lp:debian/lighttpd
- Get this branch:
- bzr branch lp:debian/lighttpd
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 37. By Michael Gilbert <email address hidden>
-
* New upstream release.
- Log file injection issue CVE-2015-3200 fixed (closes: #787132).
* Add a debian/clean file.
* Drop upstreamed patches.
* Add upstream signing key.
* Update standards version.
* Apply the non-maintainer upload. - 36. By gregor herrmann
-
* Non-maintainer upload.
* Fix "FTBFS with perl 5.22: test failures (CGI.pm)":
Add build dependency on libcgi-pm-perl.
CGI.pm was deprecated in Perl 5.19.x and removed in 5.21.x which makes the
explicit build dependency necessary.
(Closes: #789856) - 34. By Michael Gilbert <email address hidden>
-
* Support building with dpkg-buildpackage -g.
* Drop libmemcache-dev build-dependency (closes: #748809). - 33. By Michael Gilbert <email address hidden>
-
* Fix a spelling error.
* Add a lintian override.
* Make VCS field canonical.
* Add myself to the uploaders.
* Use dh-autoreconf (closes: #726394, #731104).
* Disable indeterminant test on kfreebsd (closes: #731074). - 32. By Arno Töll <email address hidden>
-
* New upstream version (fixes CVE-2014-2323, CVE-2014-2324)
+ Delete patches: cve-2013-4508.patch, cve-2013- 4559.patch,
cve-2013-4560. patch. Those are all cumulative included since
lighttpd 1.4.34
* Acknowledge NMUs by the security team
* Make the init script wait until lighttpd really terminates.
* Change the default document root /var/www/html (Closes: #730379), add a
Lintian override for it
* Bump the debhelper dependency to >= 9.20130624 to ensure dh_installinit is
recent enough for systemd (Closes: #713860)
* Reorder LSB init dependencies, add $local_fs to it
* Add hardening flags to lighttpd. Thanks to Michael Gilbert
for providing a patch (Closes: #741497)
* Remove W3C logo from index.html to avoid inclusion of images hosted
elsewhere
* Push standards version to 3.9.5 (no changes needed). - 31. By Michael Gilbert <email address hidden>
-
* Non-maintainer upload by the Security Team (closes: #741493).
* Fix cve-2014-2323: mod_mysql_vhost SQL injection.
* Fix cve-2014-2334: traversal through paths involving "[...]". - 30. By Michael Gilbert <email address hidden>
-
* Non-maintainer upload by the Security Team.
* Fix regression caused by the fix for cve-2013-4508 (closes: #729480). - 29. By Michael Gilbert <email address hidden>
-
* Non-maintainer upload by the Security Team (closes: #729453).
* Fix cve-2013-4508: ssl cipher suites issue.
* Fix cve-2013-4559: setuid privilege escalation issue.
* Fix cve-2013-4560: use-after-free in fam. - 28. By Arno Töll <email address hidden>
-
* Drop the connection-
dos.patch - merged upstream.
* Fix "mod_extforward missing configuration file": ship requested
configuration file (Closes: #697304)
* Remove access.conf, an obsolete conffiles as we should have done since
2010 (Closes: #703215)
* Push debhelper's compat mode to 9, the use of maintscript helper requires
8.1 so we had to push the debhelper b-d anyway.
* Fix "config.guess/config. sub out of date for arm64" by adding the patch
provided by Colin Watson. Thanks (Closes: #726394).
* Fix "[PATCH] use dh-systemd for proper systemd-related maintscripts" to
add systemd support. Thanks to Michael Stapelberg (Closes: #713859)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/squeeze/lighttpd