed.  These files are in the examples dir (Closes: #52872)
  * Default configuration also already proper. (Closes: #78472)
  * Add in lintian overrides
  * Updating Standards version
 
 -- Ivan E. Moore II <rkrusty@debian.org>  Fri, 06 Apr 2001 00:17:38 +0100

libapache-mod-ssl (2.7.1-1.1) unstable; urgency=low

  * NMU
  * Added build dependencies. (closes: #79648, #81796)

 -- Adrian Bunk <bunk@fs.tum.de>  Sat, 17 Mar 2001 00:17:38 +0100

libapache-mod-ssl (2.7.1-1) unstable; urgency=low

  * Now that we have apache 1.3.14 in unstable, update
    to mod_ssl-2.7.1-1.3.14

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Mon,  4 Dec 2000 18:04:57 +0100

libapache-mod-ssl (2.6.6-3) unstable; urgency=low

  * Rebuild with latest libraries: libssl096_0.9.6-1 and libc6_2.2-4
    Hopefully this will fix the crashes some people see.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri,  1 Dec 2000 12:11:42 +0100

libapache-mod-ssl (2.6.6-2) unstable; urgency=low

  * Moved libapache-mod-ssl-doc rules to binary-indep section
    of rules files so that dpkg-buildpackage -B works. How the
    autobuilders worked around it, I can only guess...

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Thu, 30 Nov 2000 12:23:17 +0100

libapache-mod-ssl (2.6.6-1) unstable; urgency=low

  * New upstream version (closes: #72573)
  * Builds against the latest libssl09a (closes: #67063)
  * Dropped apache version number from package version number, it's
    too long, and it doesn't add any info anyway (we have Depends:).
  * Change the way we Depend: on apache (closes: #68735, #69053)
  
 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue, 28 Nov 2000 17:13:46 +0100

libapache-mod-ssl (2.4.10-1.3.9-1) unstable; urgency=high

  * New upstream version.
  * Builds against the latest libssl09 (closes: #46073)
  * Should fix client certificate problems (closes: #47655)
  * Should fix crashes (closes: #54550)
  * Adds sign.sh to examples (closes: #49830)
  * Move docs to /usr/share/doc

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 12 Jan 2000 13:27:58 +0100

libapache-mod-ssl (2.4.2-1.3.9-1) unstable; urgency=low

  * New upstream version
  * Fixes bugs:
    #43700: SSL connections no longer work with libapache-mod-ssl
    #44047: libapache-mod-ssl: new apache was released
    #41203: error loading shared libraries: /usr/lib/apache/ca-fix: undefined s
    #43528: libapache-mod-ssl: Cannot load /usr/lib/apache/1.3/mod_ssl.so
    #43735: libapache-mod-ssl needs to be built against new openssl

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sun, 12 Sep 1999 12:28:29 +0200

libapache-mod-ssl (2.3.11-1.3.6-1) unstable; urgency=low

  * New upstream version
  * Removes the need for ca-fix.
  * Fixes bugs:
    #41647: libapache-mod-ssl's postinst requires make
    #41744: mod-ssl-makecert fails due to ca-fix problem
    #41745: mkcert.sh writes to /usr/lib/apache
    #42924: libapache-mod-ssl_2.2.8-1.3.6-1(unstable): seems doesn't compile

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Mon, 16 Aug 1999 12:29:16 +0200

libapache-mod-ssl (2.2.8-1.3.6-1) unstable; urgency=low

  * Fixed minor bits, cleared up ca-fix copyright, uploaded to pandora.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 12 May 1999 14:18:47 +0200

libapache-mod-ssl (2.2.8-1.3.6-0) unstable; urgency=low

  * Merged with same package from Tommi Virtanen  <tv@debian.org>

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 12 May 1999 14:18:08 +0200