[ubuntu/saucy-proposed] squid3 3.3.4-1ubuntu1 (Accepted)
Yolanda Robla
yolanda.robla at canonical.com
Tue Jul 16 13:55:15 UTC 2013
squid3 (3.3.4-1ubuntu1) saucy; urgency=low
* Merge from Debian unstable (LP: #1199883). Remaining changes:
+ debian/control:
- Update maintainer.
- Suggests apparmor (>= 2.3)
- Depends on ssl-cert ((>= 1.0-11ubuntu1), autopkgtests
+ debian/squid3.upstart
- Move ulimit command to script section so that it applies
to the started squid daemon. Thanks to Timur Irmatov (LP: 986159)
- Work around squid not handling SIGHUP by adding respawn to
upstart job. (LP: 978356)
+ debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3
transition in 12.04 (LP: 924739)
+ debian/rules
- Re-enable all hardening options lost in the squid->squid3
transition (LP: 986314)
+ squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm,
debian/squid3.preinst, debian/squid3.prerm:
- Convert init script to upstart
+ debian/patches/99-ubuntu-ssl-cert-snakeoil:
- Use snakeoil certificates.
+ debian/logrotate
- Use sar-reports rather than sarg-maint. (LP: 26616)
+ debian/patches/90-cf.data.ubuntu.dpatch:
- Add an example refresh pattern for debs.
(foundations-lucid-local-report spec)
+ Add disabled by default AppArmor profile (LP: 497790)
- debian/squid3.upstart: load profile in pre-start stanza
- add debian/usr.sbin.squid3 profile
- debian/rules:
+ install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and
etc/apparmor.d/disable into $(INSTALLDIR)
+ use dh_apparmor
- debian/squid3.install: install etc/apparmor.d/disable, force-complain
and usr.sbin.squid3
- debian/squid3.preinst: disable profile on clean install or upgrades
from earlier than when we shipped the profile
+ debian/tests:
- Add autopkgtests.
* Dropped:
- debian/patches: dropped patches, superseded by new release:
+ 98-CVE-2012-5643.patch
+ 99-lp1117517_r12473.patch
- debian/rules: fix FTBFS, removed --with-cppunit-basedir flag,
included in Debian.
- debian/control: Dropped transitional packages from squid, no
longer required.
* Refreshed patches:
- 01-cf.data.debian.patch
- 02-makefile-defaults.patch
- 15-cachemgr-default-config.patch
* debian/tests/test-squid.py: fixed case problem with ftp test
squid3 (3.3.4-1) unstable; urgency=low
* New upstream release
- Added support for SHA passwords in ncsa_auth (Closes: #652010)
* debian/squid3.lintian-overrides
- Added override for pinger setuid bin
* debian/watch
- Fixed pattern to skip the last dot
* debian/rules
- Removed reference to cppunit-basedir
squid3 (3.3.3-2) unstable; urgency=low
I would like to thank Amos Jeffries <squid3 at treenet.co.nz> for his help
with this release.
* debian/control
- Added Build-Depend on pkg-config to solve FTBFS when ecap is enabled
(Closes: #706025)
- Fixed package descriptions
- Added Build-Depend on libnetfilter-conntrack-dev
- Added Suggests on winbindd for NTLM authentication
* debian/patches/01-cf.data.debian.patch
- Removed change to visible_hostname defaut value (Closes: #705983)
- Fixed path of ntlm_auth helper in example
* debian/rules
- Removed --enable-arp-acl options obsoleted by --enable-eui
- Fixed FTBFS on hurd due to missing netfilter support
- Enabled Rock store type support
- Added SETUID bit to pinger program
* debian/watch
- Fixed pattern to match all the released versions of 3.3
squid3 (3.3.3-1) unstable; urgency=low
* New upstream release (Closes: #694633, #701799, #702540)
- Removed upstream patches
+ debian/patches/20-ipv6-fix
+ debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
+ debian/patches/fix-701123-regression-in-cachemgr.patch
- Includes upstream fix for CVE-2009-0801 (Closes: #521052)
- Includes upstream fix for rejection of benign request containing variants
of double CR (Closes: #669148)
* debian/control
- Added dependency on libecap2-dev
- Added squid-purge package
* debian/source
- Enabled ECAP support
- Fixed configure invocation to match new syntax
- Removed unneeded rename of helper man pages
- Fixed list of helpers to build, adding fake agents (Closes: #644280)
and negotiate wrapper (Closes: #656304)
* debian/watch
- Updated for 3.3
* debian/squid3.logrotate
- Added check for existing binary in logrotate script (Closes: #703954)
squid3 (3.1.20-2.2) unstable; urgency=low
* Non-maintainer upload.
