[pkg-java] r10293 - trunk/jetty/debian
Niels Thykier
nthykier-guest at alioth.debian.org
Sun Sep 6 15:53:51 UTC 2009
Author: nthykier-guest
Date: 2009-09-06 15:53:50 +0000 (Sun, 06 Sep 2009)
New Revision: 10293
Modified:
trunk/jetty/debian/changelog
trunk/jetty/debian/control
trunk/jetty/debian/jetty.install
trunk/jetty/debian/jetty.postinst
trunk/jetty/debian/jetty.postrm
trunk/jetty/debian/rules
Log:
jetty (6.1.20-1) UNRELEASED; urgency=low
* New upstream release.
* Stop using Build-Depends-Indep, since the policy and the build
daemons disagree on when it should be used (Closes: #540861).
* Corrected jetty.install to reflect the move of some license files
in the source tree.
* Bumped to Standard-Versions 3.8.3 - no changes required.
* Updated jetty.post{install,rm} scripts to use "set -e" instead of
passing it to sh.
* Installed "VERSION.txt" as upstream changelog.
* The previous version (6.1.19) fixed the following security problems,
which were not mentioned in the changelog:
- CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump
Servlet.
- CVE-2007-5614: Quote Sequence vulnerability.
- CVE-2007-5615: CRLF injection vulnerability.
- CVE-2009-1523: Directory traversal vulnerability in the HTTP
server in Mort Bay Jetty.
- CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
Bay Jetty.
(Closes: #454529, #528389, #527571, #543462).
-- Niels Thykier <niels at thykier.net> Sun, 06 Sep 2009 15:28:05 +0200
Modified: trunk/jetty/debian/changelog
===================================================================
--- trunk/jetty/debian/changelog 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/changelog 2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,3 +1,28 @@
+jetty (6.1.20-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+ * Stop using Build-Depends-Indep, since the policy and the build
+ daemons disagree on when it should be used (Closes: #540861).
+ * Corrected jetty.install to reflect the move of some license files
+ in the source tree.
+ * Bumped to Standard-Versions 3.8.3 - no changes required.
+ * Updated jetty.post{install,rm} scripts to use "set -e" instead of
+ passing it to sh.
+ * Installed "VERSION.txt" as upstream changelog.
+ * The previous version (6.1.19) fixed the following security problems,
+ which were not mentioned in the changelog:
+ - CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump
+ Servlet.
+ - CVE-2007-5614: Quote Sequence vulnerability.
+ - CVE-2007-5615: CRLF injection vulnerability.
+ - CVE-2009-1523: Directory traversal vulnerability in the HTTP
+ server in Mort Bay Jetty.
+ - CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
+ Bay Jetty.
+ (Closes: #454529, #528389, #527571, #543462).
+
+ -- Niels Thykier <niels at thykier.net> Sun, 06 Sep 2009 15:28:05 +0200
+
jetty (6.1.19-2) unstable; urgency=low
* Upload to unstable.
@@ -8,22 +33,22 @@
[ Ludovic Claude ]
* New upstream release fixing a security vulnerability
- (cookies are not secure if you are running behind a netscaler)
+ (cookies are not secure if you are running behind a netscaler).
* Remove the bootstrap patch as it has been added upstream and update
- the build to use the new start-daemon component
+ the build to use the new start-daemon component.
* Remove the Build-Depend on quilt as the patch is not needed anymore.
- * Add the Maven POM to the package
- * Add a Build-Depends dependency on maven-repo-helper
+ * Add the Maven POM to the package.
+ * Add a Build-Depends dependency on maven-repo-helper.
* Use mh_installpom and mh_installjar to install the POM and the jar to the
- Maven repository
+ Maven repository.
* Add optional support for web applications located in /usr/share/webapps.
* Add a cron job that cleans up the old log files in /var/log/jetty.
- * Register the Javadoc into Debian documentation and put it in a
- separate package (libjetty-java-doc)
+ * Register the Javadoc into Debian documentation and put it in a
+ separate package (libjetty-java-doc).
