golang-github-go-ldap-ldap (2.4.1-1+deb9u1) stretch; urgency=medium

  * Team upload.
  * Require explicit intention for empty password.
    This is normally used for unauthenticated bind, and
    https://tools.ietf.org/html/rfc4513#section-5.1.2 recommends:
    "Clients SHOULD disallow an empty password input to a Name/Password
    Authentication user interface"
    This is (mostly) a cherry-pick of 95ede12 from upstream, except
    the bit in ldap_test.go, which is unrelated to the security issue.
    This fixes CVE-2017-14623. (Closes: #876404)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 29 Nov 2017 23:45:26 +0100

golang-github-go-ldap-ldap (2.4.1-1) unstable; urgency=medium

  * New upstream version.
  * Bump Standards-Version to 3.9.8.

 -- Alexandre Viau <aviau@debian.org>  Tue, 16 Aug 2016 12:19:35 -0400

golang-github-go-ldap-ldap (2.3.0-1) unstable; urgency=medium

  * New upstream version
  * Added watch file
  * Refreshed disable-internet-tests.patch
  * Replaced Vcs-Git by secure (https) url
  * Make use of XS-Go-Import-Path
  * Changed my email to @debian.org
  * Bumped Standards-Version to 3.9.7
  * New /usr/share/gocode/src/gopkg.in/ldap.v2 symlink

 -- Alexandre Viau <aviau@debian.org>  Mon, 21 Mar 2016 23:52:07 -0400

golang-github-go-ldap-ldap (0.0~git20150817.24.12f2865-1) unstable; urgency=medium

  * Initial release (Closes: #798022)

 -- Alexandre Viau <alexandre@alexandreviau.net>  Wed, 02 Sep 2015 21:13:23 -0400
