ubuntu/+source/mono:ubuntu/hardy-security

Last commit made on 2009-08-26
Get this branch:
git clone -b ubuntu/hardy-security https://git.launchpad.net/ubuntu/+source/mono
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/hardy-security
Repository:
lp:ubuntu/+source/mono

Recent commits

daa7de0... by Marc Deslauriers on 2009-08-19

Import patches-unapplied version 1.2.6+dfsg-6ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: bb9e9acaadb7f74e5755e724f442a8dd44e8b4c2

New changelog entries:
  * SECURITY UPDATE: Multiple cross-site scripting vulnerabilities in
    the ASP.net class libraries (LP: #282952)
    - debian/patches/security_CVE-2008-3422.dpatch: properly encode and
      escape values in mcs/class/System.Web/System.Web.UI.HtmlControls/
      {HtmlControl,HtmlForm,HtmlInputButton,HtmlInputRadioButton,
      HtmlSelect}.cs, and add tests to mcs/class/System.Web/Test/
      System.Web.UI.HtmlControls/{HtmlImageTest,HtmlInputButtonTest,
      HtmlInputRadioButtonTest,HtmlSelectTest}.cs
    - CVE-2008-3422
  * SECURITY UPDATE: CRLF injection vulnerability in Sys.Web (LP: #282952)
    - debian/patches/security_CVE-2008-3906.dpatch: encode headers in
      mcs/class/System.Web/{System.Web/HttpResponseHeader.cs,
      System.Web.Configuration/HttpRuntimeConfig.cs}
    - CVE-2008-3906
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

bb9e9ac... by Sebastian Dröge on 2008-03-21

Import patches-unapplied version 1.2.6+dfsg-6ubuntu3 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: efc1c74e51b695307845399d0e12fd109456ccd0

New changelog entries:
  * debian/rules:
    + unexport CPPFLAGS because configure relies on them being unset
      to pass custom CPPFLAGS to boehm's configure.

efc1c74... by Sebastian Dröge on 2008-03-21

Import patches-unapplied version 1.2.6+dfsg-6ubuntu2 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: ff51aab58db9743bdb9b7fe042a7437ab6fb4570

New changelog entries:
  * debian/rules:
    + Put CFLAGS in "" to make the shell happy and fix the build.
    + Set default CFLAGS to -O2 -g.

ff51aab... by Sebastian Dröge on 2008-03-21

Import patches-unapplied version 1.2.6+dfsg-6ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: bdc09868ce52fe2a07b15cb6c53c8b0d984baa31

New changelog entries:
  * Sync with Debian:
    + Alternatives handling is in Debian now, for all other
      remaining changes see changelog of 1.2.6+dfsg-5ubuntu1.
  * debian/mono-mcs.postinst
    debian/mono-1.0-devel.postinst:
    + Moved alternatives handling for cli-sn, cli-resgen and cli-al from
      mono-mcs to mono-1.0-devel, as mono-1.0-devel ships those applications
      (since mono 1.2.6+dfsg-1). (Closes: #460513)
      This caused FTBS for different source packages that didn't explicitly
      build-depend on mono-mcs, thus urgency set to high.
      (Thanks to Laurent Bigonville <email address hidden> for the investigation)
  * debian/mono-utils.postint
    debian/mono-utils.postinst:
    + Fixed file name.
  * debian/control:
    + Added libmono-dev and pkg-config to recommends of mono-{1,2}.0-devel, as
      mkbundle(2) uses pkg-config and needs mono.pc.
  * debian/patches/ppc_disable_delegate_trampoline_optimization.dpatch
    debian/patches/ppc_fix_flushing_of_icache_r92014.dpatch
    + Replaced ppc_disable_delegate_trampoline_optimization with
      ppc_fix_flushing_of_icache_r92014, as that one fixes instead of
      workarounds the PPC SIGILL issue (taken from upstream's SVN).

bdc0986... by Laurent Bigonville on 2008-01-13

Import patches-unapplied version 1.2.6+dfsg-5ubuntu2 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: fc19b3beafb541ba021ef3407ca76124c58e01cc

