Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:39 UTC

Import patches-applied version 1.4.28-2ubuntu2.1 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 482c6fcd41c962328ada62b17d73eb13a53011a9
Unapplied parent: 70bb541a6e982c56569daf768256dfa5a97bb41b

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-applied version 1.4.28-2ubuntu1.1 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: cfe3c9054b7604b9cc9ab7811e6d20be225bdbf0
Unapplied parent: 78305c189a895755a84d8f7fb8f3f2314d9c3a11

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-applied version 1.4.28-2ubuntu1.1 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: cfe3c9054b7604b9cc9ab7811e6d20be225bdbf0
Unapplied parent: 78305c189a895755a84d8f7fb8f3f2314d9c3a11

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-applied version 1.4.28-2ubuntu1.1 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: cfe3c9054b7604b9cc9ab7811e6d20be225bdbf0
Unapplied parent: 78305c189a895755a84d8f7fb8f3f2314d9c3a11

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:35:38 UTC

Import patches-applied version 1.4.26-3ubuntu2.1 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 8fde992534d3f5d52cfcc6d6cb129db51cb8d004
Unapplied parent: 7f1ae8b0cebb79ded9bb70235a1d97f185c968ec

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:39 UTC

Import patches-unapplied version 1.4.28-2ubuntu2.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: fad823b0df6134eaa86dd9e4f61a6cd381e5ffea

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:39 UTC

Import patches-unapplied version 1.4.28-2ubuntu2.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: fad823b0df6134eaa86dd9e4f61a6cd381e5ffea

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-unapplied version 1.4.28-2ubuntu1.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 407b1edbac7a757ee209f8e44fc43d6e87997dca

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-unapplied version 1.4.28-2ubuntu1.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 407b1edbac7a757ee209f8e44fc43d6e87997dca

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:09 UTC

Import patches-unapplied version 1.4.28-2ubuntu1.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 407b1edbac7a757ee209f8e44fc43d6e87997dca

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:35:38 UTC

Import patches-unapplied version 1.4.26-3ubuntu2.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: c69f06e438060e19ef097b54c14639af99ebafe0

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:35:38 UTC

Import patches-unapplied version 1.4.26-3ubuntu2.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: c69f06e438060e19ef097b54c14639af99ebafe0

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:35:38 UTC

Import patches-unapplied version 1.4.26-3ubuntu2.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: c69f06e438060e19ef097b54c14639af99ebafe0

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:34:44 UTC

Import patches-unapplied version 1.4.26-1.1ubuntu3.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 01d9b94158f885e54ccaa473ec5901919e0054d1

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:34:44 UTC

Import patches-unapplied version 1.4.26-1.1ubuntu3.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 01d9b94158f885e54ccaa473ec5901919e0054d1

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:36:39 UTC

Import patches-unapplied version 1.4.28-2ubuntu2.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: fad823b0df6134eaa86dd9e4f61a6cd381e5ffea

New changelog entries:
  * SECURITY UPDATE: Fix DoS because of incorrect code in src/http_auth.c:67
    (LP: #906792)
    - debian/patches/CVE-2011-4362.patch: patch derived from upstream
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-applied version 1.4.28-2ubuntu4 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: dcb26d0c200c286f2330eb7e9eb8d84075a29711
Unapplied parent: 2243d2d749b845dc3d6cf984450182b193e44f39

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-unapplied version 1.4.28-2ubuntu4 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: c916bfae9e1a703a44398889ba02efd350ebb749

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-unapplied version 1.4.28-2ubuntu4 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: c916bfae9e1a703a44398889ba02efd350ebb749

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-applied version 1.4.28-2ubuntu4 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: dcb26d0c200c286f2330eb7e9eb8d84075a29711
Unapplied parent: 2243d2d749b845dc3d6cf984450182b193e44f39

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-applied version 1.4.28-2ubuntu4 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: dcb26d0c200c286f2330eb7e9eb8d84075a29711
Unapplied parent: 2243d2d749b845dc3d6cf984450182b193e44f39

