2007-07-24 11:35:03 |
Marco Rodrigues |
bug |
|
|
added bug |
2007-07-24 11:39:30 |
Marco Rodrigues |
bug |
|
|
added subscriber Ubuntu Sponsors for universe |
2007-07-24 13:23:18 |
John Dong |
feisty-backports: status |
New |
Confirmed |
|
2007-07-24 13:23:18 |
John Dong |
feisty-backports: statusexplanation |
|
Please test and ensure the package is functional. |
|
2007-07-24 17:42:11 |
Marco Rodrigues |
bug |
|
|
added subscriber Ubuntu Package Archive Administrators |
2007-07-25 13:33:15 |
Marco Rodrigues |
bug |
|
|
added subscriber Ubuntu Package Archive Administrators |
2007-07-25 18:14:35 |
Scott Kitterman |
feisty-backports: status |
Confirmed |
Won't Fix |
|
2007-07-25 18:14:35 |
Scott Kitterman |
feisty-backports: importance |
Undecided |
Wishlist |
|
2007-07-25 18:14:35 |
Scott Kitterman |
feisty-backports: statusexplanation |
Unsubscribing Ubuntu Universe Sponsors as there is no action needed from them on this bug report. |
Won't fixing until the oustanding security issues in the Feisty version are addressed. See bug #127718. Backports is not a work-around for the work of fixing stuff in *-security or *-updates that should be done there. |
|
2007-08-09 12:47:34 |
Marco Rodrigues |
description |
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 21 Jul 2007 01:40:36 +0200
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch
-- Lukas Fittl <lfittl@ubuntu.com> Sat, 14 Apr 2007 05:26:10 +0200 |
lighttpd (1.4.16-2ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes: (LP: #131224)
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Wed, 08 Aug 2007 13:24:21 +0200
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 21 Jul 2007 01:40:36 +0200
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch
-- Lukas Fittl <lfittl@ubuntu.com> Sat, 14 Apr 2007 05:26:10 +0200 |
|
2007-08-09 12:48:36 |
Marco Rodrigues |
title |
Please backport lighttpd v1.4.15 from Gutsy to Feisty |
Please backport lighttpd v1.4.16 from Gutsy to Feisty |
|
2007-08-09 13:12:39 |
Marco Rodrigues |
description |
lighttpd (1.4.16-2ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes: (LP: #131224)
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Wed, 08 Aug 2007 13:24:21 +0200
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 21 Jul 2007 01:40:36 +0200
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch
-- Lukas Fittl <lfittl@ubuntu.com> Sat, 14 Apr 2007 05:26:10 +0200 |
lighttpd (1.4.16-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 28 Jul 2007 20:33:22 +0200
lighttpd (1.4.16-1) unstable; urgency=low
* New upstream release (closes: #434546)
* Acknowledge NMU by Pierre Habouzit for CVE-2007-2841 (closes: #428368)
* Added static-file.exclude-extensions section to lighttpd.conf (closes: #408374)
* Fixed description of conf-available/10-fastcgi.conf (closes: #430469)
* Added mod_extforward to debian/lighttpd.install (closes: #434717)
* config.guess taken from upstream (closes: #419664)
* turn on compression (closes: #397514)
* debian/control: XS-Vcs-Svn header added
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Fri, 27 Jul 2007 10:32:51 +0200
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 21 Jul 2007 01:40:36 +0200
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
-- Pierre Habouzit <madcoder@debian.org> Fri, 20 Jul 2007 11:04:07 +0200
lighttpd (1.4.15-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- Add fam/gamin stat cache engine support
- Clean environment in init.d script
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl
- Make sure that upgrades succeed, even if we can't restart lighttpd
- DebianMaintainerField update
-- Soren Hansen <sh@linux2go.dk> Tue, 1 May 2007 13:15:59 +0200
lighttpd (1.4.15-1) unstable; urgency=low
* New upstream release (closes: #419131)
* 01_mod_fastcgi_missing_cleanup.dpatch is now in upstream so it's removed from