* Use openjdk-6-jdk for the build; add a Build-Depends on this
package. Required to build the javadoc.
- * Update debian/copyright (patch provided by Jan Pascal Vanbest
- <janpascal at vanbest.org>)
+ * Update debian/copyright (patch provided by Jan Pascal Vanbest
+ <janpascal at vanbest.org>).
[ Torsten Werner ]
* Add myself to Uploaders.
@@ -36,31 +61,31 @@
jetty (6.1.18-1) unstable; urgency=low
[Ludovic Claude]
- * Add myself to Uploaders
- * Change the build dependency on java-gcj to default-jdk
- * Add init.d startup script
- * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java
- for libjetty-extra-java, add links for the lib folder
- * Add dependency on jsvc to run jetty as a daemon
+ * Add myself to Uploaders.
+ * Change the build dependency on java-gcj to default-jdk.
+ * Add init.d startup script.
+ * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java
+ for libjetty-extra-java, add links for the lib folder.
+ * Add dependency on jsvc to run jetty as a daemon.
* Add the package libjetty-setuid-java for the Setuid module (with native
- code)
- * Add an index page used when Jetty starts
+ code).
+ * Add an index page used when Jetty starts.
* Use latest jasper from Tomcat to provide jsp 2.1 instead of
- Glassfish JSP implementation as in the standard distribution
- * Add tools.jar to the classpath to be able to run JSP (Closes: #452586)
- * Fix Lintian warnings: add ${misc:Depends} to all Depends:
+ Glassfish JSP implementation as in the standard distribution.
+ * Add tools.jar to the classpath to be able to run JSP (Closes: #452586).
+ * Fix Lintian warnings: add ${misc:Depends} to all Depends.
* Move jetty to main as all its dependencies are in main,
and jetty contains only code that complies with Debian guidelines,
use java section like tomcat6
- (Closes: #498582)
- * Do not depend on tomcat 5.5 (Closes: #530720, #458399)
- * Remove empty prerm and preinst scripts
- * Remove old patches that don't apply anymore
- * Update copyright and remove full text of Apache license
- * Bump up compat to 6 and Standards-Version to 3.8.1
+ (Closes: #498582).
+ * Do not depend on tomcat 5.5 (Closes: #530720, #458399).
+ * Remove empty prerm and preinst scripts.
+ * Remove old patches that don't apply anymore.
+ * Update copyright and remove full text of Apache license.
+ * Bump up compat to 6 and Standards-Version to 3.8.1.
[David Yu]
- * New upstream release for jetty
+ * New upstream release for jetty
(Closes: #528389, #527571, #454529, #425152).
* Fixed jetty.links. Now delegates install of start.jar to libjetty-java.
@@ -114,20 +139,20 @@
jetty (5.1.10-1) unstable; urgency=low
- * New upstream release
- * Sercurity fixes for windows
+ * New upstream release.
+ * Sercurity fixes for windows.
* Fixed path aliasing with // on windows.
- * Fix for AJP13 with multiple headers
- * Fix for AJP13 with encoded path
- * Remove null dispatch attributes from getAttributeNames
+ * Fix for AJP13 with multiple headers.
+ * Fix for AJP13 with encoded path.
+ * Remove null dispatch attributes from getAttributeNames.
* Put POST content default back to iso_8859_1. GET is UTF-8
- still
+ still.
-- Philipp Meier <meier at fnogol.de> Tue, 30 May 2006 10:40:18 +0200
jetty (5.1.8-3) unstable; urgency=low
- * Enhance dependencies.
+ * Enhance dependencies.
-- Philipp Meier <meier at fnogol.de> Fri, 16 Dec 2005 10:53:48 +0100
@@ -139,29 +164,29 @@
jetty (5.1.8-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
From 5.1.8:
- * Fixed space in URL issued created in 5.1.6
+ * Fixed space in URL issued created in 5.1.6.
