serf 1.3.3-1ubuntu0.1 source package in Ubuntu
Changelog
serf (1.3.3-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: cert spoofing via NUL characters in CommonName and
SubjectAltNames
- debian/patches/CVE-2014-3504.patch: escape null bytes in
buckets/ssl_buckets.c.
- CVE-2014-3504
* Fix FTBFS because of expired test certs:
- debian/patches/expired_certs.patch: switch to test certs from serf
1.3.6.
- debian/source/format: switch to 3.0 (quilt) so we can handle the
binary cert file
- debian/source/include-binaries: include binary cert file from 1.3.6.
-- Marc Deslauriers <email address hidden> Thu, 14 Aug 2014 09:47:32 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Trusty | updates | main | libs | |
| Trusty | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| serf_1.3.3.orig.tar.gz | 177.3 KiB | 7a755925e4f491a858225ab97084fdd15b42fabdd2ad52820bd62871f729922e |
| serf_1.3.3-1ubuntu0.1.debian.tar.gz | 24.0 KiB | 123a1bec0a00a802f34ba9d1bf748b338e4826c72b97bdf9794dc173af64f4f1 |
| serf_1.3.3-1ubuntu0.1.dsc | 1.9 KiB | 2439cb2f4315dc19b17091920a599823948a69b7e2d3b02766562ba7ebfd5fe0 |
Available diffs
Binary packages built by this source
- libserf-1-1: high-performance asynchronous HTTP client library
serf library is a C-based HTTP client library built upon the Apache
Portable Runtime (APR) library. It multiplexes connections, running the
read/write communication asynchronously. Memory copies and
transformations are kept to a minimum to provide high performance
operation.
- libserf-dev: high-performance asynchronous HTTP client library headers
serf library is a C-based HTTP client library built upon the Apache
Portable Runtime (APR) library. It multiplexes connections, running the
read/write communication asynchronously. Memory copies and
transformations are kept to a minimum to provide high performance
operation.
.
This package contains development headers for serf.
- libserf1-dbg: high-performance asynchronous HTTP client library debugging symbols
serf library is a C-based HTTP client library built upon the Apache
Portable Runtime (APR) library. It multiplexes connections, running the
read/write communication asynchronously. Memory copies and
transformations are kept to a minimum to provide high performance
operation.
.
This package contains the debugging symbols for serf.