patches
* 04_pidfile_bugfix.dpatch is now in upstream so it's removed from patches
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Fri, 06 Apr 2007 11:24:54 +0200
lighttpd (1.4.13-10) unstable; urgency=medium
* 03_ldap_leak_bugfix.dpatch added from yann@pleiades.fr.eu.org (Yann Rouillard)
(closes: #413917)
* Lowered priority of index.lighttpd.html (closes: #397492)
* We don't need now check md5 sum of index.html since we provide our own
index.lighttpd.html (closes: #407794)
* 04_pidfile_bugfix.dpatch by Chris Webb <chris@arachsys.com> added - some fixes
with graceful restart
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Thu, 8 Mar 2007 22:18:42 +0100
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch
-- Lukas Fittl <lfittl@ubuntu.com> Sat, 14 Apr 2007 05:26:10 +0200 |
|
2007-08-09 14:49:17 |
Marco Rodrigues |
description |
lighttpd (1.4.16-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 28 Jul 2007 20:33:22 +0200
lighttpd (1.4.16-1) unstable; urgency=low
* New upstream release (closes: #434546)
* Acknowledge NMU by Pierre Habouzit for CVE-2007-2841 (closes: #428368)
* Added static-file.exclude-extensions section to lighttpd.conf (closes: #408374)
* Fixed description of conf-available/10-fastcgi.conf (closes: #430469)
* Added mod_extforward to debian/lighttpd.install (closes: #434717)
* config.guess taken from upstream (closes: #419664)
* turn on compression (closes: #397514)
* debian/control: XS-Vcs-Svn header added
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Fri, 27 Jul 2007 10:32:51 +0200
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
-- Michele Angrisano <micheleangrisano@ubuntu.com> Sat, 21 Jul 2007 01:40:36 +0200
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
-- Pierre Habouzit <madcoder@debian.org> Fri, 20 Jul 2007 11:04:07 +0200
lighttpd (1.4.15-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- Add fam/gamin stat cache engine support
- Clean environment in init.d script
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl
- Make sure that upgrades succeed, even if we can't restart lighttpd
- DebianMaintainerField update
-- Soren Hansen <sh@linux2go.dk> Tue, 1 May 2007 13:15:59 +0200
lighttpd (1.4.15-1) unstable; urgency=low
* New upstream release (closes: #419131)
* 01_mod_fastcgi_missing_cleanup.dpatch is now in upstream so it's removed from
patches
* 04_pidfile_bugfix.dpatch is now in upstream so it's removed from patches
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Fri, 06 Apr 2007 11:24:54 +0200
lighttpd (1.4.13-10) unstable; urgency=medium
* 03_ldap_leak_bugfix.dpatch added from yann@pleiades.fr.eu.org (Yann Rouillard)
(closes: #413917)
* Lowered priority of index.lighttpd.html (closes: #397492)
* We don't need now check md5 sum of index.html since we provide our own
index.lighttpd.html (closes: #407794)
* 04_pidfile_bugfix.dpatch by Chris Webb <chris@arachsys.com> added - some fixes
with graceful restart
-- Krzysztof Krzyzaniak (eloy) <eloy@debian.org> Thu, 8 Mar 2007 22:18:42 +0100
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch
-- Lukas Fittl <lfittl@ubuntu.com> Sat, 14 Apr 2007 05:26:10 +0200 |
lighttpd (1.4.16-2ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes: (LP: #131224)
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.16-2) unstable; urgency=low
.
* patches/04_ldap_build_filter_fix.dpatch: add patch from Peter Colberg to
fix first LDAP search that fails because of the filter being
uninitialized. (closes: #419661)
* Enable fam support (closes: #407820):
+ debian/rules: add --enable-fam configure flag.
+ debian/control: add libfam-dev to Build-Depends, and also wrap
build-dependencies to make diff more understandable.
* Enable support for kerberos (with openssl):
+ debian/rules; add --enable-kerberos5 configure flag.
+ debian/control: add libkrb5-dev to the Build-Depends.
