[Python-modules-commits] r22107 - in packages/python-tornado/trunk/debian (6 files)

jtaylor-guest at users.alioth.debian.org jtaylor-guest at users.alioth.debian.org
Sat Jun 9 14:58:13 UTC 2012 

    Date: Saturday, June 9, 2012 @ 14:58:07
  Author: jtaylor-guest
Revision: 22107

new upstream release

change debian/watch to download section instead of tag tarballs
tag tarball contain lots of unnecessary website and test data
drop upstream applied CVE-2012-2374.patch
refresh patches
closes LP: #998615

Modified:
  packages/python-tornado/trunk/debian/changelog
  packages/python-tornado/trunk/debian/patches/certs-path.patch
  packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch
  packages/python-tornado/trunk/debian/patches/series
  packages/python-tornado/trunk/debian/watch
Deleted:
  packages/python-tornado/trunk/debian/patches/CVE-2012-2374.patch

Modified: packages/python-tornado/trunk/debian/changelog
===================================================================
--- packages/python-tornado/trunk/debian/changelog	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/changelog	2012-06-09 14:58:07 UTC (rev 22107)
@@ -1,3 +1,15 @@
+python-tornado (2.3-1) unstable; urgency=low
+
+  * Team upload
+  * new upstream release
+    - change debian/watch to download section instead of tag tarballs
+      tag tarball contain lots of unnecessary website and test data
+    - drop upstream applied CVE-2012-2374.patch
+    - refresh patches
+    - closes LP: #998615
+
+ -- Julian Taylor <jtaylor at ubuntu.com>  Sat, 09 Jun 2012 16:22:45 +0200
+
 python-tornado (2.1.0-3) unstable; urgency=high
 
   [ Julian Taylor ]

Deleted: packages/python-tornado/trunk/debian/patches/CVE-2012-2374.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/CVE-2012-2374.patch	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/patches/CVE-2012-2374.patch	2012-06-09 14:58:07 UTC (rev 22107)
@@ -1,15 +0,0 @@
-Description: fix CVE-2012-2374
-Applied-Upstream: 2.2.1
-Origin: https://github.com/facebook/tornado/commit/1ae91f6d58e6257e0ab49d295d8741ce1727bdb7
-Author: Julian Taylor <jtaylor at ubuntu.com>
---- a/tornado/web.py
-+++ b/tornado/web.py
-@@ -258,7 +258,7 @@
-         # If \n is allowed into the header, it is possible to inject
-         # additional headers or split the request. Also cap length to
-         # prevent obviously erroneous values.
--        if len(value) > 4000 or re.match(b(r"[\x00-\x1f]"), value):
-+        if len(value) > 4000 or re.search(b(r"[\x00-\x1f]"), value):
-             raise ValueError("Unsafe header value %r", value)
-         return value
- 

Modified: packages/python-tornado/trunk/debian/patches/certs-path.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/certs-path.patch	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/patches/certs-path.patch	2012-06-09 14:58:07 UTC (rev 22107)
@@ -3,7 +3,7 @@
 
 --- a/tornado/simple_httpclient.py
 +++ b/tornado/simple_httpclient.py
-@@ -31,7 +31,10 @@ try:
+@@ -32,7 +32,10 @@
  except ImportError:
      ssl = None
  
@@ -13,5 +13,5 @@
 +else:
 +    _DEFAULT_CA_CERTS = os.path.dirname(__file__) + '/ca-certificates.crt'
  
+ 
  class SimpleAsyncHTTPClient(AsyncHTTPClient):
-     """Non-blocking HTTP client with no external dependencies.

Modified: packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch	2012-06-09 14:58:07 UTC (rev 22107)
@@ -3,12 +3,12 @@
 
 --- a/setup.py
 +++ b/setup.py
-@@ -44,7 +44,7 @@ distutils.core.setup(
+@@ -44,7 +44,7 @@
      version=version,
      packages = ["tornado", "tornado.test", "tornado.platform"],
      package_data = {
 -        "tornado": ["ca-certificates.crt"],
-+        # "tornado": ["ca-certificates.crt"],
-         "tornado.test": ["README", "test.crt", "test.key", "static/robots.txt"],
++        #"tornado": ["ca-certificates.crt"],
+         "tornado.test": ["README", "test.crt", "test.key", "static/robots.txt",
+                          "templates/utf8.html"],
          },
-     ext_modules = extensions,

Modified: packages/python-tornado/trunk/debian/patches/series
===================================================================
--- packages/python-tornado/trunk/debian/patches/series	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/patches/series	2012-06-09 14:58:07 UTC (rev 22107)
@@ -1,3 +1,2 @@
 ignore-ca-certificates.patch
 certs-path.patch
-CVE-2012-2374.patch

Modified: packages/python-tornado/trunk/debian/watch
===================================================================
--- packages/python-tornado/trunk/debian/watch	2012-06-09 05:24:18 UTC (rev 22106)
+++ packages/python-tornado/trunk/debian/watch	2012-06-09 14:58:07 UTC (rev 22107)
@@ -1,2 +1,2 @@
 version=3
-http://githubredir.debian.net/github/facebook/tornado /v(.*).tar.gz
+https://github.com/facebook/tornado/downloads .*/tornado-(.*).tar.gz

More information about the Python-modules-commits mailing list