[pkg-java] r10293 - trunk/jetty/debian

Niels Thykier nthykier-guest at alioth.debian.org
Sun Sep 6 15:53:51 UTC 2009


Author: nthykier-guest
Date: 2009-09-06 15:53:50 +0000 (Sun, 06 Sep 2009)
New Revision: 10293

Modified:
   trunk/jetty/debian/changelog
   trunk/jetty/debian/control
   trunk/jetty/debian/jetty.install
   trunk/jetty/debian/jetty.postinst
   trunk/jetty/debian/jetty.postrm
   trunk/jetty/debian/rules
Log:
jetty (6.1.20-1) UNRELEASED; urgency=low

  * New upstream release.
  * Stop using Build-Depends-Indep, since the policy and the build
    daemons disagree on when it should be used (Closes: #540861).
  * Corrected jetty.install to reflect the move of some license files
    in the source tree.
  * Bumped to Standard-Versions 3.8.3 - no changes required.
  * Updated jetty.post{install,rm} scripts to use "set -e" instead of
    passing it to sh.
  * Installed "VERSION.txt" as upstream changelog.
  * The previous version (6.1.19) fixed the following security problems,
    which were not mentioned in the changelog:
    - CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump
    Servlet.
    - CVE-2007-5614: Quote Sequence vulnerability.
    - CVE-2007-5615: CRLF injection vulnerability.
    - CVE-2009-1523: Directory traversal vulnerability in the HTTP
    server in Mort Bay Jetty.
    - CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
    Bay Jetty.
    (Closes: #454529, #528389, #527571, #543462).

 -- Niels Thykier <niels at thykier.net>  Sun, 06 Sep 2009 15:28:05 +0200


Modified: trunk/jetty/debian/changelog
===================================================================
--- trunk/jetty/debian/changelog	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/changelog	2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,3 +1,28 @@
+jetty (6.1.20-1) UNRELEASED; urgency=low
+
+  * New upstream release.
+  * Stop using Build-Depends-Indep, since the policy and the build
+    daemons disagree on when it should be used (Closes: #540861).
+  * Corrected jetty.install to reflect the move of some license files
+    in the source tree.
+  * Bumped to Standard-Versions 3.8.3 - no changes required.
+  * Updated jetty.post{install,rm} scripts to use "set -e" instead of
+    passing it to sh.
+  * Installed "VERSION.txt" as upstream changelog.
+  * The previous version (6.1.19) fixed the following security problems,
+    which were not mentioned in the changelog:
+    - CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump
+    Servlet.
+    - CVE-2007-5614: Quote Sequence vulnerability.
+    - CVE-2007-5615: CRLF injection vulnerability.
+    - CVE-2009-1523: Directory traversal vulnerability in the HTTP
+    server in Mort Bay Jetty.
+    - CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
+    Bay Jetty.
+    (Closes: #454529, #528389, #527571, #543462).
+
+ -- Niels Thykier <niels at thykier.net>  Sun, 06 Sep 2009 15:28:05 +0200
+
 jetty (6.1.19-2) unstable; urgency=low
 
   * Upload to unstable.
@@ -8,22 +33,22 @@
 
   [ Ludovic Claude ]
   * New upstream release fixing a security vulnerability
-    (cookies are not secure if you are running behind a netscaler)
+    (cookies are not secure if you are running behind a netscaler).
   * Remove the bootstrap patch as it has been added upstream and update
-    the build to use the new start-daemon component
+    the build to use the new start-daemon component.
   * Remove the Build-Depend on quilt as the patch is not needed anymore.
-  * Add the Maven POM to the package
-  * Add a Build-Depends dependency on maven-repo-helper
+  * Add the Maven POM to the package.
+  * Add a Build-Depends dependency on maven-repo-helper.
   * Use mh_installpom and mh_installjar to install the POM and the jar to the
-    Maven repository
+    Maven repository.
   * Add optional support for web applications located in /usr/share/webapps.
   * Add a cron job that cleans up the old log files in /var/log/jetty.
-  * Register the Javadoc into Debian documentation and put it in a 
-    separate package (libjetty-java-doc)
+  * Register the Javadoc into Debian documentation and put it in a
+    separate package (libjetty-java-doc).
   * Use openjdk-6-jdk for the build; add a Build-Depends on this
     package. Required to build the javadoc.
-  * Update debian/copyright (patch provided by Jan Pascal Vanbest 
-    <janpascal at vanbest.org>)
+  * Update debian/copyright (patch provided by Jan Pascal Vanbest
+    <janpascal at vanbest.org>).
 
