-krb5-strength (2.0-1) UNRELEASED; urgency=low
+krb5-strength (3.0-1~sbp60+1) squeeze-backports; urgency=medium
+
+ * Special Stanford-only local backport that builds the package against
+ Heimdal instead of MIT Kerberos. We only need the heimdal-strength
+ program and the MIT API isn't supported until wheezy.
+
+ -- Russ Allbery <rra@debian.org> Mon, 16 Dec 2013 15:56:00 -0800
+
+krb5-strength (3.0-1) unstable; urgency=medium
+
+ * New upstream release.
+ - SQLite password dictionaries are now supported and can be used to
+ reject passwords within edit distance one of any dictionary word.
+ - cdbmake-wordlist has been renamed to krb5-strength-wordlist and can
+ also generate SQLite databases compatible with this plugin and
+ Heimdal quality check program.
+ - heimdal-history, a password history implementation for Heimdal, has
+ been added and can be stacked with heimdal-strength to check both
+ history and password strength.
+ - New configuration option, minimum_different, which sets the minimum
+ number of different characters required in a password.
+ * Add the upstream signing key to debian/upstream/signing-key.asc and
+ configure uscan to do signature validation. Configure uscan to
+ download the xz tarball instead of the gz tarball.
+ * Create a _history user and group and a /var/lib/heimdal-history
+ directory on package installation for the use of heimdal-history,
+ remove the user and the standard database on purge, and remove the
+ directory if empty on package purge or removal.
+
+ -- Russ Allbery <rra@debian.org> Wed, 26 Mar 2014 00:04:13 -0700
+
+krb5-strength (2.2-1) unstable; urgency=low
+
+ * New upstream release.
+ - Support for more complex length-sensitive character class
+ restrictions using the new require_classes configuration setting.
+ - cdbmake-wordlist now supports filtering out words based on maximum
+ length and user-supplied regular expressions, and supports running
+ in filter mode to generate a new word list.
+ * Update to standards version 3.9.5 (no changes required).
+
+ -- Russ Allbery <rra@debian.org> Mon, 16 Dec 2013 15:36:29 -0800
+
+krb5-strength (2.1-1) unstable; urgency=low
+ * New upstream release.
+ - Improve some of the password rejection error messages.
+
+ -- Russ Allbery <rra@debian.org> Thu, 10 Oct 2013 17:09:37 -0700
+
+krb5-strength (2.0-1) unstable; urgency=low
+
+ * Initial upload to Debian. (Closes: #725753)
* New upstream release.
- Add native support for the MIT Kerberos password quality plugin
interface included in MIT Kerberos 1.9 and later.
and the lighter character restrictions if so desired.
- When checking for passwords based on the principal, also check each
component of the principal to find passwords based on the realm.
-
- -- Russ Allbery <rra@debian.org> Mon, 07 Oct 2013 16:30:08 -0700
+ * Eliminate the heimdal-strength package. krb5-strength now builds a
+ single binary package of the same name including the MIT plugin and
+ the Heimdal external password quality program. The Heimdal plugin is
+ not built by the Debian packaging because Heimdal prefers external
+ programs. The plugin can be added later as a separate package if
+ there is demand.
+ * Revise the package long description for the merger of krb5-strength
+ and heimdal-strength and the new capabilities in 2.0.
+ * Recommend cracklib-runtime and tinycdb since they are required to
+ build dictionaries. Downgrade krb5-admin-server to Enhances and add
+ heimdal-kdc.
+ * Update debhelper compatibility level to V9.
+ - Enable hardening flags, including bindnow and PIE.
+ - Enable parallel builds.
+ * Use dh-autoreconf to rebuild the build system during package builds.
+ * Use xz compression for the upstream and Debian tarballs.
+ * Add branch information to the Vcs-Git metadata.
+ * Update standards version to 3.9.4 (no changes required).
+ * Rewrite debian/copyright in copyright-format 1.0.
+ * Remove README.Debian. All of that information is now available in the
+ installed upstream README file.
+ * Remove Bugs header now that this package is in Debian proper.
+
+ -- Russ Allbery <rra@debian.org> Mon, 07 Oct 2013 18:56:49 -0700
krb5-strength (1.1-1) unstable; urgency=low