From 5.1.7:
- * improved server stats
- * char encoding for MultiPartRequest
+ * improved server stats.
+ * char encoding for MultiPartRequest.
* fixed merging of POST params in dispatch query string.
- * protect from NPE in dispatcher getValues
- * Updated to 2.6.2 xerces
+ * protect from NPE in dispatcher getValues.
+ * Updated to 2.6.2 xerces.
* JSP file servlet mappings copy JspServlet init params.
- * Prefix servlet context logs with org.mortbay.jetty.context
- * better support for URI character encodings
+ * Prefix servlet context logs with org.mortbay.jetty.context.
+ * better support for URI character encodings.
* use commons logging jar instead of api jar.
-- Philipp Meier <meier at fnogol.de> Wed, 7 Dec 2005 11:06:10 +0100
jetty (5.1.6-1) unstable; urgency=high
- * New upstream release
+ * New upstream release.
* Fixed JSP visibility security issue in upstream.
* Fix location of jasper since upgrade to tomcat5. Closes: #333010.
@@ -186,11 +211,11 @@
Patch from Oyvind Harboe <oyvind.harboe at zylin.com>:
* Fixed rc script /etc/init.d/jetty. "stop" could leave dangling
- /var/run/jetty.pid. Fixed this by adding "--oknodo" to
- "start-stop-daemon --stop" command.
+ /var/run/jetty.pid. Fixed this by adding "--oknodo" to
+ "start-stop-daemon --stop" command.
* Removed trailing "/" from LOGDIR which caused
/var/log/out.log not to be created.
- * /etc/init.d/jetty start will now deal more gracefully with a
+ * /etc/init.d/jetty start will now deal more gracefully with a
dangling /var/run/jetty.pid. A dangling jetty.pid is detected
and ignored.
* Closes: #326176.
@@ -214,18 +239,18 @@
jetty (5.1.5rc1-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
-- Philipp Meier <meier at fnogol.de> Fri, 26 Aug 2005 12:53:50 +0200
jetty (5.1.4-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
* Added myself to Uploaders in control.
- * Standards-Version bumbed to 3.6.2
- * Removed debian/watch which will not work with sourceforge
- * Manage changes to upstream with cdbs simple-patchsys
- * Fixed rc script /etc/init.d/jetty
+ * Standards-Version bumbed to 3.6.2.
+ * Removed debian/watch which will not work with sourceforge.
+ * Manage changes to upstream with cdbs simple-patchsys.
+ * Fixed rc script /etc/init.d/jetty.
* Adjusted new location of servlet.jar. Closes: #280139.
-- Philipp Meier <meier at fnogol.de> Fri, 12 Aug 2005 18:14:28 +0200
@@ -235,7 +260,7 @@
* Package is now maintained by pkg-java. Maintainer was updated.
* Disable validation of xml files in start.config by default.
Closes: #298731.
- * Add /usr/lib/j2sdk1.5-sun to JAVA_HOME_DIRS in debian/rules
+ * Add /usr/lib/j2sdk1.5-sun to JAVA_HOME_DIRS in debian/rules.
-- Philipp Meier <meier at fnogol.de> Thu, 30 Jun 2005 14:32:31 +0200
@@ -255,34 +280,34 @@
jetty (5.0.0-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
-- Philipp Meier <meier at fnogol.de> Thu, 16 Sep 2004 00:40:41 +0200
jetty (4.2.22-2) unstable; urgency=low
- * New upstream release
- * Changed mantainer email
+ * New upstream release.
+ * Changed mantainer email.
-- Philipp Meier <meier at fnogol.de> Wed, 25 Aug 2004 18:14:56 +0200
jetty (4.2.21-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
-- Philipp Meier <meier at meisterbohne.de> Mon, 23 Aug 2004 15:23:25 +0200
jetty (4.2.19-1) unstable; urgency=high
* New upstream release.
- * Fixed DOS attack problem
+ * Fixed DOS attack problem.