   [ Torsten Werner ]
   * Add myself to Uploaders.
@@ -36,31 +61,31 @@
 jetty (6.1.18-1) unstable; urgency=low
 
   [Ludovic Claude]
-  * Add myself to Uploaders
-  * Change the build dependency on java-gcj to default-jdk
-  * Add init.d startup script
-  * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java 
-    for libjetty-extra-java, add links for the lib folder
-  * Add dependency on jsvc to run jetty as a daemon
+  * Add myself to Uploaders.
+  * Change the build dependency on java-gcj to default-jdk.
+  * Add init.d startup script.
+  * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java
+    for libjetty-extra-java, add links for the lib folder.
+  * Add dependency on jsvc to run jetty as a daemon.
   * Add the package libjetty-setuid-java for the Setuid module (with native
-    code)
-  * Add an index page used when Jetty starts
+    code).
+  * Add an index page used when Jetty starts.
   * Use latest jasper from Tomcat to provide jsp 2.1 instead of
-    Glassfish JSP implementation as in the standard distribution
-  * Add tools.jar to the classpath to be able to run JSP (Closes: #452586)
-  * Fix Lintian warnings: add ${misc:Depends} to all Depends:
+    Glassfish JSP implementation as in the standard distribution.
+  * Add tools.jar to the classpath to be able to run JSP (Closes: #452586).
+  * Fix Lintian warnings: add ${misc:Depends} to all Depends.
   * Move jetty to main as all its dependencies are in main,
     and jetty contains only code that complies with Debian guidelines,
     use java section like tomcat6
-    (Closes: #498582)
-  * Do not depend on tomcat 5.5 (Closes: #530720, #458399)
-  * Remove empty prerm and preinst scripts
-  * Remove old patches that don't apply anymore
-  * Update copyright and remove full text of Apache license
-  * Bump up compat to 6 and Standards-Version to 3.8.1
+    (Closes: #498582).
+  * Do not depend on tomcat 5.5 (Closes: #530720, #458399).
+  * Remove empty prerm and preinst scripts.
+  * Remove old patches that don't apply anymore.
+  * Update copyright and remove full text of Apache license.
+  * Bump up compat to 6 and Standards-Version to 3.8.1.
 
   [David Yu]
-  * New upstream release for jetty 
+  * New upstream release for jetty
     (Closes: #528389, #527571, #454529, #425152).
   * Fixed jetty.links. Now delegates install of start.jar to libjetty-java.
 
@@ -114,20 +139,20 @@
 
 jetty (5.1.10-1) unstable; urgency=low
 
-  * New upstream release
-  * Sercurity fixes for windows
+  * New upstream release.
+  * Sercurity fixes for windows.
   * Fixed path aliasing with // on windows.
-  * Fix for AJP13 with multiple headers
-  * Fix for AJP13 with encoded path
-  * Remove null dispatch attributes from getAttributeNames
+  * Fix for AJP13 with multiple headers.
+  * Fix for AJP13 with encoded path.
+  * Remove null dispatch attributes from getAttributeNames.
   * Put POST content default back to iso_8859_1. GET is UTF-8
-    still
+    still.
 
  -- Philipp Meier <meier at fnogol.de>  Tue, 30 May 2006 10:40:18 +0200
 
 jetty (5.1.8-3) unstable; urgency=low
 
-  * Enhance dependencies. 
+  * Enhance dependencies.
 
  -- Philipp Meier <meier at fnogol.de>  Fri, 16 Dec 2005 10:53:48 +0100
 
@@ -139,29 +164,29 @@
 
 jetty (5.1.8-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
 
   From 5.1.8:
 
-  * Fixed space in URL issued created in 5.1.6
+  * Fixed space in URL issued created in 5.1.6.
 
