[libapache-mod-jk] 47/65: Update to 1:1.2.40+svn150520
Markus Koschany
apo at moszumanska.debian.org
Sat Oct 8 14:14:48 UTC 2016
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository libapache-mod-jk.
commit 3ca9879ca20fb0fc11e7db2757fa109f02971e77
Author: Markus Koschany <apo at gambaru.de>
Date: Thu May 21 16:41:08 2015 +0000
Update to 1:1.2.40+svn150520
---
debian/changelog | 28 +++++++++++
debian/control | 8 ++--
debian/copyright | 40 ++++++++++++++--
.../0004-corrupted-worker-activation-status.patch | 27 -----------
debian/patches/disable-libtool-check.patch | 54 ++++++++++++++++++++++
debian/patches/fix-privacy-breach.patch | 26 +++++++++++
debian/patches/series | 3 +-
debian/rules | 5 +-
debian/source.lintian-overrides | 2 -
debian/workers.properties | 4 +-
10 files changed, 156 insertions(+), 41 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index d4b3005..6d0dcee 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,31 @@
+libapache-mod-jk (1:1.2.40+svn150520-1) unstable; urgency=high
+
+ * Team upload.
+ * Imported Upstream SVN snapshot version 1.2.40+svn150520.
+ - Fix CVE-2014-8111: (Closes: #783233)
+ Apache Tomcat Connectors (mod_jk) ignored JkUnmount rules for subtrees of
+ previous JkMount rules, which allows remote attackers to access otherwise
+ restricted artifacts via unspecified vectors.
+ * debian/control: Build-Depend on debhelper >= 9.
+ * Remove source.lintian-overrides since we now build-depend on debhelper >=9.
+ * Drop 0004-corrupted-worker-activation-status.patch. Fixed upstream.
+ * debian/rules:
+ - Disable sed command in debian/rules. Apparently not necessary for this
+ release.
+ - Run buildconf.sh before dh_auto_configure step since this is a requirement
+ for building SVN snapshots.
+ * debian/control:
+ - Add autoconf to Build-Depends.
+ - Add automake to Build-Depends.
+ - Remove Conflicts and Replaces fields because they are obsolete.
+ * Add disable-libtool-check.patch and fix a FTBFS. We already build-depend on
+ libtool but the script is not smart enough.
+ * Add fix-privacy-breach.patch and fix lintian errors about "privacy breach
+ logo".
+ * Update debian/copyright information. Add missing BSD-3-clause license.
+
+ -- Markus Koschany <apo at gambaru.de> Thu, 21 May 2015 17:53:24 +0200
+
libapache-mod-jk (1:1.2.37-4) unstable; urgency=medium
* Team upload.
diff --git a/debian/control b/debian/control
index 36405fd..1a1fd03 100644
--- a/debian/control
+++ b/debian/control
@@ -4,8 +4,10 @@ Priority: optional
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Uploaders: Damien Raude-Morvan <drazzib at debian.org>
Build-Depends: apache2-dev,
+ autoconf,
+ automake,
autotools-dev,
- debhelper (>= 8.1.3~),
+ debhelper (>= 9),
dh-apache2,
libtool
Build-Depends-Indep: lynx, xsltproc
@@ -18,8 +20,6 @@ Package: libapache2-mod-jk
Architecture: any
Depends: ${misc:Depends}, ${shlibs:Depends}
Suggests: libapache-mod-jk-doc, tomcat8
-Conflicts: libapache2-mod-jk2
-Replaces: libapache2-mod-jk2
Description: Apache 2 connector for the Tomcat Java servlet engine
Apache Tomcat is the reference implementation for the Java Servlet and
JavaServer Pages (JSP) specification from the Apache Jakarta project.