-- Philipp Meier <meier at meisterbohne.de> Fri, 19 Mar 2004 17:55:45 +0100
jetty (4.2.18-1) unstable; urgency=low
* New upstream release.
- * Package description of jetty-extra lists the
+ * Package description of jetty-extra lists the
extensions provided. Closes: #232824
-- Philipp Meier <meier at meisterbohne.de> Mon, 1 Mar 2004 13:54:01 +0100
@@ -298,7 +323,7 @@
jetty (4.2.15) unstable; urgency=low
- * New upstream release
+ * New upstream release.
* New additional package jetty-extra.
* Updated standards version from 3.5.10 to 3.6.0
* Build target directory are no longer in debian because
@@ -308,64 +333,64 @@
jetty (4.2.12-2) unstable; urgency=low
- * Fixes start.config to make jetty run with kaffe
- * Updated standards version from 3.5.8 to 3.5.10
+ * Fixes start.config to make jetty run with kaffe.
+ * Updated standards version from 3.5.8 to 3.5.10.
-- Philipp Meier <meier at meisterbohne.de> Fri, 29 Aug 2003 14:43:40 +0200
jetty (4.2.12-1) unstable; urgency=low
- * New upstream release
+ * New upstream release.
-- Philipp Meier <meier at meisterbohne.de> Tue, 12 Aug 2003 14:07:56 +0200
jetty (4.2.11-7) unstable; urgency=low
- * Adds alternative dependency on j2sdk1.4
- * Fixes typos in debian/TODO
- * Adds ant to classpath because jasper needs it.
+ * Adds alternative dependency on j2sdk1.4.
+ * Fixes typos in debian/TODO.
+ * Adds ant to classpath because jasper needs it.
-- Philipp Meier <meier at meisterbohne.de> Thu, 7 Aug 2003 20:34:19 +0200
jetty (4.2.11-6) unstable; urgency=low
- * Removes DH_VERBOSE from debian/rules
- * /etc/jetty will be removed on purge
- * Add build-dependency on j2sdk1.4
+ * Removes DH_VERBOSE from debian/rules.
+ * /etc/jetty will be removed on purge.
+ * Add build-dependency on j2sdk1.4.
-- Philipp Meier <meier at meisterbohne.de> Wed, 23 Jul 2003 15:38:05 +0200
jetty (4.2.11-5) unstable; urgency=low
- * Fix for /etc/default/jetty which was misplaced
+ * Fix for /etc/default/jetty which was misplaced.
* Fixes messed-up corrections for javadoc tags. Introduced before.
-- Philipp Meier <meier at meisterbohne.de> Wed, 23 Jul 2003 01:11:42 +0200
jetty (4.2.11-4) unstable; urgency=low
- * Jetty depends on j2re1.4 until build process of jetty
+ * Jetty depends on j2re1.4 until build process of jetty
with java < 1.4 works.
- * Fixes in build process
+ * Fixes in build process.
-- Philipp Meier <meier at meisterbohne.de> Thu, 17 Jul 2003 12:56:14 +0200
jetty (4.2.11-3) unstable; urgency=low
- * Creates /usr/share/java/webapps if necessary
- * Not longer uses symlinks in ext but a debianized start.config
+ * Creates /usr/share/java/webapps if necessary.
+ * Not longer uses symlinks in ext but a debianized start.config.
* Changed to multiline logging.
- * Removed demo webapps and provides a preliminary debian jetty root
- * Fixes /etc/defaults/jetty to be /etc/default/jetty
+ * Removed demo webapps and provides a preliminary debian jetty root.
+ * Fixes /etc/defaults/jetty to be /etc/default/jetty.
-- Philipp Meier <meier at meisterbohne.de> Thu, 17 Jul 2003 12:56:03 +0200
jetty (4.2.11-2) unstable; urgency=low
- * Adds build dependencies on libmx4j-java and iblog4j-java
- * Removes comment about "Tomcat 4" from /etc/jetty.init
+ * Adds build dependencies on libmx4j-java and iblog4j-java.