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-applied version 1.4.28-2ubuntu4 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: dcb26d0c200c286f2330eb7e9eb8d84075a29711
Unapplied parent: 2243d2d749b845dc3d6cf984450182b193e44f39

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-unapplied version 1.4.28-2ubuntu4 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: c916bfae9e1a703a44398889ba02efd350ebb749

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Mahyuddin Susanto
Author Date: 2011-12-20 10:32:22 UTC

Import patches-unapplied version 1.4.28-2ubuntu4 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: c916bfae9e1a703a44398889ba02efd350ebb749

New changelog entries:
  * debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
    src/http_auth.c:67 (LP: #906792)
    - CVE-2011-4362

Author: Ilya Barygin
Author Date: 2011-08-20 20:26:14 UTC

Import patches-applied version 1.4.28-2ubuntu2 to applied/ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: cfe3c9054b7604b9cc9ab7811e6d20be225bdbf0
Unapplied parent: 78f682de95f70f62679d44c9a9d485def326638f

New changelog entries:
  * No-change rebuild for openssl0.9.8 -> openssl1.0.0 transition.

Author: Ilya Barygin
Author Date: 2011-08-20 20:26:14 UTC

Import patches-unapplied version 1.4.28-2ubuntu2 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 407b1edbac7a757ee209f8e44fc43d6e87997dca

New changelog entries:
  * No-change rebuild for openssl0.9.8 -> openssl1.0.0 transition.

Author: Bhavani Shankar
Author Date: 2010-11-21 06:39:27 UTC

Import patches-applied version 1.4.28-2ubuntu1 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 819010cbd703e143e3e73ed9e01ac33b8fe3ce22
Unapplied parent: f4583bfadecec964ff4b156bb1917bcc925722f0

New changelog entries:
  * Merge from debian unstable. Remaining changes:
    - debian/control:
      + libgamin-dev rather than libfam-dev to fix startup warning.
      + debhelper Build-depends bumped to (>= 7.0.50) for
        overrides in rules file.
    - debian/index.html: s/Debian/Ubuntu/g branding on the default page.
    - Added a UFW profile set:
      + debian/lighttpd.dirs: added etc/ufw/applications.d
      + debian/rules: install the ufw profile.
      + debian/control: Suggests on ufw.
    - Add lighttpd-dev package:
      + debian/control: Added lighttpd-dev package; Build-depends on
        automake, libtool
      + debian/lighttpd-dev.install: Added.
    - debian/rules:
      + Add override_dh_installinit to set "defaults 91 09" to not start
        before apache2 but in the same runlevel with the same priority.
    - debian/patches/build-dev-package.patch: Updated
    - debian/lighttpd.conf: Comment 'use-ipv6.pl' by default, which causes
      failure to bind port in ipv4 (LP: #551211)

Author: Bhavani Shankar
Author Date: 2010-11-21 06:39:27 UTC

Import patches-unapplied version 1.4.28-2ubuntu1 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: cdb1fd883f006c03e5821eef8df27983aa058eea

New changelog entries:
  * Merge from debian unstable. Remaining changes:
    - debian/control:
      + libgamin-dev rather than libfam-dev to fix startup warning.
      + debhelper Build-depends bumped to (>= 7.0.50) for
        overrides in rules file.
    - debian/index.html: s/Debian/Ubuntu/g branding on the default page.
    - Added a UFW profile set:
      + debian/lighttpd.dirs: added etc/ufw/applications.d
      + debian/rules: install the ufw profile.
      + debian/control: Suggests on ufw.
    - Add lighttpd-dev package:
      + debian/control: Added lighttpd-dev package; Build-depends on
        automake, libtool
      + debian/lighttpd-dev.install: Added.
    - debian/rules:
      + Add override_dh_installinit to set "defaults 91 09" to not start
        before apache2 but in the same runlevel with the same priority.
    - debian/patches/build-dev-package.patch: Updated
    - debian/lighttpd.conf: Comment 'use-ipv6.pl' by default, which causes
      failure to bind port in ipv4 (LP: #551211)

Author: David Sugar
Author Date: 2010-07-15 17:50:35 UTC

Import patches-applied version 1.4.26-3ubuntu2 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 2113eadaa64fdc4810a802af10eacd8dae8bc142
Unapplied parent: 7e3e541bd602c574f1f5fc7d4bdc4ad44c8be7f3

