[Pkg-erlang-commits] r1845 - in yaws/trunk/debian: . patches
sgolovan at alioth.debian.org
sgolovan at alioth.debian.org
Thu Sep 22 11:52:16 UTC 2016
Author: sgolovan
Date: 2016-09-22 11:52:15 +0000 (Thu, 22 Sep 2016)
New Revision: 1845
Removed:
yaws/trunk/debian/patches/CVE-2016-1000108.diff
yaws/trunk/debian/patches/r18.diff
Modified:
yaws/trunk/debian/changelog
yaws/trunk/debian/control
yaws/trunk/debian/patches/series
yaws/trunk/debian/rules
Log:
[yaws]
* New upstream release.
* Restored treating compiler warnings as errors.
* Added erlang-dialyzer to the Yaws build dependencies.
* Fixed the SVN link in debian/control.
* Removed the patch which fixes CVE-2016-1000108 because it has been
applied upstream.
Modified: yaws/trunk/debian/changelog
===================================================================
--- yaws/trunk/debian/changelog 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/changelog 2016-09-22 11:52:15 UTC (rev 1845)
@@ -1,8 +1,13 @@
-yaws (2.0.3+dfsg-2) UNRELEASED; urgency=medium
+yaws (2.0.4+dfsg-1) unstable; urgency=medium
- * NOT RELEASED YET
+ * New upstream release.
+ * Restored treating compiler warnings as errors.
+ * Added erlang-dialyzer to the Yaws build dependencies.
+ * Fixed the SVN link in debian/control.
+ * Removed the patch which fixes CVE-2016-1000108 because it has been
+ applied upstream.
- -- Sergei Golovan <sgolovan at debian.org> Thu, 18 Aug 2016 12:00:11 +0300
+ -- Sergei Golovan <sgolovan at debian.org> Thu, 22 Sep 2016 14:37:06 +0300
yaws (2.0.3+dfsg-1) unstable; urgency=medium
Modified: yaws/trunk/debian/control
===================================================================
--- yaws/trunk/debian/control 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/control 2016-09-22 11:52:15 UTC (rev 1845)
@@ -4,13 +4,13 @@
Maintainer: Debian Erlang Packagers <pkg-erlang-devel at lists.alioth.debian.org>
Uploaders: Sergei Golovan <sgolovan at debian.org>
Build-Depends: debhelper (>= 8.9.7), autotools-dev, libpam0g-dev,
- erlang-dev (>= 1:13.b.1-3), erlang-edoc, erlang-mnesia
+ erlang-dev (>= 1:13.b.1-3), erlang-edoc, erlang-mnesia, erlang-dialyzer
Build-Depends-Indep: texlive-latex-base, texlive-latex-recommended,
texlive-fonts-recommended, texlive-font-utils, texlive-extra-utils, ghostscript
Standards-Version: 3.9.8
Homepage: http://yaws.hyber.org/
-Vcs-Svn: svn://svn.debian.org//svn/pkg-erlang/yaws/trunk/
-Vcs-Browser: http://svn.debian.org/wsvn/pkg-erlang/yaws/trunk/
+Vcs-Svn: svn://anonscm.debian.org/svn/pkg-erlang/yaws/trunk/
+Vcs-Browser: https://anonscm.debian.org/viewvc/pkg-erlang/yaws/trunk/
Package: yaws
Architecture: all
Deleted: yaws/trunk/debian/patches/CVE-2016-1000108.diff
===================================================================
--- yaws/trunk/debian/patches/CVE-2016-1000108.diff 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/patches/CVE-2016-1000108.diff 2016-09-22 11:52:15 UTC (rev 1845)
@@ -1,34 +0,0 @@
-From: Klacke Wikstrom <cwikstro at cisco.com>
-Date: Mon, 25 Jul 2016 12:46:30 +0200
-Subject: [PATCH] Security flaw http://httpoxy.org/ fixed A security flaw with
- HTTP_PROXY fixed. When we now construct the cgi env variables, we just skip
- the Proxy header. Reported by dominic at varspool.com.
- CVE-2016-1000108
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832433
-
---- a/src/yaws_cgi.erl
-+++ b/src/yaws_cgi.erl
-@@ -368,11 +368,21 @@ build_env(Arg, Scriptfilename, Pathinfo, ExtraEnv, SC) ->
- {"HTTP_IF_NONE_MATCH", H#headers.if_none_match},
- {"HTTP_IF_UNMODIFIED_SINCE", H#headers.if_unmodified_since},
- {"HTTP_COOKIE", flatten_val(make_cookie_val(H#headers.cookie))}
-- ]++lists:map(fun({http_header,_,Var,_,Val})->{tohttp(Var),Val} end,
-- H#headers.other)
-+ ]++ other_headers(H#headers.other)
- )) ++
- Extra_CGI_Vars.
-
-+other_headers(Headers) ->
-+ lists:zf(fun({http_header,_,Var,_,Val}) ->
-+ case tohttp(Var) of
-+ "HTTP_PROXY" ->
-+ %% See http://httpoxy.org/
-+ false;
-+ HTTP ->
-+ {true, {HTTP,Val}}
-+ end
-+ end, Headers).
-+
- tohttp(X) ->
- "HTTP_"++lists:map(fun tohttp_c/1, yaws:to_list(X)).
-
Deleted: yaws/trunk/debian/patches/r18.diff
===================================================================
--- yaws/trunk/debian/patches/r18.diff 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/patches/r18.diff 2016-09-22 11:52:15 UTC (rev 1845)
@@ -1,17 +0,0 @@
-Author: Sergei Golovan
-Description: Patch removes treating warnings as errors during the build
- process. This fixes FTBFS with Erlang 18.
-Debian-Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790625
-Last-Modified: Tue, 18 Aug 2015 09:03:33 +0300
-
---- a/include.mk
-+++ b/include.mk
-@@ -3,7 +3,7 @@
- am__v_ERLC_0 = @echo " ERLC " $@;
- am__v_ERLC_1 =
-
--ERLC_GENERIC_FLAGS = -Werror +debug_info $(DEBUG_ERLC_FLAGS) \
-+ERLC_GENERIC_FLAGS = +debug_info $(DEBUG_ERLC_FLAGS) \
- -pa $(top_srcdir) -pa $(top_builddir) -pa $(top_builddir)/ebin \
- -I $(top_srcdir)/include -I $(srcdir)/../include \
- -I $(top_builddir)/include -I $(builddir)/../include
Modified: yaws/trunk/debian/patches/series
===================================================================
--- yaws/trunk/debian/patches/series 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/patches/series 2016-09-22 11:52:15 UTC (rev 1845)
@@ -1,2 +1 @@
-r18.diff
-CVE-2016-1000108.diff
+# Nothing here
Modified: yaws/trunk/debian/rules
===================================================================
--- yaws/trunk/debian/rules 2016-09-21 12:51:42 UTC (rev 1844)
+++ yaws/trunk/debian/rules 2016-09-22 11:52:15 UTC (rev 1845)
@@ -157,10 +157,9 @@
erlang-depends
dh_gencontrol
-v=2.0.3
+v=2.0.4
get-orig-source:
- wget -O yaws_$(v).orig.tar.gz http://yaws.hyber.org/download/yaws-$(v).tar.gz
CURDIR=`pwd` && TMPDIR=`mktemp -d /tmp/yaws.XXXXXX` && \
cd $$TMPDIR && \
wget -O - http://yaws.hyber.org/download/yaws-$(v).tar.gz | tar -zx && \
More information about the Pkg-erlang-commits
mailing list