# ChangeLog for net-misc/peervpn
# Copyright 1999-2016 Gentoo Foundation; Distributed under the GPL v2
# (auto-generated from git log)

*peervpn-0.044 (11 Apr 2016)

  11 Apr 2016; Zac Medico <zmedico@gentoo.org> +files/peervpn.initd,
  +files/peervpn.logrotated, +files/peervpn.service, +metadata.xml,
  +peervpn-0.044.ebuild:
  new package

  Package-Manager: portage-2.2.28

  29 Aug 2016; Zac Medico <zmedico@gentoo.org> files/peervpn.logrotated:
  add copytruncate to logrotate config

  Package-Manager: portage-2.3.0

*peervpn-0.044-r1 (13 Dec 2016)

  13 Dec 2016; Zac Medico <zmedico@gentoo.org> files/peervpn.initd,
  -peervpn-0.044.ebuild, +peervpn-0.044-r1.ebuild:
  0.044-r1 revbump for bug 602550

  Fix the openrc init script start_post function to use the chown
  --no-dereference option in order to prevent privilege escalation
  attacks.

  X-Gentoo-bug: 602550
  X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550

  Package-Manager: portage-2.3.3

  13 Dec 2016; Zac Medico <zmedico@gentoo.org> files/peervpn.initd:
  use chown -h for posix compat

  Package-Manager: portage-2.3.3

*peervpn-0.044-r2 (13 Dec 2016)

  13 Dec 2016; Zac Medico <zmedico@gentoo.org> files/peervpn.initd,
  files/peervpn.logrotated, -peervpn-0.044-r1.ebuild,
  +peervpn-0.044-r2.ebuild:
  0.044-r2 revbump for bug 602550

  Remove the chown call from the openrc init script start_post function,
  in order to prevent privilege escalation attacks. It is unsafe to call
  chown in a directory that is not owned by root, since the target file
  could be a hardlink to a root-owned file.

  X-Gentoo-bug: 602550
  X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550

  Package-Manager: portage-2.3.3