New changelog entries:
  * syntax_check function defined in init script. (LP: #600767)

Author: David Sugar
Author Date: 2010-07-15 17:50:35 UTC

Import patches-unapplied version 1.4.26-3ubuntu2 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 332eaefa28d57bcb369c78c973fe3858123f5fe9

New changelog entries:
  * syntax_check function defined in init script. (LP: #600767)

Author: Chuck Short
Author Date: 2010-04-06 10:12:07 UTC

Import patches-applied version 1.4.26-1.1ubuntu3 to applied/ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 23d9998a774a19ce69a8675a0d3753dc357f478c
Unapplied parent: 01d9b94158f885e54ccaa473ec5901919e0054d1

New changelog entries:
  * debian/control: Rebuild for libmysqlclient transition.

Author: Chuck Short
Author Date: 2010-04-06 10:12:07 UTC

Import patches-unapplied version 1.4.26-1.1ubuntu3 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 5a184500e86d008f8b718152dd54034b12bdeb93

New changelog entries:
  * debian/control: Rebuild for libmysqlclient transition.

Author: João Pinto
Author Date: 2009-10-10 00:08:19 UTC

Import patches-applied version 1.4.22-1ubuntu4 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: c842806e31145f4444265c12e94412f2b1ee8ac5
Unapplied parent: e949c943f040aad162b6b86408bb5983d1a2b196

New changelog entries:
  * Fix FTBFS, replaced automake with automake1.10 on Build-Depends
    (LP #447672)

Author: João Pinto
Author Date: 2009-10-10 00:08:19 UTC

Import patches-unapplied version 1.4.22-1ubuntu4 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 380dabb7386d233d0e67f4e415fc1d7438eaa8e8

New changelog entries:
  * Fix FTBFS, replaced automake with automake1.10 on Build-Depends
    (LP #447672)

Author: João Pinto
Author Date: 2009-10-10 00:08:19 UTC

Import patches-unapplied version 1.4.22-1ubuntu4 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 380dabb7386d233d0e67f4e415fc1d7438eaa8e8

New changelog entries:
  * Fix FTBFS, replaced automake with automake1.10 on Build-Depends
    (LP #447672)

Author: João Pinto
Author Date: 2009-10-10 00:08:19 UTC

Import patches-applied version 1.4.22-1ubuntu4 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: c842806e31145f4444265c12e94412f2b1ee8ac5
Unapplied parent: e949c943f040aad162b6b86408bb5983d1a2b196

New changelog entries:
  * Fix FTBFS, replaced automake with automake1.10 on Build-Depends
    (LP #447672)

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-applied version 1.4.19-0ubuntu3.1 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 68b5507395bff44c809a93fc12bfb7efa4abc09e
Unapplied parent: 914356e005b28058db5f91d2d54b239d6d3191c9

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-unapplied version 1.4.19-0ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: ae3e0066c2d49e8b04d4468d282ae91b4286430c

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-applied version 1.4.19-0ubuntu3.1 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 68b5507395bff44c809a93fc12bfb7efa4abc09e
Unapplied parent: 914356e005b28058db5f91d2d54b239d6d3191c9

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-unapplied version 1.4.19-0ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: ae3e0066c2d49e8b04d4468d282ae91b4286430c

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-unapplied version 1.4.19-0ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: ae3e0066c2d49e8b04d4468d282ae91b4286430c

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Marcin Gibula
Author Date: 2009-03-04 12:42:05 UTC

Import patches-applied version 1.4.19-0ubuntu3.1 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 68b5507395bff44c809a93fc12bfb7efa4abc09e
Unapplied parent: 914356e005b28058db5f91d2d54b239d6d3191c9

New changelog entries:
  * SECURITY UPDATE: (LP: #279490)
   + debian/patches/93_CVE-2008-4298.dpatch
    - Fix memory leak in request header handling
   + debian/patches/95_CVE-2008-4360.dpatch
    - Fix mod_userdir information disclosure
  * References
   + https://bugs.launchpad.net/bugs/cve/2008-4298
   + https://bugs.launchpad.net/bugs/cve/2008-4360