   From 5.1.7:
 
-  * improved server stats
-  * char encoding for MultiPartRequest
+  * improved server stats.
+  * char encoding for MultiPartRequest.
   * fixed merging of POST params in dispatch query string.
-  * protect from NPE in dispatcher getValues
-  * Updated to 2.6.2 xerces
+  * protect from NPE in dispatcher getValues.
+  * Updated to 2.6.2 xerces.
   * JSP file servlet mappings copy JspServlet init params.
-  * Prefix servlet context logs with org.mortbay.jetty.context
-  * better support for URI character encodings
+  * Prefix servlet context logs with org.mortbay.jetty.context.
+  * better support for URI character encodings.
   * use commons logging jar instead of api jar.
 
  -- Philipp Meier <meier at fnogol.de>  Wed,  7 Dec 2005 11:06:10 +0100
 
 jetty (5.1.6-1) unstable; urgency=high
 
-  * New upstream release
+  * New upstream release.
   * Fixed JSP visibility security issue in upstream.
   * Fix location of jasper since upgrade to tomcat5. Closes: #333010.
 
@@ -186,11 +211,11 @@
   Patch from Oyvind Harboe <oyvind.harboe at zylin.com>:
 
   * Fixed rc script /etc/init.d/jetty. "stop" could leave dangling
-    /var/run/jetty.pid. Fixed this by adding "--oknodo" to 
-    "start-stop-daemon --stop" command. 
+    /var/run/jetty.pid. Fixed this by adding "--oknodo" to
+    "start-stop-daemon --stop" command.
   * Removed trailing "/" from LOGDIR which caused
     /var/log/out.log not to be created.
-  * /etc/init.d/jetty start will now deal more gracefully with a 
+  * /etc/init.d/jetty start will now deal more gracefully with a
     dangling /var/run/jetty.pid. A dangling jetty.pid is detected
     and ignored.
   * Closes: #326176.
@@ -214,18 +239,18 @@
 
 jetty (5.1.5rc1-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
 
  -- Philipp Meier <meier at fnogol.de>  Fri, 26 Aug 2005 12:53:50 +0200
 
 jetty (5.1.4-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
   * Added myself to Uploaders in control.
-  * Standards-Version bumbed to 3.6.2
-  * Removed debian/watch which will not work with sourceforge
-  * Manage changes to upstream with cdbs simple-patchsys
-  * Fixed rc script /etc/init.d/jetty
+  * Standards-Version bumbed to 3.6.2.
+  * Removed debian/watch which will not work with sourceforge.
+  * Manage changes to upstream with cdbs simple-patchsys.
+  * Fixed rc script /etc/init.d/jetty.
   * Adjusted new location of servlet.jar. Closes: #280139.
 
  -- Philipp Meier <meier at fnogol.de>  Fri, 12 Aug 2005 18:14:28 +0200
@@ -235,7 +260,7 @@
   * Package is now maintained by pkg-java. Maintainer was updated.
   * Disable validation of xml files in start.config by default.
     Closes: #298731.
-  * Add /usr/lib/j2sdk1.5-sun to JAVA_HOME_DIRS in debian/rules
+  * Add /usr/lib/j2sdk1.5-sun to JAVA_HOME_DIRS in debian/rules.
 
  -- Philipp Meier <meier at fnogol.de>  Thu, 30 Jun 2005 14:32:31 +0200
 
@@ -255,34 +280,34 @@
 
 jetty (5.0.0-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
 
  -- Philipp Meier <meier at fnogol.de>  Thu, 16 Sep 2004 00:40:41 +0200
 
 jetty (4.2.22-2) unstable; urgency=low
 
-  * New upstream release
-  * Changed mantainer email
+  * New upstream release.
+  * Changed mantainer email.
 
  -- Philipp Meier <meier at fnogol.de>  Wed, 25 Aug 2004 18:14:56 +0200
 
 jetty (4.2.21-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
 
  -- Philipp Meier <meier at meisterbohne.de>  Mon, 23 Aug 2004 15:23:25 +0200
 
 jetty (4.2.19-1) unstable; urgency=high
 
   * New upstream release.
-  * Fixed DOS attack problem
+  * Fixed DOS attack problem.
 
