diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 19 | ||||
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/patches/fix-autobuilders | 32 | ||||
| -rw-r--r-- | debian/patches/fix-kfreebsd-support | 24 | ||||
| -rw-r--r-- | debian/patches/series | 4 | ||||
| -rwxr-xr-x | debian/rules | 2 | ||||
| -rw-r--r-- | debian/upstream.changelog | 7 |
7 files changed, 87 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog index 653a42e..401915d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,22 @@ +mini-httpd (1.23-1) unstable; urgency=medium + + * New upstream release + * d/control: + - Bump Standard-Version to 3.9.7. + * d/upstream.changelog: + - Update changes. + * d/patches: + - Remove patch fix-add_to_response-buffer-overflow fixed for upstream. + - Fix support FreeBSD + thanks Steven Chamberlain <steven@pyro.eu.org> (Closes: #815339) + - Add patch fix-autobuilders for a problem with package on 64-bit + thanks Steve Langasek <steve.langasek@ubuntu.com> (Closes: #819125) + * d/rules: + - Add hardening + - Don`t install htpasswd (LP: #943088) + + -- Jose dos Santos Junior <j.s.junior@live.com> Fri, 01 Apr 2016 17:32:30 -0300 + mini-httpd (1.21-1) unstable; urgency=medium * New upstream release. diff --git a/debian/control b/debian/control index 98e4422..6203855 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: optional Maintainer: Jose dos Santos Junior <j.s.junior@live.com> Build-Depends: debhelper (>= 9), libssl-dev Homepage: http://www.acme.com/software/mini_httpd -Standards-Version: 3.9.6 +Standards-Version: 3.9.7 Package: mini-httpd Architecture: any diff --git a/debian/patches/fix-autobuilders b/debian/patches/fix-autobuilders new file mode 100644 index 0000000..f97ba97 --- /dev/null +++ b/debian/patches/fix-autobuilders @@ -0,0 +1,32 @@ +Description: include missing headers to ensure proper declarations +mini_httpd uses several standard C functions without including the proper +headers needed to pick up their declarations. One of these functions, +crypt(), returns a pointer. Failure to include the header means the return +type is assumed to be an int, which means the pointer is implicitly cast to +an int, which loses data on 64-bit architectures. +Author: Steve Langasek <steve.langasek@ubuntu.com> +Last-Update: 2016-04-03Index: mini-httpd-1.23/htpasswd.c +=================================================================== +--- mini-httpd-1.23.orig/htpasswd.c ++++ mini-httpd-1.23/htpasswd.c +@@ -15,6 +15,7 @@ + #include <stdlib.h> + #include <time.h> + #include <unistd.h> ++#include <crypt.h> + + #define LF 10 + #define CR 13 +Index: mini-httpd-1.23/mini_httpd.c +=================================================================== +--- mini-httpd-1.23.orig/mini_httpd.c ++++ mini-httpd-1.23/mini_httpd.c +@@ -52,6 +52,8 @@ + #include <arpa/inet.h> + #include <netdb.h> + #include <dirent.h> ++#include <crypt.h> ++#include <grp.h> + + #include "port.h" + #include "match.h" diff --git a/debian/patches/fix-kfreebsd-support b/debian/patches/fix-kfreebsd-support new file mode 100644 index 0000000..48c5a04 --- /dev/null +++ b/debian/patches/fix-kfreebsd-support @@ -0,0 +1,24 @@ +Description: add support for GNU/kFreeBSD, which defines + __FreeBSD_Kernel__ but not __FreeBSD__ +Author: Jose dos Santos Junior <j.s.junior@live.com> +Last-Update: 2016-04-02Index: mini-httpd-1.23/port.h +=================================================================== +--- mini-httpd-1.23.orig/port.h ++++ mini-httpd-1.23/port.h +@@ -1,6 +1,6 @@ + /* port.h - portability defines */ + +-#if defined(__FreeBSD__) ++#if defined(__FreeBSD_Kernel__) + # define OS_FreeBSD + # define ARCH "FreeBSD" + #elif defined(__OpenBSD__) +@@ -40,7 +40,7 @@ + # define HAVE_SRANDOMDEV + # ifdef SO_ACCEPTFILTER + # define HAVE_ACCEPT_FILTERS +-# if ( __FreeBSD_version >= 411000 ) ++# if ( __FreeBSD_kernel_version >= 411000 ) + # define ACCEPT_FILTER_NAME "httpready" + # else + # define ACCEPT_FILTER_NAME "dataready" diff --git a/debian/patches/series b/debian/patches/series index a8a186a..3e290ff 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,5 +1,7 @@ +fix-autobuilders +fix-kfreebsd-support fix-change-index-document-root -fix-add_to_response-buffer-overflow +#fix-add_to_response-buffer-overflow 01-manpage 03-cgi-php fix-makefile diff --git a/debian/rules b/debian/rules index 84cf36c..b80a24d 100755 --- a/debian/rules +++ b/debian/rules @@ -1,6 +1,6 @@ #!/usr/bin/make -f # export DH_VERBOSE=1 - +export DEB_BUILD_MAINT_OPTIONS = hardening=+all %: dh $@ diff --git a/debian/upstream.changelog b/debian/upstream.changelog index 2998366..608953f 100644 --- a/debian/upstream.changelog +++ b/debian/upstream.changelog @@ -1,5 +1,12 @@ # Extracted from http://www.acme.com/software/mini_httpd/ +New in version 1.23: + - Fixed CVE-2015-1548, a buffer overflow via snprintf. + +New in version 1.22: + - Don't do TCP_NOPUSH on SSL connections. It doesn't help and causes problems. + - Use memmove() for self-overlapping string copies instead of strcpy(). + New in version 1.21: - Disable SSL 3 because of the "poodle" attack. |