Author: Daniel Hahler
Author Date: 2009-03-17 21:36:05 UTC

Import patches-unapplied version 1.4.19-5ubuntu7 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 7281b15844589660824d5c2e29cc59755f39fa4b

New changelog entries:
  * debian/index.html: do not point to edge.launchpad.net
    (LP: #302845)
  * Fix documentation reference to virtual hosting by referring
    to mod_simple_vhost (LP: #247271)
    - debian/patches/fix-conf-doc.patch

Author: Daniel Hahler
Author Date: 2009-03-17 21:36:05 UTC

Import patches-unapplied version 1.4.19-5ubuntu7 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 7281b15844589660824d5c2e29cc59755f39fa4b

New changelog entries:
  * debian/index.html: do not point to edge.launchpad.net
    (LP: #302845)
  * Fix documentation reference to virtual hosting by referring
    to mod_simple_vhost (LP: #247271)
    - debian/patches/fix-conf-doc.patch

Author: Daniel Hahler
Author Date: 2009-03-17 21:36:05 UTC

Import patches-applied version 1.4.19-5ubuntu7 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 3fd0b45ed1ab4280b02e4ed159f7ab7e4f95fd82
Unapplied parent: 111c0b4d46d9cfa4d22313c040878643a9f45a8a

New changelog entries:
  * debian/index.html: do not point to edge.launchpad.net
    (LP: #302845)
  * Fix documentation reference to virtual hosting by referring
    to mod_simple_vhost (LP: #247271)
    - debian/patches/fix-conf-doc.patch

Author: Daniel Hahler
Author Date: 2009-03-17 21:36:05 UTC

Import patches-applied version 1.4.19-5ubuntu7 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 3fd0b45ed1ab4280b02e4ed159f7ab7e4f95fd82
Unapplied parent: 111c0b4d46d9cfa4d22313c040878643a9f45a8a

New changelog entries:
  * debian/index.html: do not point to edge.launchpad.net
    (LP: #302845)
  * Fix documentation reference to virtual hosting by referring
    to mod_simple_vhost (LP: #247271)
    - debian/patches/fix-conf-doc.patch

Author: Andres Rodriguez
Author Date: 2008-07-25 16:47:48 UTC

Import patches-unapplied version 1.4.19-4ubuntu2 to ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: 64f02ec63f178110bc16b196744801c0bef88169

New changelog entries:
  * debian/control: Depend on lsb >= 3.2-14, which has the
    status_of_proc() function.
  * debian/init.d: Add the 'status' action (LP: #251924).

Author: Andres Rodriguez
Author Date: 2008-07-25 16:47:48 UTC

Import patches-applied version 1.4.19-4ubuntu2 to applied/ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: ea9434ca93db48934f7b7642240f98ba47781aa7
Unapplied parent: 049a2f472962d179e0de569f2fe3298c745fefa5

New changelog entries:
  * debian/control: Depend on lsb >= 3.2-14, which has the
    status_of_proc() function.
  * debian/init.d: Add the 'status' action (LP: #251924).

Author: Andres Rodriguez
Author Date: 2008-07-25 16:47:48 UTC

Import patches-applied version 1.4.19-4ubuntu2 to applied/ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: ea9434ca93db48934f7b7642240f98ba47781aa7
Unapplied parent: 049a2f472962d179e0de569f2fe3298c745fefa5

New changelog entries:
  * debian/control: Depend on lsb >= 3.2-14, which has the
    status_of_proc() function.
  * debian/init.d: Add the 'status' action (LP: #251924).

Author: Andres Rodriguez
Author Date: 2008-07-25 16:47:48 UTC

Import patches-unapplied version 1.4.19-4ubuntu2 to ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: 64f02ec63f178110bc16b196744801c0bef88169

New changelog entries:
  * debian/control: Depend on lsb >= 3.2-14, which has the
    status_of_proc() function.
  * debian/init.d: Add the 'status' action (LP: #251924).