* Add fix-701123-regression-in-cachemgr.patch patch.
Fix missing bits in the fix for CVE-2012-5643 and CVE-2013-0189 causing
cachemgr.cgi crashing when authentication credentials are supplied.
Thanks to Amos Jeffries <amos at treenet.co.nz> (Closes: #701123)
squid3 (3.1.20-2.1) unstable; urgency=high
* Non-maintainer upload
* Urgency high due to security fixes
* debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
- Added upstream fix for squid-cgi (cachemgr) memory leaks and denial of
service vulnerability (Closes: #696187)
squid3 (3.1.20-2) unstable; urgency=low
* debian/patches/20-ipv6-fix
- Added upstream fix for squid not working when IPv6 is not loaded
(Closes: #660489)
Date: Wed, 10 Jul 2013 17:12:42 +0200
Changed-By: Yolanda Robla <yolanda.robla at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: James Page <james.page at ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/squid3/3.3.4-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 10 Jul 2013 17:12:42 +0200
Source: squid3
Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid-purge
Architecture: source
Version: 3.3.4-1ubuntu1
Distribution: saucy
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Yolanda Robla <yolanda.robla at canonical.com>
Description:
squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI
squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility
squid3 - Full featured Web Proxy cache (HTTP proxy)
squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files
squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Closes: 521052 644280 652010 656304 660489 669148 694633 696187 701123 701799 702540 703954 705983 706025
Launchpad-Bugs-Fixed: 1199883
Changes:
squid3 (3.3.4-1ubuntu1) saucy; urgency=low
.
* Merge from Debian unstable (LP: #1199883). Remaining changes:
+ debian/control:
- Update maintainer.
- Suggests apparmor (>= 2.3)
- Depends on ssl-cert ((>= 1.0-11ubuntu1), autopkgtests
+ debian/squid3.upstart
- Move ulimit command to script section so that it applies
to the started squid daemon. Thanks to Timur Irmatov (LP: 986159)
- Work around squid not handling SIGHUP by adding respawn to
upstart job. (LP: 978356)
+ debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3
transition in 12.04 (LP: 924739)
+ debian/rules
- Re-enable all hardening options lost in the squid->squid3
transition (LP: 986314)
+ squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm,
debian/squid3.preinst, debian/squid3.prerm:
- Convert init script to upstart
+ debian/patches/99-ubuntu-ssl-cert-snakeoil:
- Use snakeoil certificates.
+ debian/logrotate
- Use sar-reports rather than sarg-maint. (LP: 26616)
+ debian/patches/90-cf.data.ubuntu.dpatch:
- Add an example refresh pattern for debs.
(foundations-lucid-local-report spec)
+ Add disabled by default AppArmor profile (LP: 497790)
- debian/squid3.upstart: load profile in pre-start stanza
- add debian/usr.sbin.squid3 profile
- debian/rules:
+ install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and
etc/apparmor.d/disable into $(INSTALLDIR)
+ use dh_apparmor
- debian/squid3.install: install etc/apparmor.d/disable, force-complain
and usr.sbin.squid3
- debian/squid3.preinst: disable profile on clean install or upgrades
from earlier than when we shipped the profile
+ debian/tests:
- Add autopkgtests.
.
* Dropped:
- debian/patches: dropped patches, superseded by new release:
+ 98-CVE-2012-5643.patch
+ 99-lp1117517_r12473.patch
- debian/rules: fix FTBFS, removed --with-cppunit-basedir flag,
included in Debian.
- debian/control: Dropped transitional packages from squid, no
longer required.
.