New changelog entries:
  * Correctly install alternatives for mono-1.0-devel package (LP: #182509)

fc19b3b... by Emilio Pozuelo Monfort on 2008-01-09

Import patches-unapplied version 1.2.6+dfsg-5ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 73252850b6d6089004d1a085d2315f86379ff7dd

New changelog entries:
  * Merge with Debian, remaining Ubuntu changes:
    - debian/control:
      + Updated Maintainer Field.
      + Adjust Replaces for Ubuntu versions.
      + Added lpia to architectures. Sparc has been added in Debian.
      + Build-depend on libgda3-dev instead of libgda2-dev, since
        libgda2 is in universe.
    - debian/patches/dont_check_proc_self_exe.dpatch:
      + Comment out code that checks /proc/self/exe so that
        mono will function on the Live CD.
    - debian/rules:
      + Symlink doc directories to avoid duplicate files, and remove the doc
        directories on upgrade for the now symlinked doc directories.
    - debian/shlibs.local:
      + Remove libgda2, as it's in universe.
  * debian/rules:
    + Reverted the changed target dependecies, which caused no patches being
      applied anymore. Thus the fix_implicit_pointer_conversions patch for IA64
      is applied again. (Closes: #457868)
  * debian/patches/ppc_disable_delegate_trampoline_optimization.dpatch:
    + Disables delegate trampoline code for PPC, fixes instant SIGILL runtime
      crashes for every invoked application (as seen in PPC build logs of
      gtk-sharp2, gnome-sharp2 or beagle).
  * debian/patches/fix_threads.h.dpatch:
    + Don't include threads-type.h in threads.h and moved functions to the
      correct header, fixes compiling of OpenOffice.org's Mono bridge.
      (taken from upstream SVN revision 91687 + 91817)
  * debian/rules:
    + Make sure -j1 is passed to make, Mono's build system doesn't like -j > 1.
  * debian/rules:
    + Pass -D to cli.binfmt install call, makes it not failing on archs that
      are not listed in debian/control.
      (thanks to Emanuele Rocca <email address hidden> for the hint)
    + Enhanced "make distclean" error handling, making lintian happy.
  * debian/libmono-system-messaging{1,2}.0-cil.clideps-override
    debian/libmono--bytefx0.7.6.{1,2}-cil.clideps-override:
    + Added suggests libmono-winforms{1,2}.0-cil, doesn't make sense to pull in
      System.Windows.Forms for designer classes (which are only used by VS.NET)
  * debian/patches/fix_implicit_pointer_conversions.dpatch:
    + Fixed implicit pointer conversions by including a missing header, which
      caused FTBFS on IA64.
  * debian/control:
    + Added Homepage, Vcs-Svn and Vcs-Browser fields.
    + Updated Standards-Version to 3.7.3, no changes needed.
    + Changed Section of libmono-dev to libmono-dev.
    + Added Suggests (using cli:Suggests) fields for
      libmono-system-messaging{1,2}.0-cil and libmono-bytefx0.7.6.{1,2}-cil.
    + Use cli:Depends for libmono-bytefx0.7.6.{1,2}-cil instead of manual
      dependencies.
  * debian/NEWS:
    + Fixed typo and indention.
  * The "Welcome SPARC and S390 Users!" release
  * debian/mono-2.0-devel.install
    debian/mono-2.0-devel.manpages:
    + Added mconfig
  * debian/control:
    + Added sparc and s390 to Architecture fields. (Closes: #332511, #377584)
      (as the last 3 feature-releases of Mono were able to build on sparc, and
       upstream is getting sparc port contributions again, it should be safe
       to enable sparc now)
    + Added Replaces << mono-common 1.2.6+dfsg-2 to mono-2.0-devel, as
      /etc/mono/mconfig/ was moved to mono-2.0-devel.
  * debian/libmono-system{1,2}.0-cil.clideps-override:
    + Added suggests libmono-winforms{1,2}.0-cil, doesn't make sense to pull in
      System.Windows.Forms for designer classes (which are only used by VS.NET)
  * debian/patches/g_thread_init.dpatch:
    + Dropped, already applied upstream.

