lp:ubuntu/precise-security/commons-httpclient

Created by Ubuntu Package Importer on 2015-10-14 and last modified on 2015-10-14
Get this branch:
bzr branch lp:ubuntu/precise-security/commons-httpclient
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

11. By Marc Deslauriers on 2015-10-01

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

10. By Torsten Werner on 2011-08-30

[ Damien Raude-Morvan ]
* Remove Arnaud Vandyck from Uploaders
* d/control: Drop Depends on any JRE as a Java library don't need to
  depends on a runtime (Java Policy)

[ Torsten Werner ]
* Switch to source format 3.0.
* Update Standards-Version: 3.9.1.
* Remove Barry from Uploaders list.

9. By Damien Raude-Morvan on 2009-11-29

* Add myself to Uploaders
* Use quilt as patch system
  - Build-Depends on quilt
  - Add debian/README.source
  - Use CDBS patchsys-quilt.mk
* New debian/patches/05_osgi_metadata.diff to include OSGi metadata
  in JAR (Closes: #558182)

8. By Onkar Shinde on 2009-11-05

[Damien Raude-Morvan]
* Fix debian/watch: use http://www.apache.org/dist/

[Onkar Shinde]
* debian/patches/04_fix_classpath.patch
  - Add appropriate jar files in classpath using manifest attribute.
    (LP: #459251)
* debian/ant.properties
  - Add properties to set target JVM version 1.4.

7. By Torsten Werner on 2009-10-17

* Add myself to Uploaders.
* Revert change from last upload:
  - Don't map version of commons-httpclient explicitly.
  (Closes: #551126, #551214, #551217, #551218, #551221, #551224, #551226,
  #551227, #551231, #551242)

6. By Varun Hiremath on 2009-05-07

* Convert to default-jdk/jre (Closes: #508949)
* Bump Standards-Version to 3.8.1

5. By Chris Cheney on 2008-12-17

* Merge from debian unstable, remaining changes:
  - default-java transition.

4. By Kumar Appaiah <email address hidden> on 2008-04-18

* debian/watch:
  + Update to reflect new upstream mirror structure.
    (Closes: #459995)
* debian/control:
  + Update my e-mail address to <email address hidden>.
  + Standards Version is now 3.7.3.
  + Use Vcs-Svn and Vcs-Browser in place of XS-Vcs-*.
  + Depend on ant 1.6.5 and above, instead of 1.6.5-1.

3. By Michael Meskes on 2006-09-15

* Non-maintainer upload.
* Bump debhelper Build-Depends to (>= 4.1.0) as required by cdbs'
  debhelper.mk
* Put the coppyright holders in debian/copyright
* Include the jar file in the package. (Closes: #381354)
* Only include one copy of the docs.
  done by James Westby <email address hidden> Mon, 14 Aug 2006 02:29:47 +0100

2. By Barry Hawkins <email address hidden> on 2005-11-25

* Provide non-version-specific symlink "commons-httpclient.jar" to
  commons-httpclient-2.0.2.jar per Debian Java Policy Section 2.4
  (Closes: 340308)
* Added additional doc-base entry to point to main section of
  Jakarta Commons HttpClient documentation in addition to the
  API Javadoc
* Maintainer email address updated for Barry Hawkins
* Upload sponsored by Petter Reinholdtsen

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/wily/commons-httpclient
This branch contains Public information 
Everyone can see this information.

Subscribers