@@ -33,8 +33,6 @@ Architecture: all
Section: doc
Depends: ${misc:Depends}
Suggests: libapache2-mod-jk
-Conflicts: libapache-mod-jk (<= 1.2.5-2)
-Replaces: libapache-mod-jk (<= 1.2.5-2)
Description: Documentation of libapache2-mod-jk package
Documentation and examples of the Apache jk connector for the Tomcat
Java servlet engine.
diff --git a/debian/copyright b/debian/copyright
index c26ee7a..af902ea 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -4,15 +4,49 @@ Upstream-Contact: <http://tomcat.apache.org/connectors-doc/>
Source: http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/
Files: *
-Copyright: Copyright (c) 1999-2011 Apache Foundation
+Copyright: Copyright (c) 1999-2015 Apache Foundation
License: Apache-2.0
+Files: native/iis/pcre/*
+Copyright: 1997-2004, University of Cambridge
+License: BSD-3-clause
+
Files: debian/*
Copyright: 2003, Stefan Gybas <sgybas at debian.org>
- 2009, Michael Koch <konqueror at gmx.de>
- 2011, Damien Raude-Morvan <drazzib at debian.org>
+ 2009, Michael Koch <konqueror at gmx.de>
+ 2011, Damien Raude-Morvan <drazzib at debian.org>
+ 2015, Markus Koschany <apo at gambaru.de>
License: Apache-2.0
License: Apache-2.0
A complete copy of the Apache License, Version 2.0, can be found in
/usr/share/common-licenses/Apache-2.0 on Debian Systems.
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ .
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ .
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ * Neither the name of the University of Cambridge nor the names of its
+ contributors may be used to endorse or promote products derived from
+ this software without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+
diff --git a/debian/patches/0004-corrupted-worker-activation-status.patch b/debian/patches/0004-corrupted-worker-activation-status.patch
deleted file mode 100644
index 38348d7..0000000
--- a/debian/patches/0004-corrupted-worker-activation-status.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Description: Worker activation state corrupted when using jkmanager
- We use jkmanager to selectively disable (DIS state) workers to do
- rolling releases. This worked fine in Squeeze (mod_jk 1.2.30),
- but does not work properly anymore in Wheezy (mod_jk 1.2.37). The
- effect is: When I set a worker to disabled, it flips back and forth
- between disabled an active, and the load on the worker does not
- decrease as it should. Same with stopped. Happens on multiple
- Apache servers independently.
- .
- The following change from the upcoming 1.2.38 release fixes the
- problem at least for our setup.
- .
- <URL:http://tomcat.10.x6.nabble.com/mod-jk-worker-activation-not-working-anymore-in-1-2-37-td4999956.html>
-Author: David Gubler <dg at doodle.com>
-Last-Update: 2013-08-12
-Bug: http://bugs.debian.org/cgi-bin/711934
---- a/native/common/jk_status.c
-+++ b/native/common/jk_status.c
-@@ -3647,7 +3647,7 @@
- }
- }
- if (sync_needed == JK_TRUE) {
-- wr->sequence = 0;
-+ wr->sequence = -1;
- if (!rc)
- rc = 3;
- }
diff --git a/debian/patches/disable-libtool-check.patch b/debian/patches/disable-libtool-check.patch
new file mode 100644
index 0000000..db8595a
--- /dev/null
+++ b/debian/patches/disable-libtool-check.patch
@@ -0,0 +1,54 @@
+From: Markus Koschany <apo at gambaru.de>
+Date: Thu, 21 May 2015 17:10:30 +0200
+Subject: disable libtool check
+
+Disable libtool check for SVN builds. This patch can be removed with the next
+official release.
+
+Forwarded: not-needed
+---
+ native/scripts/build/unix/buildcheck.sh | 32 ++++++++++++++++----------------
+ 1 file changed, 16 insertions(+), 16 deletions(-)
+
+diff --git a/native/scripts/build/unix/buildcheck.sh b/native/scripts/build/unix/buildcheck.sh
+index db119a7..9b67052 100755
+--- a/native/scripts/build/unix/buildcheck.sh
++++ b/native/scripts/build/unix/buildcheck.sh
+@@ -35,21 +35,21 @@ else
+ echo "buildconf: autoconf version $ac_version (ok)"
+ fi
+
+-ac_version=`${LIBTOOL:-libtool} --version 2>/dev/null|sed -e 's/^[^0-9]*//;s/[a-z]* *$//;s/(.*//;q'`
+-if test -z "$ac_version"; then
+-echo "buildconf: libtool not found."
+-echo " You need libtool version 1.4 or newer installed"
+-echo " to build mod_jk from SVN."
+-exit 1
+-fi
+-IFS=.; set $ac_version; IFS=' '
+-if test "$1" = "1" -a "$2" -lt "4" || test "$1" -lt "1"; then
+-echo "buildconf: libtool version $ac_version found."
+-echo " You need libtool version 1.4 or newer installed"
+-echo " to build mod_jk from SVN."
