+secnet (0.3.0~beta2) unstable; urgency=low
+
+ * New upstream version.
+ - SECURITY FIX: RSA public modulus and exponent buffer overflow.
+ - SECURITY FIX: Use constant-time memcmp for message authentication.
+ - SECURITY FIX: Provide a new transform, eax-serpent, to replace cbcmac.
+ - SECURITY FIX: No longer send NAKs for NAKs, avoiding NAK storm.
+ - SECURITY FIX: Fix site name checking when site name A is prefix of B.
+ - Better robustness for mobile sites (proper user of NAKs, new PROD msg).
+ - Better robustness against SLIP decoding errors.
+ - Fix bugs which caused routes to sometimes not be advertised.
+ - Protocol capability negotiation mechanism.
+ - Improvements and fixes to protocol and usage documentation.
+ - Other bugfixes and code tidying up.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 25 Jul 2013 18:26:01 +0100
+
secnet (0.3.0~beta1) unstable; urgency=low
* New upstream version.
- make-secnet-sites made more sophisticated to support two vpns on chiark.
- Documentation improvements.
- Build system improvements.
+ * Debian packaging improvements:
+ - Native package.
+ - Maintainer / uploaders.
+ - init script requires $remove_fs since we're in /usr.
-- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 12 Jul 2012 20:18:16 +0100