lp:ubuntu/wily/commons-httpclient

Created by Ubuntu Package Importer on 2015-05-06 and last modified on 2015-10-01
Get this branch:
bzr branch lp:ubuntu/wily/commons-httpclient
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

15. By Marc Deslauriers on 2015-10-01

* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262

14. By Markus Koschany on 2015-03-23

* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
  It was found that the fix for CVE-2012-6153 was incomplete: the code added
  to check that the server hostname matches the domain name in a subject's
  Common Name (CN) field in X.509 certificates was flawed. A
  man-in-the-middle attacker could use this flaw to spoof an SSL server using
  a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
  intended to address the incomplete patch for CVE-2012-5783. The issue is
  now completely resolved by applying this patch and the
  06_fix_CVE-2012-5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
  commons-httpclient will not compile with this patch.

13. By Alberto Fernández on 2012-12-06

* Non-maintainer upload.
* Fix CVE-2012-5783 (Closes: #692442)
* Fix CN extraction from DN of X500 principal.
* Fix wildcard validation on ssl connections

12. By Alberto Fernández on 2012-12-05

* Non-maintainer upload.
* Fix CVE-2012-5783 (Closes: #692442)

11. By James Page on 2012-05-18

No-change rebuild with openjdk-7 as default-jdk.

10. By Torsten Werner on 2011-08-30

[ Damien Raude-Morvan ]
* Remove Arnaud Vandyck from Uploaders
* d/control: Drop Depends on any JRE as a Java library don't need to
  depends on a runtime (Java Policy)

[ Torsten Werner ]
* Switch to source format 3.0.
* Update Standards-Version: 3.9.1.
* Remove Barry from Uploaders list.

9. By Damien Raude-Morvan on 2009-11-29

* Add myself to Uploaders
* Use quilt as patch system
  - Build-Depends on quilt
  - Add debian/README.source
  - Use CDBS patchsys-quilt.mk
* New debian/patches/05_osgi_metadata.diff to include OSGi metadata
  in JAR (Closes: #558182)

8. By Onkar Shinde on 2009-11-05

[Damien Raude-Morvan]
* Fix debian/watch: use http://www.apache.org/dist/

[Onkar Shinde]
* debian/patches/04_fix_classpath.patch
  - Add appropriate jar files in classpath using manifest attribute.
    (LP: #459251)
* debian/ant.properties
  - Add properties to set target JVM version 1.4.

7. By Torsten Werner on 2009-10-17

* Add myself to Uploaders.
* Revert change from last upload:
  - Don't map version of commons-httpclient explicitly.
  (Closes: #551126, #551214, #551217, #551218, #551221, #551224, #551226,
  #551227, #551231, #551242)

6. By Varun Hiremath on 2009-05-07

* Convert to default-jdk/jre (Closes: #508949)
* Bump Standards-Version to 3.8.1

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers