ubuntu/+source/memcached:ubuntu/precise-security

Last commit made on 2016-11-02
Get this branch:
git clone -b ubuntu/precise-security https://git.launchpad.net/ubuntu/+source/memcached
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-security
Repository:
lp:ubuntu/+source/memcached

Recent commits

040276d... by Marc Deslauriers on 2016-11-02

Import patches-unapplied version 1.4.13-0ubuntu2.2 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 6dc6164d60fd33333c21c4a003c595ecc11dd803

New changelog entries:
  * SECURITY UPDATE: multiple integer overflow vulnerabilities
    - debian/patches/CVE-2016-870x.patch: check nbytes and nkey in items.c,
      properly handle lengths in memcached.c.
    - CVE-2016-8704
    - CVE-2016-8705
    - CVE-2016-8706

6dc6164... by Marc Deslauriers on 2014-01-07

Import patches-unapplied version 1.4.13-0ubuntu2.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 8408448a9d59de0eda9f653c2de0b75b2727bb77

New changelog entries:
  * SECURITY UPDATE: denial of service via large body length
    - debian/patches/CVE-2011-4971.patch: check length in memcached.c,
      added test to t/issue_192.t.
    - CVE-2011-4971
  * SECURITY UPDATE: denial of service when using -vv
    - debian/patches/CVE-2013-0179.patch: properly format key in items.c,
      memcached.c.
    - CVE-2013-0179
  * SECURITY UPDATE: SASL authentication bypass
    - debian/patches/CVE-2013-7239.patch: explicitly record sasl auth
      states in memcached.*, added test to t/binary-sasl.t.
    - CVE-2013-7239

8408448... by James Page on 2012-04-04

Import patches-unapplied version 1.4.13-0ubuntu2 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: a9c33830f73e8e15199b1eec2420424be03d484b

New changelog entries:
  * Fix FTBFS due to racey test case:
    - d/patches/50_fix_racey_test.patch: Cherry picked patch from
      upstream bug tracker which endeavours to avoid the race condition.
      Thanks to Clint Byrum for this fix.

a9c3383... by Clint Byrum on 2012-02-09

Import patches-unapplied version 1.4.13-0ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 371652a1b8fd1a30433df5bb973a219f7a649886

New changelog entries:
  * New upstream release.
  * Refreshed patches
  * d/p/50_add_init_retry.patch: use --retry to wait up to 5 seconds
    for memcached to die. (LP: #795673)
  * d/rules: run test suite on build (LP: #586632)

371652a... by Scott Kitterman on 2012-01-22

Import patches-unapplied version 1.4.11-0ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 42369a6590baa7e31fe894e6f42ccead125ae33e

New changelog entries:
  * New upstream release
    - Fix race condition issue introduced in 1.4.10
    - Multiple other bug fixes
    - Initial (beta - API may change) implementation of slab reassingment

42369a6... by Scott Kitterman on 2011-12-20

Import patches-unapplied version 1.4.10-0ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 55e60ed3c4ad31d3b38d7a79dd8b7247878732d7

New changelog entries:
  * New upstream release
    - Multiple bug fixes
    - General work on performance improvement
    - Improvements in speed between 3 and 6 worker threads

55e60ed... by Scott Kitterman on 2011-10-18

Import patches-unapplied version 1.4.9-0ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 1a404667cb4d0c377275b15436dd54a2de80d067

New changelog entries:
  * New upstream release
    - Drop debian/patches/04_fix_double_fork_in_start-memcached.patch since
      it is included in this release

1a40466... by Scott Kitterman on 2011-10-05

Import patches-unapplied version 1.4.7-0.1ubuntu1 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 5578f8d3aad80717a27ee4f07cb60a2ff25338dc

New changelog entries:
  * Merge from debian unstable. Remaining changes:
    - Run as 'memcache' user instead of nobody (LP #599461)
    - Depend on adduser for preinst/postrm
    - Create user in postinst

5578f8d... by Arno Töll <email address hidden> on 2011-09-15

Import patches-unapplied version 1.4.7-0.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d4ec5630479059e2678fdc72658750b3a36164de

New changelog entries:
  * Non-maintainer upload.
  * Refresh patches, keep all changed hunks except some changes in
    `01_init_script_additions.patch' untouched.
  * New upstream release. Closes:
    - "FTBFS: memcached.c:1023:16: error: dereferencing type-punned
      pointer will break strict-aliasing rules" (Closes: #618096)
    - "ftbfs with gcc-4.6 -Werror" (Closes: #625397)
    - "FTBFS with libevent 2.0 in experimental" This is actually a duplicate
      of #625397 above (Closes: #632764)
    - Fix "please package new upstream release" (Closes: #641059)
  * Fix "Fix FTBFS on hurd-i386" add proposed patch as
    `03_fix_ftbfs4hurd.patch'. Thanks Svante Signell (Closes: #637695)
  * Fix "initscript on restart ignore $ENABLE_MEMCACHED" Add a sanity check
    to the init script (Closes: #636496)
  * Fix "debian/watch doesn't work" Replace the watch file to match the new
    Google Code layout (taken from the sinntp package) (Closes: #641520)
  * Add `04_fix_double_fork_in_start-memcached.patch'. This patch causes the
    start-memcached script to correctly write its PIDFILE, which, in turn,
    allows the init script correct operations. This also fixes "status
    operation on init.d not working correctly (needs to pass $PIDFILE to
    status_of_proc)", however add the $PIDFILE argument additionally none-
    theless as suggested (Closes: #622281)

d4ec563... by David Martínez Moreno on 2010-05-12

Import patches-unapplied version 1.4.5-1 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 3956e901542830717d5f0aa6cb3d3f117cae4413

New changelog entries:
  * New upstream release. Main changes since 1.4.2 are:
    New features:
    - Support for SASL authentication.
    - New script damemtop - a memcached top.
    - Slab optimizations.
    - New stats, for reclaimed memory and SASL events.
    Bugs fixed:
    - Malicious input can crash server (CVE-2010-1152). Closes: #579913.
    - Fixed several problems with slab handling and growth.
    - Provide better error reporting.
    - Fix get stats accounting.
    - Fixed backwards compatibility with delete 0.
    - Documentation fixes.
    - Various build fixes, among others, fixed FTBFS with gcc-4.5 (closes:
      #565033).
  * Refreshed and renamed 01_init_script_compliant_with_LSB.patch.
  * Fixed lintian warnings by adding $remote_fs to init.d script.
  * Removed non-existent document (doc/memory_management.txt).
  * debian/control: Bumped Standards-Version to 3.8.4 (no changes).
  *