lp:ubuntu/wily/commons-httpclient
- Get this branch:
- bzr branch lp:ubuntu/wily/commons-httpclient
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 15. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via failure to set socket timeout
- debian/patches/ CVE-2015- 5262.patch: respect configured timeout in
src/java/org/ apache/ commons/ httpclient/ protocol/ SSLProtocolSock etFactory. java.
- CVE-2015-5262 - 14. By Markus Koschany
-
* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
It was found that the fix for CVE-2012-6153 was incomplete: the code added
to check that the server hostname matches the domain name in a subject's
Common Name (CN) field in X.509 certificates was flawed. A
man-in-the-middle attacker could use this flaw to spoof an SSL server using
a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
intended to address the incomplete patch for CVE-2012-5783. The issue is
now completely resolved by applying this patch and the
06_fix_CVE-2012- 5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
commons-httpclient will not compile with this patch. - 13. By Alberto Fernández
-
* Non-maintainer upload.
* Fix CVE-2012-5783 (Closes: #692442)
* Fix CN extraction from DN of X500 principal.
* Fix wildcard validation on ssl connections - 10. By Torsten Werner
-
[ Damien Raude-Morvan ]
* Remove Arnaud Vandyck from Uploaders
* d/control: Drop Depends on any JRE as a Java library don't need to
depends on a runtime (Java Policy)[ Torsten Werner ]
* Switch to source format 3.0.
* Update Standards-Version: 3.9.1.
* Remove Barry from Uploaders list. - 9. By Damien Raude-Morvan
-
* Add myself to Uploaders
* Use quilt as patch system
- Build-Depends on quilt
- Add debian/README. source
- Use CDBS patchsys-quilt.mk
* New debian/patches/ 05_osgi_ metadata. diff to include OSGi metadata
in JAR (Closes: #558182) - 8. By Onkar Shinde
-
[Damien Raude-Morvan]
* Fix debian/watch: use http://www.apache. org/dist/ [Onkar Shinde]
* debian/patches/ 04_fix_ classpath. patch
- Add appropriate jar files in classpath using manifest attribute.
(LP: #459251)
* debian/ant.properties
- Add properties to set target JVM version 1.4. - 7. By Torsten Werner
-
* Add myself to Uploaders.
* Revert change from last upload:
- Don't map version of commons-httpclient explicitly.
(Closes: #551126, #551214, #551217, #551218, #551221, #551224, #551226,
#551227, #551231, #551242) - 6. By Varun Hiremath
-
* Convert to default-jdk/jre (Closes: #508949)
* Bump Standards-Version to 3.8.1
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)