+ * Removes comment about "Tomcat 4" from /etc/jetty.init.
* Renamed debian/{pre,post}{inst,rm} to debian/jetty.*
- * Enables javac.debug to provide useful stackstraces
+ * Enables javac.debug to provide useful stackstraces.
-- Philipp Meier <meier at meisterbohne.de> Tue, 15 Jul 2003 21:50:36 +0200
Modified: trunk/jetty/debian/control
===================================================================
--- trunk/jetty/debian/control 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/control 2009-09-06 15:53:50 UTC (rev 10293)
@@ -3,11 +3,12 @@
Priority: optional
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Uploaders: Philipp Meier <meier at fnogol.de>, Michael Koch <konqueror at gmx.de>, Thierry Carrez <thierry.carrez at ubuntu.com>,
- Ludovic Claude <ludovic.claude at laposte.net>, Torsten Werner <twerner at debian.org>
-Build-Depends: debhelper (>= 6), cdbs (>> 0.4.5.3), openjdk-6-jdk, ant, maven-repo-helper
-Build-Depends-Indep: libservlet2.5-java, libslf4j-java, libmx4j-java, libgnumail-java,
+ Ludovic Claude <ludovic.claude at laposte.net>, Torsten Werner <twerner at debian.org>,
+ Niels Thykier <niels at thykier.net>
+Build-Depends: debhelper (>= 6), cdbs (>> 0.4.5.3), openjdk-6-jdk, ant, maven-repo-helper,
+ libservlet2.5-java, libslf4j-java, libmx4j-java, libgnumail-java,
libgnujaf-java, libcommons-daemon-java
-Standards-Version: 3.8.2
+Standards-Version: 3.8.3
Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/jetty
Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/jetty
Homepage: http://jetty.mortbay.com/
Modified: trunk/jetty/debian/jetty.install
===================================================================
--- trunk/jetty/debian/jetty.install 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.install 2009-09-06 15:53:50 UTC (rev 10293)
@@ -6,9 +6,7 @@
contexts etc/jetty
resources usr/share/jetty
README.txt usr/share/doc/jetty
-VERSION.txt usr/share/doc/jetty
LICENSES/cla-* usr/share/doc/jetty/LICENSES
LICENSES/ccla-* usr/share/doc/jetty/LICENSES
-LICENSES/contrib usr/share/doc/jetty/LICENSES
LICENSES/NOTICE.txt usr/share/doc/jetty/LICENSES
debian/README.Debian usr/share/doc/jetty
Modified: trunk/jetty/debian/jetty.postinst
===================================================================
--- trunk/jetty/debian/jetty.postinst 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.postinst 2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,4 +1,5 @@
-#!/bin/sh -e
+#!/bin/sh
+set -e
case "$1" in
configure)
Modified: trunk/jetty/debian/jetty.postrm
===================================================================
--- trunk/jetty/debian/jetty.postrm 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/jetty.postrm 2009-09-06 15:53:50 UTC (rev 10293)
@@ -1,4 +1,5 @@
-#!/bin/sh -e
+#!/bin/sh
+set -e
#DEBHELPER#
Modified: trunk/jetty/debian/rules
===================================================================
--- trunk/jetty/debian/rules 2009-09-05 22:05:41 UTC (rev 10292)
+++ trunk/jetty/debian/rules 2009-09-06 15:53:50 UTC (rev 10293)
@@ -11,6 +11,7 @@
DEB_ANT_BUILD_TARGET := package
DEB_ANT_BUILDFILE := ./debian/build.xml
DEB_ANT_ARGS := -DVERSION=$(VERSION) -Dbuild.sysclasspath=last
+DEB_INSTALL_CHANGELOGS_ALL := VERSION.txt
#API_DOCS := javadoc/
binary-post-install/lib$(PACKAGE)-java::
More information about the pkg-java-commits
mailing list