ubuntu/+source/lighttpd:ubuntu/vivid-proposed

Last commit made on 2015-01-26
Get this branch:
git clone -b ubuntu/vivid-proposed https://git.launchpad.net/ubuntu/+source/lighttpd
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/vivid-proposed
Repository:
lp:ubuntu/+source/lighttpd

Recent commits

216289a... by Artur Rona on 2015-01-26

Import patches-unapplied version 1.4.35-4ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 736ace1bcd7378bf6cf5c0e9cbdc14d07387023d

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/add-lighttpd.pc-configure.patch:
      + Add lighttpd.pc to ac_config_files to fix FTBFS: make[3]:
        *** No rule to make target `lighttpd.pc', needed by `all-am'.
    - debian/patches/build-dev-package.patch,
      debian/control, debian/lighttpd-dev.install:
      + Add lighttpd-dev package.
    - debian/index.html:
      + Corrected BTS Ubuntu link and branding on the default page.
    - debian/lighttpd.conf:
      + Comment 'use-ipv6.pl' by default, which causes failure
        to bind port in ipv4.
    - debian/control:
      + Build-Depends on libgamin-dev rather than libfam-dev
        to fix startup warning.
    - debian/rules:
      + Add override_dh_installinit to set "defaults 91 09" to not
        start before apache2 but in the same runlevel with
        the same priority.
    - debian/lighttpd.dirs, debian/control, debian/rules,
      debian/lighttpd.ufw.profile:
      + Add the UFW profile.

736ace1... by Michael Gilbert <email address hidden> on 2014-11-02

Import patches-unapplied version 1.4.35-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 82c9d0c5245cfdb3a732464224c505c8bbf1391c

New changelog entries:
  * Disable SSLv3 by default (closes: #765702).

82c9d0c... by Michael Gilbert <email address hidden> on 2014-08-18

Import patches-unapplied version 1.4.35-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 94f3613af4c163d521ffee1253a2654e8a885ac8

New changelog entries:
  * Support building with dpkg-buildpackage -g.
  * Drop libmemcache-dev build-dependency (closes: #748809).

94f3613... by Michael Gilbert <email address hidden> on 2014-04-05

Import patches-unapplied version 1.4.35-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 505f827b1cddb886bb5feb564051f8c638853d48

New changelog entries:
  * Fix a spelling error.
  * Add a lintian override.
  * Make VCS field canonical.
  * Add myself to the uploaders.
  * Use dh-autoreconf (closes: #726394, #731104).
  * Disable indeterminant test on kfreebsd (closes: #731074).

505f827... by Arno Töll <email address hidden> on 2014-03-22

Import patches-unapplied version 1.4.35-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 864f08cae30215420da6273d6192f8615585cb47

New changelog entries:
  * New upstream version (fixes CVE-2014-2323, CVE-2014-2324)
    + Delete patches: cve-2013-4508.patch, cve-2013-4559.patch,
      cve-2013-4560.patch. Those are all cumulative included since
      lighttpd 1.4.34
  * Acknowledge NMUs by the security team
  * Make the init script wait until lighttpd really terminates.
  * Change the default document root /var/www/html (Closes: #730379), add a
    Lintian override for it
  * Bump the debhelper dependency to >= 9.20130624 to ensure dh_installinit is
    recent enough for systemd (Closes: #713860)
  * Reorder LSB init dependencies, add $local_fs to it
  * Add hardening flags to lighttpd. Thanks to Michael Gilbert
    for providing a patch (Closes: #741497)
  * Remove W3C logo from index.html to avoid inclusion of images hosted
    elsewhere
  * Push standards version to 3.9.5 (no changes needed).

864f08c... by Michael Gilbert <email address hidden> on 2013-11-16

Import patches-unapplied version 1.4.33-1+nmu2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cd65b33cb837e90019595e33326c2aa44f29a8ed

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix regression caused by the fix for cve-2013-4508 (closes: #729480).

cd65b33... by Michael Gilbert <email address hidden> on 2013-11-13

Import patches-unapplied version 1.4.33-1+nmu1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6d8f369bf9ee483872dbd71924441e3d7396535c

New changelog entries:
  * Non-maintainer upload by the Security Team (closes: #729453).
  * Fix cve-2013-4508: ssl cipher suites issue.
  * Fix cve-2013-4559: setuid privilege escalation issue.
  * Fix cve-2013-4560: use-after-free in fam.

6d8f369... by Arno Töll <email address hidden> on 2013-10-15

Import patches-unapplied version 1.4.33-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b28e5ecfc70d08df02e1da31a4f9cc425f5a67fe

New changelog entries:
  * Drop the connection-dos.patch - merged upstream.
  * Fix "mod_extforward missing configuration file": ship requested
    configuration file (Closes: #697304)
  * Remove access.conf, an obsolete conffiles as we should have done since
    2010 (Closes: #703215)
  * Push debhelper's compat mode to 9, the use of maintscript helper requires
    8.1 so we had to push the debhelper b-d anyway.
  * Fix "config.guess/config.sub out of date for arm64" by adding the patch
    provided by Colin Watson. Thanks (Closes: #726394).
  * Fix "[PATCH] use dh-systemd for proper systemd-related maintscripts" to
    add systemd support. Thanks to Michael Stapelberg (Closes: #713859)

b28e5ec... by Arno Töll <email address hidden> on 2013-03-14

Import patches-unapplied version 1.4.31-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 272ebda44fbd21c7f4a50c5d77195ab813da7332

New changelog entries:
  * CVE-2013-1427: Switch the socket path for PHP when using FastCGI. /tmp is
    world-writable which may cause security implications if an attacker
    manages to control /tmp/php.socket before the web server (re-)starts.
  * Switch VCS to git
  * Push standards version (no changes)

272ebda... by Arno Töll <email address hidden> on 2012-11-21

Import patches-unapplied version 1.4.31-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e28e8bdb263e7793f410e9fc944ef8ab18a9c1ba

New changelog entries:
  * Fix "configuration files refer to wrong path for documentation"
    by merging a patch supplied by Denis Laxalde <email address hidden>
    (Closes: #676641)
  * CVE-2012-5533: Fix Denial Of Service attacks against Lighttpd by sending
    faulty Connection headers