7325285... by Emilio Pozuelo Monfort on 2007-12-21

Import patches-unapplied version 1.2.6+dfsg-1ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 4fcb5c606abb4f1601c4f9e312b90ea2d588d9d4

New changelog entries:
  * Merge with Debian, remaining Ubuntu changes:
    - debian/control:
      + Updated Maintainer Field.
      + Adjust Replaces for Ubuntu versions.
      + Added sparc and lpia to architectures.
      + Build-depend on libgda3-dev instead of libgda2-dev.
    - debian/patches/dont_check_proc_self_exe.dpatch:
      + Comment out code that checks /proc/self/exe so that
        mono will function on the Live CD.
    - debian/rules:
      + Symlink doc directories to avoid duplicate files, and remove the doc
        directories on upgrade for the now symlinked doc directories.
    - debian/shlibs.local:
      + Remove libgda3-dev build dependency, as it's in universe.
  * DFSG version of Mono 1.2.6
    + Deleted mcs/class/System.Web.Extensions/System.Web.Script.Serialization/
      JSON/* as those source files are licensed under Creative Commons
      Attribution 2.5 which is not DFSG-free.
  * New upstream release
    + Invoking GetFields on emitted type doesn't crash anymore, as seen with
      nemerle. (Closes: #452585)
  * debian/rules:
    + Updated MONO_API to 1.2.6
    + Enabled moonlight support in configure call.
    + Removed all "rm debian/tmp/usr/lib/mono/gac/"... calls, instead list
      libraries explicitly in .install files.
      (this is pretty error prone when upstream introduces new libraries and
       the rm list became way too long)
    + Copy various 1.0 manpages to 2.0 manpages for missing 2.0 manpages.
    + Remove +dfsg part in upstream version detection (UPVERSION variable).
  * debian/control:
    + Added new packages (mono-mcs/gmcs needed to be split as some parts of the
      runtime relies on the compiler, like the XmlSerializer class):
      - mono-mcs was split to: mono-1.0-devel and mono-1.0-service.
        (monolinker.exe is now shipped part of mono-1.0-devel, Closes: #443833)
      - mono-gmcs was split to: mono-2.0-devel, mono-2.0-service and
        mono-xbuild.
      - mono-smcs, containing the new compiler for moonlight/silverlight
        applications.
      - libmono-corlib2.1-cil and libmono-system2.1-cil, containing the
        moonlight/silverlight runtime libraries.
      - libmono-db2-1.0-cil, containing IBM DB2 database connector.
      - libmono-mozilla0.1-cil, containing the WebControl implementation using
        the Mozilla engine.
      - libmono-i18n1.0-cil and libmono-i18n2.0-cil, containing I18N libraries
        with code page definitions, moved from libmono-corlib{1,2}.0-cil.
      - prj2make-sharp, upstream moved distribution of prj2make-sharp to Mono.
    + libmono-corlib{1,2}.0-cil recommends libmono-i18n{1,2}.0-cil now.
    + Removed mono and mono-devel meta packages, as they are not useful for
      anyone.
  * debian/dh_clideps:
    + Synced from cli-common 0.5.3, needed for CLI 2.1 support.
  * debian/patches/00list:
    + Disabled armel_fix_configure_fpu_check.dpatch
      (FPU check is fixed upstream)
  * debian/patches/kfreebsd_support.dpatch:
    + Updated (and re-autoconfed)
  * debian/patches/fix-mono.pc.in.dpatch:
    + Updated
  * debian/patches/ppc_fix_mono_class_proxy_vtable_r84948.dpatch:
    + Removed, already applied upstream.
  * debian/patches/fix_Mono.Cecil_linkage.dpatch:
    + Link Mono.Cecil(.Mdb) against CLI 1.0 instead of 2.0, patch taken from
      upstream.
  * debian/libmono1.0-cil.install:
    + Added Mono.Cecil.dll and Mono.Cecil.Mdb.dll.
  * debian/update-shlibs.local.sh:
    + Wrote this script to ease updating the debian/shlibs.local file.
  * debian/shlibs.local:
    + Updated