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-unapplied version 1.4.13~r1370-1ubuntu1.7 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 911d4fd0059c2ad659b96aec7d768aa94f3efc56

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-applied version 1.4.13-9ubuntu4.6 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d0ed48ec3a5919d7c6cba9c3d2093ec8958ce53b
Unapplied parent: 26afdfe5abe4757acbf140db3b616362b106c74e

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-applied version 1.4.13-9ubuntu4.6 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d0ed48ec3a5919d7c6cba9c3d2093ec8958ce53b
Unapplied parent: 26afdfe5abe4757acbf140db3b616362b106c74e

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-unapplied version 1.4.18-1ubuntu1.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 14e12ba17dde400534d6ea6cccaae4dd59268b30

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-unapplied version 1.4.18-1ubuntu1.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 14e12ba17dde400534d6ea6cccaae4dd59268b30

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-applied version 1.4.13~r1370-1ubuntu1.7 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 668933803178ffc56a672c2dd787e06693b657af
Unapplied parent: 65e897b19f2abb6a6c3586cc5164efff9eb13483

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-applied version 1.4.13~r1370-1ubuntu1.7 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 668933803178ffc56a672c2dd787e06693b657af
Unapplied parent: 65e897b19f2abb6a6c3586cc5164efff9eb13483

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-unapplied version 1.4.13-9ubuntu4.6 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c022ef5795b6ef541bf6478f84024f86d464309b

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-unapplied version 1.4.13~r1370-1ubuntu1.7 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 911d4fd0059c2ad659b96aec7d768aa94f3efc56

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-unapplied version 1.4.13~r1370-1ubuntu1.7 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 911d4fd0059c2ad659b96aec7d768aa94f3efc56

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-applied version 1.4.18-1ubuntu1.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: d0041d0c23035ea95af5daf640189c35e3369b3e
Unapplied parent: 1d9f0b5493f7c84d40445cfd332ef973a3b5767c

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-unapplied version 1.4.13-9ubuntu4.6 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c022ef5795b6ef541bf6478f84024f86d464309b

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-unapplied version 1.4.13-9ubuntu4.6 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: c022ef5795b6ef541bf6478f84024f86d464309b

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-applied version 1.4.18-1ubuntu1.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: d0041d0c23035ea95af5daf640189c35e3369b3e
Unapplied parent: 1d9f0b5493f7c84d40445cfd332ef973a3b5767c

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-applied version 1.4.18-1ubuntu1.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: d0041d0c23035ea95af5daf640189c35e3369b3e
Unapplied parent: 1d9f0b5493f7c84d40445cfd332ef973a3b5767c

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 01:39:14 UTC

Import patches-unapplied version 1.4.18-1ubuntu1.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 14e12ba17dde400534d6ea6cccaae4dd59268b30

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-07 17:45:59 UTC

Import patches-applied version 1.4.13~r1370-1ubuntu1.7 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 668933803178ffc56a672c2dd787e06693b657af
Unapplied parent: 65e897b19f2abb6a6c3586cc5164efff9eb13483

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-06 21:55:30 UTC

Import patches-applied version 1.4.13-9ubuntu4.6 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d0ed48ec3a5919d7c6cba9c3d2093ec8958ce53b
Unapplied parent: 26afdfe5abe4757acbf140db3b616362b106c74e

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/91_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-05 22:09:12 UTC

Import patches-unapplied version 1.4.19-0ubuntu3 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: b3e7be4256a958c9f0ce6262bcc72297816ee1ec

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/92_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-04-05 22:09:12 UTC

Import patches-applied version 1.4.19-0ubuntu3 to applied/ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 74524032bb10affae927bb7863b10366f175d3e0
Unapplied parent: ae3e0066c2d49e8b04d4468d282ae91b4286430c

New changelog entries:
  * SECURITY UPDATE: (LP: #209627)
   + debian/patches/92_CVE-2008-1531.dpatch
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
      of service (active SSL connection loss) by triggering an SSL error,
      such as disconnecting before a download has finished, which causes
      all active SSL connections to be lost.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
   + http://trac.lighttpd.net/trac/changeset/2136
   + http://trac.lighttpd.net/trac/changeset/2139

