From 0301409dbf59a0377ba011b22a07d31f95b50356 Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@octopuce.fr>
Date: Tue, 25 Nov 2014 11:38:55 +0100
Subject: [PATCH] adding changelog, fixing srand() not properly called by php
 itself

---
 bureau/class/config.php | 7 +++++--
 debian/changelog        | 8 ++++++++
 wheezy/changelog.diff   | 8 ++++----
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/bureau/class/config.php b/bureau/class/config.php
index c52e4adb..023d6e86 100644
--- a/bureau/class/config.php
+++ b/bureau/class/config.php
@@ -40,8 +40,8 @@ session_name('AlternC_Panel');
 session_start();
 
 /*
-  Si vous voulez mettre le bureau en maintenance, d�commentez le code ci-dessous
-  et mettez votre ip dans le IF pour que seule votre ip puisse acc�der au bureau : 
+  Si vous voulez mettre le bureau en maintenance, decommentez le code ci-dessous
+  et mettez votre ip dans le IF pour que seule votre ip puisse acceder au bureau : 
 */
 
 /* * /
@@ -72,6 +72,9 @@ if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
   $_REQUEST["password"]=$_SERVER['PHP_AUTH_PW'];
  }
 
+// proper srand (not using time(), which is what PHP does!)
+list($usec, $sec) = explode(" ", microtime());
+srand($usec*1000000);
 
 $help_baseurl="http://www.aide-alternc.org/";
 
diff --git a/debian/changelog b/debian/changelog
index 2d7afebb..fc01d581 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+alternc (3.1.3) oldstable; urgency=low
+
+  * fix opendkim listening on *
+  * fix a probable privilege escalation in cron management
+  * fix a random number generation issue in PHP (rand automatically initialized by time(), not better!)
+
+ -- Benjamin Sonntag <benjamin@sonntag.fr>  Mon, 24 Nov 2014 11:17:12 +0100
+
 alternc (3.1.2) oldstable; urgency=low
 
   * fix a bug when installing (doing patches from 3.1~rc)
diff --git a/wheezy/changelog.diff b/wheezy/changelog.diff
index d7f5ba6c..d3a33621 100644
--- a/wheezy/changelog.diff
+++ b/wheezy/changelog.diff
@@ -1,13 +1,13 @@
 --- changelog	2014-06-24 13:42:50.234304438 +0200
 +++ changelog.wheezy	2014-06-24 13:43:51.978313552 +0200
 @@ -1,3 +1,10 @@
-+alternc (3.2.2) stable; urgency=low
++alternc (3.2.3) stable; urgency=low
 +
 +  * Version identical to 3.1 for Squeeze
 +  * Includes a small dovecot patch / dependency for dovecot 2.0 for Wheezy
 +
-+ -- Benjamin Sonntag <benjamin@sonntag.fr>  Thu, 28 Mar 2014 18:19:00 +0200
++ -- Benjamin Sonntag <benjamin@sonntag.fr>  Thu, 25 Nov 2014 18:19:00 +0100
 +
- alternc (3.1.2) oldstable; urgency=low
+ alternc (3.1.3) oldstable; urgency=low
  
-   * fix a bug when installing (doing patches from 3.1~rc)
+   * fix opendkim listening on *