  -- Philipp Meier <meier at meisterbohne.de>  Fri, 19 Mar 2004 17:55:45 +0100
 
 jetty (4.2.18-1) unstable; urgency=low
 
   * New upstream release.
-  * Package description of jetty-extra lists the 
+  * Package description of jetty-extra lists the
     extensions provided. Closes: #232824
 
  -- Philipp Meier <meier at meisterbohne.de>  Mon,  1 Mar 2004 13:54:01 +0100
@@ -298,7 +323,7 @@
 
 jetty (4.2.15) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
   * New additional package jetty-extra.
   * Updated standards version from 3.5.10 to 3.6.0
   * Build target directory are no longer in debian because
@@ -308,64 +333,64 @@
 
 jetty (4.2.12-2) unstable; urgency=low
 
-  * Fixes start.config to make jetty run with kaffe
-  * Updated standards version from 3.5.8 to 3.5.10
+  * Fixes start.config to make jetty run with kaffe.
+  * Updated standards version from 3.5.8 to 3.5.10.
 
  -- Philipp Meier <meier at meisterbohne.de>  Fri, 29 Aug 2003 14:43:40 +0200
 
 jetty (4.2.12-1) unstable; urgency=low
 
-  * New upstream release
+  * New upstream release.
 
  -- Philipp Meier <meier at meisterbohne.de>  Tue, 12 Aug 2003 14:07:56 +0200
 
 jetty (4.2.11-7) unstable; urgency=low
 
-  * Adds alternative dependency on j2sdk1.4
-  * Fixes typos in debian/TODO
-  * Adds ant to classpath because jasper needs it. 
+  * Adds alternative dependency on j2sdk1.4.
+  * Fixes typos in debian/TODO.
+  * Adds ant to classpath because jasper needs it.
 
  -- Philipp Meier <meier at meisterbohne.de>  Thu,  7 Aug 2003 20:34:19 +0200
 
 jetty (4.2.11-6) unstable; urgency=low
 
-  * Removes DH_VERBOSE from debian/rules
-  * /etc/jetty will be removed on purge
-  * Add build-dependency on j2sdk1.4
+  * Removes DH_VERBOSE from debian/rules.
+  * /etc/jetty will be removed on purge.
+  * Add build-dependency on j2sdk1.4.
 
  -- Philipp Meier <meier at meisterbohne.de>  Wed, 23 Jul 2003 15:38:05 +0200
 
 jetty (4.2.11-5) unstable; urgency=low
 
-  * Fix for /etc/default/jetty which was misplaced
+  * Fix for /etc/default/jetty which was misplaced.
   * Fixes messed-up corrections for javadoc tags. Introduced before.
 
  -- Philipp Meier <meier at meisterbohne.de>  Wed, 23 Jul 2003 01:11:42 +0200
 
 jetty (4.2.11-4) unstable; urgency=low
 
-  * Jetty depends on j2re1.4 until build process of jetty 
+  * Jetty depends on j2re1.4 until build process of jetty
     with java < 1.4 works.
-  * Fixes in build process 
+  * Fixes in build process.
 
  -- Philipp Meier <meier at meisterbohne.de>  Thu, 17 Jul 2003 12:56:14 +0200
 
 jetty (4.2.11-3) unstable; urgency=low
 
-  * Creates /usr/share/java/webapps if necessary
-  * Not longer uses symlinks in ext but a debianized start.config
+  * Creates /usr/share/java/webapps if necessary.
+  * Not longer uses symlinks in ext but a debianized start.config.
   * Changed to multiline logging.
-  * Removed demo webapps and provides a preliminary debian jetty root
-  * Fixes /etc/defaults/jetty to be /etc/default/jetty
+  * Removed demo webapps and provides a preliminary debian jetty root.
+  * Fixes /etc/defaults/jetty to be /etc/default/jetty.
 