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-applied version 1.4.11-3ubuntu3.8 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: f90352ff4e044d475d30340dab4ada9669358915
Unapplied parent: 73b28144c05891b077ad9d7f49542f821efcb9b9

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-unapplied version 1.4.11-3ubuntu3.8 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b925f96284189945c1a324deff75153edd7ae223

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-unapplied version 1.4.11-3ubuntu3.8 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b925f96284189945c1a324deff75153edd7ae223

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-unapplied version 1.4.11-3ubuntu3.8 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: b925f96284189945c1a324deff75153edd7ae223

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-applied version 1.4.11-3ubuntu3.8 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: f90352ff4e044d475d30340dab4ada9669358915
Unapplied parent: 73b28144c05891b077ad9d7f49542f821efcb9b9

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Emanuele Gentili
Author Date: 2008-03-11 14:03:17 UTC

Import patches-applied version 1.4.11-3ubuntu3.8 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: f90352ff4e044d475d30340dab4ada9669358915
Unapplied parent: 73b28144c05891b077ad9d7f49542f821efcb9b9

New changelog entries:
  * SECURITY UPDATE: (LP: #200987)
   + debian/patches/91_CVE-2008-1270.dpatch
    - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
      uses a default of $HOME, which might allow remote attackers to read arbitrary
      files, as demonstrated by accessing the ~nobody directory.
  * References
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
   + http://trac.lighttpd.net/trac/ticket/1587
   + http://trac.lighttpd.net/trac/changeset/2120

Author: Soren Hansen
Author Date: 2007-09-12 12:02:31 UTC

Import patches-applied version 1.4.18-1ubuntu1 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 93e0786375fee21ad34c3eb6f590b170298ac463
Unapplied parent: d2a1038457f99171d9c5d4ac2b9534d132381472

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - Update maintainer field in debian/control.
    - Build against libgamin-dev rather than libfam-dev (fixes a warning
      during startup)
    - Make sure that upgrades succeed, even if we can't restart lighttpd.
    - Clean environment in init.d script.
  * New upstream release, fixes CVE-2007-4727 (closes: #441787)
  * lighttpd-angel is installed but not used yet

Author: Soren Hansen
Author Date: 2007-09-12 12:02:31 UTC

Import patches-unapplied version 1.4.18-1ubuntu1 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: e616f845a857f51a643059fc4b58ecb1c691039b

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - Update maintainer field in debian/control.
    - Build against libgamin-dev rather than libfam-dev (fixes a warning
      during startup)
    - Make sure that upgrades succeed, even if we can't restart lighttpd.
    - Clean environment in init.d script.
  * New upstream release, fixes CVE-2007-4727 (closes: #441787)
  * lighttpd-angel is installed but not used yet

Author: Scott Kitterman
Author Date: 2007-04-24 16:04:01 UTC

Import patches-unapplied version 1.4.11-3ubuntu3.2 to ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: 7b9213f9a0b49e72578f910eccfdd511171939ed

New changelog entries:
  * Added relevant security fix from 1.4.14 (Closes LP: #107628)
    - DOS with files with mtime 0 (CVE-2007-1870)
       security_zero_mtime_crash

Author: Scott Kitterman
Author Date: 2007-04-24 16:04:01 UTC

Import patches-applied version 1.4.11-3ubuntu3.2 to applied/ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: e9f90eeeac3d032c059273dfb6bc1e08d490487b
Unapplied parent: 2faffdd597295e4785a1459a4d240250ac7f6b3f

New changelog entries:
  * Added relevant security fix from 1.4.14 (Closes LP: #107628)
    - DOS with files with mtime 0 (CVE-2007-1870)
       security_zero_mtime_crash

Author: Lukas Fittl
Author Date: 2007-04-14 03:26:10 UTC

Import patches-applied version 1.4.13-9ubuntu4 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 971b4fea269b5bcb28aea9e6a9aef847ea195a98
Unapplied parent: b55e070e4c34d6a910f308e54ad9377066258c2f