4fcb5c6... by Sebastian Dröge on 2007-11-19

Import patches-unapplied version 1.2.5.1-2ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 5cb3f20b76fe433bc6f2e581076c138853be1811

New changelog entries:
  [ Emilio Pozuelo Monfort ]
  * Merge with Debian, remaining Ubuntu changes:
    - debian/control:
      + Updated Maintainer Field.
      + Adjust Replaces for Ubuntu versions.
      + Added sparc and lpia to architectures.
      + Build-depend on libgda3-dev instead of libgda2-dev.
    - debian/patches/dont_check_proc_self_exe.dpatch:
      + Comment out code that checks /proc/self/exe so that
        mono will function on the Live CD.
    - debian/rules:
      + Symlink doc directories to avoid duplicate files, and remove the doc
        directories on upgrade for the now symlinked doc directories.
  [ Sebastian Dröge ]
  * debian/control,
    debian/shlibs.local:
    + Remove libgda3-dev build dependency, this only works with gda2 anyway.
      Put the gda2 shlibs into shlibs.local and suggest them for
      libmono-system-data[12].0-cil instead of depending on it.
  * Mirco 'meebey' Bauer:
    + debian/mono.runtime-script:
      - When removing GAC libraries, output the assembly name correctly on
        errors.
    + debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch:
      - Fixes CVE-2007-5197, thus urgency set to high.
  * Mirco 'meebey' Bauer:
    + New upstream (bugfix) release. (Closes: #443468)
    + debian/System.Windows.Forms.dll.config:
      - Added libX11 and libXcursor.
  * Mirco 'meebey' Bauer:
    + debian/patches/ppc_fix_mono_class_proxy_vtable_r84948.dpatch:
      - Fixes crash bug on PPC for all applications that use DBus,
        thus setting urgency to high. (Closes: #437452, #441795, #441879)
        (Thanks to Bram Senders <email address hidden> for testing the patch)
  * Sebastian 'slomo' Dröge:
    + debian/FirebirdSql.Data.Firebird.dll.config,
      debian/shlibs.local:
      - Use libfbclient2 instead of old and to be removed libfbclient1.
        Thanks to Damyan Ivanov <email address hidden> for the
        patch (Closes: #440850).
    + debian/changelog:
      - Use urgency=medium because of the RC bugfix.
  * Mirco 'meebey' Bauer:
    + New upstream release
    + debian/watch:
      - Updated
    + debian/rules:
      - Bumped MONO_API to 1.2.5
    + debian/patches/kfreebsd_support.dpatch
      debian/patches/armel_fix_configure_fpu_check.dpatch:
      - Updated (re-autoconfed)
      - Updated
    + debian/patches/ppc_fix_memory_corruption_r81413.dpatch:
      debian/patches/fix_delegate_memory_leak_r79001.dpatch
      debian/patches/remove_broken_dllmap_from_mono-shlib-cop.dpatch:
      - Removed, already applied upstream.
    + debian/mono-utils.install
      debian/mono-utils.manpages:
      - Removed monodiet as removed by upstream
    + debian/man/resgen.1:
      - Removed, supplied upstream.
    + debian/mono-mcs.manpages:
      - Added monolinker.1
      - Updated resgen.1
    + debian/mono-mcs.manpages
      debian/mono-mjs.manpages:
      - Moved mono-mjs.1 manpage to mono-mjs package.
    + debian/control:
      - Added "Replaces" for mono-mjs.1 move to mono-mjs package.

5cb3f20... by Matthias Klose on 2007-10-05

Import patches-unapplied version 1.2.4-6ubuntu6 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 5eb48e3dacdc0e656dce7c258cf901d4f70e905b

New changelog entries:
  * Explicitely remove the doc directories on upgrade for the now symlinked
    doc directories.

5eb48e3... by Matthias Klose on 2007-10-04

Import patches-unapplied version 1.2.4-6ubuntu5 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 93a565bff62e880fb20611780e1605a44bcdadd6

New changelog entries:
  * Symlink doc directories to avoid duplicate files.