  -- Philipp Meier <meier at meisterbohne.de>  Thu, 17 Jul 2003 12:56:03 +0200
 
 jetty (4.2.11-2) unstable; urgency=low
 
-  * Adds build dependencies on libmx4j-java and iblog4j-java
-  * Removes comment about "Tomcat 4" from /etc/jetty.init 
+  * Adds build dependencies on libmx4j-java and iblog4j-java.
+  * Removes comment about "Tomcat 4" from /etc/jetty.init.
   * Renamed debian/{pre,post}{inst,rm} to debian/jetty.*
-  * Enables javac.debug to provide useful stackstraces
+  * Enables javac.debug to provide useful stackstraces.
 
  -- Philipp Meier <meier at meisterbohne.de>  Tue, 15 Jul 2003 21:50:36 +0200
 

Modified: trunk/jetty/debian/control
===================================================================
--- trunk/jetty/debian/control	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/control	2009-09-06 15:53:50 UTC (rev 10293)
@@ -3,11 +3,12 @@
 Priority: optional
 Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
 Uploaders: Philipp Meier <meier at fnogol.de>, Michael Koch <konqueror at gmx.de>, Thierry Carrez <thierry.carrez at ubuntu.com>,
- Ludovic Claude <ludovic.claude at laposte.net>, Torsten Werner <twerner at debian.org>
-Build-Depends: debhelper (>= 6), cdbs (>> 0.4.5.3), openjdk-6-jdk, ant, maven-repo-helper
-Build-Depends-Indep: libservlet2.5-java, libslf4j-java, libmx4j-java, libgnumail-java,
+ Ludovic Claude <ludovic.claude at laposte.net>, Torsten Werner <twerner at debian.org>,
+ Niels Thykier <niels at thykier.net>
+Build-Depends: debhelper (>= 6), cdbs (>> 0.4.5.3), openjdk-6-jdk, ant, maven-repo-helper,
+ libservlet2.5-java, libslf4j-java, libmx4j-java, libgnumail-java,
  libgnujaf-java, libcommons-daemon-java
-Standards-Version: 3.8.2
+Standards-Version: 3.8.3
 Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/jetty
 Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/jetty
 Homepage: http://jetty.mortbay.com/

Modified: trunk/jetty/debian/jetty.install
===================================================================
--- trunk/jetty/debian/jetty.install	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.install	2009-09-06 15:53:50 UTC (rev 10293)
@@ -6,9 +6,7 @@
 contexts                etc/jetty
 resources               usr/share/jetty
 README.txt              usr/share/doc/jetty
-VERSION.txt             usr/share/doc/jetty
 LICENSES/cla-*          usr/share/doc/jetty/LICENSES
 LICENSES/ccla-*         usr/share/doc/jetty/LICENSES
-LICENSES/contrib        usr/share/doc/jetty/LICENSES
 LICENSES/NOTICE.txt     usr/share/doc/jetty/LICENSES
 debian/README.Debian    usr/share/doc/jetty

Modified: trunk/jetty/debian/jetty.postinst
===================================================================
--- trunk/jetty/debian/jetty.postinst	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.postinst	2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,4 +1,5 @@
-#!/bin/sh -e
+#!/bin/sh
+set -e
 
 case "$1" in
     configure)

Modified: trunk/jetty/debian/jetty.postrm
===================================================================
--- trunk/jetty/debian/jetty.postrm	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.postrm	2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,4 +1,5 @@
-#!/bin/sh -e
+#!/bin/sh
+set -e
 
 #DEBHELPER#
 

Modified: trunk/jetty/debian/rules
===================================================================
--- trunk/jetty/debian/rules	2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/rules	2009-09-06 15:53:50 UTC (rev 10293)
@@ -11,6 +11,7 @@
 DEB_ANT_BUILD_TARGET := package
 DEB_ANT_BUILDFILE    := ./debian/build.xml
 DEB_ANT_ARGS         := -DVERSION=$(VERSION) -Dbuild.sysclasspath=last
+DEB_INSTALL_CHANGELOGS_ALL := VERSION.txt
 #API_DOCS             := javadoc/
 
 binary-post-install/lib$(PACKAGE)-java::




More information about the pkg-java-commits mailing list