New changelog entries:
  * Added LDAP connection leak fix from Debian (Bug: #413917)
    - debian/patches/03_ldap_leak_bugfix.dpatch
  * Added security fixes from 1.4.14 (Closes LP: #106416)
    - Remote DOS in CRLF parsing (CVE-2007-1869)
       debian/patches/04_security_crlf_parsing_dos.dpatch
    - DOS with files with mtime 0 (CVE-2007-1870)
       debian/patches/05_security_zero_mtime_crash.dpatch

Author: Lukas Fittl
Author Date: 2007-04-14 03:26:10 UTC

Import patches-unapplied version 1.4.13-9ubuntu4 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 63470d3fff4f25d17167b28e7cfa792a7d86059c

New changelog entries:
  * Added LDAP connection leak fix from Debian (Bug: #413917)
    - debian/patches/03_ldap_leak_bugfix.dpatch
  * Added security fixes from 1.4.14 (Closes LP: #106416)
    - Remote DOS in CRLF parsing (CVE-2007-1869)
       debian/patches/04_security_crlf_parsing_dos.dpatch
    - DOS with files with mtime 0 (CVE-2007-1870)
       debian/patches/05_security_zero_mtime_crash.dpatch

Author: Lukas Fittl
Author Date: 2006-10-10 11:57:38 UTC

Import patches-applied version 1.4.13~r1370-1ubuntu1 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 56b79bd0b5385c39e3b7899e013086f22752d353
Unapplied parent: ac9d9d05a580639e973b392263d10d9fbb4d9337

New changelog entries:
  * Merge from Debian unstable (Closes: Malone #64900). Remaining changes:
    - Add an additional dependency on libterm-readline-perl-perl
      (Malone #43895)
  * New upstream release (closes: #390877) (closes: #389911)
  * Compiled with --with-attr param (closes: #389712)
  * dropped 01-lua5.1.dpatch, issue fixed by upstream
  * New upstream release
  * fixes in debian/lighttpd.install (closes: #377802)
  * mod_cml is deprecated from now on and it will be removed in 1.5.0
    mod_magnet provides the same functionality and more with a
    cleaner syntax and in a more generic form
  * added separate module for mod_magnet (closes: #389578)
  * changed dependency from lua-5.0 to lua-5.1
  * added patch patches/01-lua5.1.dpatch
  * added pkg-config to Build-Depends

Author: Lukas Fittl
Author Date: 2006-10-10 11:57:38 UTC

Import patches-unapplied version 1.4.13~r1370-1ubuntu1 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 476df775a9df4a1faffdd3daded711d32d1a152c

New changelog entries:
  * Merge from Debian unstable (Closes: Malone #64900). Remaining changes:
    - Add an additional dependency on libterm-readline-perl-perl
      (Malone #43895)
  * New upstream release (closes: #390877) (closes: #389911)
  * Compiled with --with-attr param (closes: #389712)
  * dropped 01-lua5.1.dpatch, issue fixed by upstream
  * New upstream release
  * fixes in debian/lighttpd.install (closes: #377802)
  * mod_cml is deprecated from now on and it will be removed in 1.5.0
    mod_magnet provides the same functionality and more with a
    cleaner syntax and in a more generic form
  * added separate module for mod_magnet (closes: #389578)
  * changed dependency from lua-5.0 to lua-5.1
  * added patch patches/01-lua5.1.dpatch
  * added pkg-config to Build-Depends

Author: Chuck Short
Author Date: 2006-05-10 22:11:24 UTC

Import patches-unapplied version 1.4.11-3ubuntu3 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 02fa5dbf4bb2d3605405eb6d5188ccc4a5c3a7c9

New changelog entries:
  * debian/control
    + Added depends on libterm-readline-perl-perl. (Closes: Malone #43895)

Author: Chuck Short
Author Date: 2006-05-10 22:11:24 UTC

Import patches-applied version 1.4.11-3ubuntu3 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: d87a0ceae5bff6f1e16dc64616fbab4a9e303ae0
Unapplied parent: 8170947f5134af5ecfea7d588c0df73fcab2adab

New changelog entries:
  * debian/control
    + Added depends on libterm-readline-perl-perl. (Closes: Malone #43895)