* lighttpd.logrotate: redirect stderr to /dev/null as well to prevent
defunct processes (presumably due to full unread pipes/buffers)
(closes: #419992).
* debian/control: replace lighttpd dependency on perl with
libterm-readline-perl-perl as Readline.pm is needed for lighty-enable-mod
(closes: #435077).
* debian/control:
+ Add myself to uploaders (closes: #401575).
+ Drop Recommands on php5-cgi, there is absolutely no reason to have it,
or we would have to recommend ruby, python, lua, perl, .... and every
$language on earth to be fair. (closes: #435587).
* debian/conf-available/10-webdav.conf: add default configuration for webdav.
(closes: #406641).
* debian/conf-enabled: remove directory, it is already installed through
lighttpd.dirs.
* lighttpd.postinst, lighttpd.postrm, init.d: be sure there is a
/var/run/lighttpd owned by www-data:www-data, helpful to store locks and
things like that.
lighttpd (1.4.16-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.16-1) unstable; urgency=low
* New upstream release (closes: #434546)
* Acknowledge NMU by Pierre Habouzit for CVE-2007-2841 (closes: #428368)
* Added static-file.exclude-extensions section to lighttpd.conf (closes: #408374)
* Fixed description of conf-available/10-fastcgi.conf (closes: #430469)
* Added mod_extforward to debian/lighttpd.install (closes: #434717)
* config.guess taken from upstream (closes: #419664)
* turn on compression (closes: #397514)
* debian/control: XS-Vcs-Svn header added
lighttpd (1.4.15-1.1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable, remaining changes:
- Add fam/gamin stat cache engine support.
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl.
- Make sure that upgrades succeed, even if we can't restart lighttpd.
- Clean environment in init.d script.
- Update maintainer field in debian/control.
lighttpd (1.4.15-1.1) unstable; urgency=low
* Non-maintainer upload.
* add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
headers (Closes: 428368).
lighttpd (1.4.15-1ubuntu1) gutsy; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- Add fam/gamin stat cache engine support
- Clean environment in init.d script
- Replace Depends: on perl with Depends: on libterm-readline-perl-perl
- Make sure that upgrades succeed, even if we can't restart lighttpd
- DebianMaintainerField update
lighttpd (1.4.15-1) unstable; urgency=low
* New upstream release (closes: #419131)
* 01_mod_fastcgi_missing_cleanup.dpatch is now in upstream so it's removed from
patches
* 04_pidfile_bugfix.dpatch is now in upstream so it's removed from patches
lighttpd (1.4.13-10) unstable; urgency=medium
* 03_ldap_leak_bugfix.dpatch added from yann@pleiades.fr.eu.org (Yann Rouillard)
(closes: #413917)
* Lowered priority of index.lighttpd.html (closes: #397492)
* We don't need now check md5 sum of index.html since we provide our own
index.lighttpd.html (closes: #407794)
* 04_pidfile_bugfix.dpatch by Chris Webb <chris@arachsys.com> added - some fixes
with graceful restart
lighttpd (1.4.13-9ubuntu4) feisty; urgency=low
* Added LDAP connection leak fix from Debian (Bug: #413917)
- debian/patches/03_ldap_leak_bugfix.dpatch
* Added security fixes from 1.4.14 (Closes LP: #106416)
- Remote DOS in CRLF parsing (CVE-2007-1869)
debian/patches/04_security_crlf_parsing_dos.dpatch
- DOS with files with mtime 0 (CVE-2007-1870)
debian/patches/05_security_zero_mtime_crash.dpatch |
|
2007-08-09 15:03:50 |
Scott Kitterman |
feisty-backports: status |
Won't Fix |
Incomplete |
|
2007-08-09 15:03:50 |
Scott Kitterman |
feisty-backports: statusexplanation |
Won't fixing until the oustanding security issues in the Feisty version are addressed. See bug #127718. Backports is not a work-around for the work of fixing stuff in *-security or *-updates that should be done there. |
Security fixes for Feisty are tested, so I'll approve this once the most recent version is tested. |
|