+-exit 1
+-else
+-echo "buildconf: libtool version $ac_version (ok)"
+-fi
++#ac_version=`${LIBTOOL:-libtool} --version 2>/dev/null|sed -e 's/^[^0-9]*//;s/[a-z]* *$//;s/(.*//;q'`
++#if test -z "$ac_version"; then
++#echo "buildconf: libtool not found."
++#echo " You need libtool version 1.4 or newer installed"
++#echo " to build mod_jk from SVN."
++#exit 1
++#fi
++#IFS=.; set $ac_version; IFS=' '
++#if test "$1" = "1" -a "$2" -lt "4" || test "$1" -lt "1"; then
++#echo "buildconf: libtool version $ac_version found."
++#echo " You need libtool version 1.4 or newer installed"
++#echo " to build mod_jk from SVN."
++#exit 1
++#else
++#echo "buildconf: libtool version $ac_version (ok)"
++#fi
+
+ exit 0
diff --git a/debian/patches/fix-privacy-breach.patch b/debian/patches/fix-privacy-breach.patch
new file mode 100644
index 0000000..b423653
--- /dev/null
+++ b/debian/patches/fix-privacy-breach.patch
@@ -0,0 +1,26 @@
+From: Markus Koschany <apo at gambaru.de>
+Date: Thu, 21 May 2015 17:38:34 +0200
+Subject: fix privacy breach
+
+Fix lintian error "privacy breach".
+
+Forwarded: no
+---
+ xdocs/style.xsl | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/xdocs/style.xsl b/xdocs/style.xsl
+index fbfdfe5..afbf45d 100644
+--- a/xdocs/style.xsl
++++ b/xdocs/style.xsl
+@@ -104,10 +104,6 @@
+ </xsl:variable -->
+
+ <xsl:comment>APACHE LOGO</xsl:comment>
+- <a href="http://www.apache.org/">
+- <img src="http://www.apache.org/images/asf-logo.gif"
+- align="right" alt=" :: Apache Software Foundation" border="0"/>
+- </a>
+
+ </xsl:if>
+
diff --git a/debian/patches/series b/debian/patches/series
index d040b09..a8bb2f8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,5 @@
0001-disable-logo.patch
0002-debianize-log-directory.patch
0003-upgrade-info-to-error-message.patch
-0004-corrupted-worker-activation-status.patch
+disable-libtool-check.patch
+fix-privacy-breach.patch
diff --git a/debian/rules b/debian/rules
index 51a198b..876dfbe 100755
--- a/debian/rules
+++ b/debian/rules
@@ -7,8 +7,11 @@ export DEB_CFLAGS_MAINT_APPEND = -D_LARGEFILE_SUPPORT -D_LARGEFILE64_SOURCE -D_F
dh $@ --with autotools_dev,apache2 --sourcedirectory=native
override_dh_auto_configure:
+ # Run buildconf.sh before configure step. Only needed for building SVN
+ # snapshots
+ cd native && ./buildconf.sh
dh_auto_configure -- --with-apxs=/usr/bin/apxs2
- sed -i -e 's/^LIBTOOL = .*$$/LIBTOOL = \/bin\/sh ..\/libtool/' native/common/Makefile
+ #sed -i -e 's/^LIBTOOL = .*$$/LIBTOOL = \/bin\/sh ..\/libtool/' native/common/Makefile
override_dh_auto_build:
dh_auto_build
diff --git a/debian/source.lintian-overrides b/debian/source.lintian-overrides
deleted file mode 100644
index c3a8e6e..0000000
--- a/debian/source.lintian-overrides
+++ /dev/null
@@ -1,2 +0,0 @@
-# override: using compat=9 with debhelper 8.1.3 for build-hardening flags
-package-needs-versioned-debhelper-build-depends 9
diff --git a/debian/workers.properties b/debian/workers.properties
index 4ab311f..1e282f0 100644
--- a/debian/workers.properties
+++ b/debian/workers.properties
@@ -25,7 +25,7 @@
#
#
-# OPTIONS ( very important for jni mode )
+# OPTIONS ( very important for jni mode )
#
# workers.tomcat_home should point to the location where you
@@ -57,7 +57,7 @@ ps=/
#
#
# The workers that your plugins should create and work with
-#
+#
worker.list=ajp13_worker
#
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/libapache-mod-jk.git
More information about the pkg-java-commits
mailing list