* Refreshed patches:
- 01-cf.data.debian.patch
- 02-makefile-defaults.patch
- 15-cachemgr-default-config.patch
.
* debian/tests/test-squid.py: fixed case problem with ftp test
.
squid3 (3.3.4-1) unstable; urgency=low
.
* New upstream release
- Added support for SHA passwords in ncsa_auth (Closes: #652010)
.
* debian/squid3.lintian-overrides
- Added override for pinger setuid bin
.
* debian/watch
- Fixed pattern to skip the last dot
.
* debian/rules
- Removed reference to cppunit-basedir
.
squid3 (3.3.3-2) unstable; urgency=low
.
I would like to thank Amos Jeffries <squid3 at treenet.co.nz> for his help
with this release.
.
* debian/control
- Added Build-Depend on pkg-config to solve FTBFS when ecap is enabled
(Closes: #706025)
- Fixed package descriptions
- Added Build-Depend on libnetfilter-conntrack-dev
- Added Suggests on winbindd for NTLM authentication
.
* debian/patches/01-cf.data.debian.patch
- Removed change to visible_hostname defaut value (Closes: #705983)
- Fixed path of ntlm_auth helper in example
.
* debian/rules
- Removed --enable-arp-acl options obsoleted by --enable-eui
- Fixed FTBFS on hurd due to missing netfilter support
- Enabled Rock store type support
- Added SETUID bit to pinger program
.
* debian/watch
- Fixed pattern to match all the released versions of 3.3
.
squid3 (3.3.3-1) unstable; urgency=low
.
* New upstream release (Closes: #694633, #701799, #702540)
- Removed upstream patches
+ debian/patches/20-ipv6-fix
+ debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
+ debian/patches/fix-701123-regression-in-cachemgr.patch
- Includes upstream fix for CVE-2009-0801 (Closes: #521052)
- Includes upstream fix for rejection of benign request containing variants
of double CR (Closes: #669148)
.
* debian/control
- Added dependency on libecap2-dev
- Added squid-purge package
.
* debian/source
- Enabled ECAP support
- Fixed configure invocation to match new syntax
- Removed unneeded rename of helper man pages
- Fixed list of helpers to build, adding fake agents (Closes: #644280)
and negotiate wrapper (Closes: #656304)
.
* debian/watch
- Updated for 3.3
.
* debian/squid3.logrotate
- Added check for existing binary in logrotate script (Closes: #703954)
.
squid3 (3.1.20-2.2) unstable; urgency=low
.
* Non-maintainer upload.
* Add fix-701123-regression-in-cachemgr.patch patch.
Fix missing bits in the fix for CVE-2012-5643 and CVE-2013-0189 causing
cachemgr.cgi crashing when authentication credentials are supplied.
Thanks to Amos Jeffries <amos at treenet.co.nz> (Closes: #701123)
.
squid3 (3.1.20-2.1) unstable; urgency=high
.
* Non-maintainer upload
.
* Urgency high due to security fixes
.
* debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
- Added upstream fix for squid-cgi (cachemgr) memory leaks and denial of
service vulnerability (Closes: #696187)
.
squid3 (3.1.20-2) unstable; urgency=low
.
* debian/patches/20-ipv6-fix
- Added upstream fix for squid not working when IPv6 is not loaded
(Closes: #660489)
Checksums-Sha1:
4c84aad6fe9d224f4f88e19e597f0db54547e019 2303 squid3_3.3.4-1ubuntu1.dsc
fdbdcafb7ab2a4aabf5fb0d7ccb700f7b7b9e4c0 2987756 squid3_3.3.4.orig.tar.bz2
33465b1a3d09332a20df7bd697481cb151a7b565 41602 squid3_3.3.4-1ubuntu1.debian.tar.gz
Checksums-Sha256:
daf778580bd863ebcaed43d68944c67c69235202e38f8b171b0647205ac0de2e 2303 squid3_3.3.4-1ubuntu1.dsc
e962c27a294f6dd57a32fdc493e32c16d24687035f03f1140c491fb8c12ce170 2987756 squid3_3.3.4.orig.tar.bz2
1831a16ae96eabcc97604d16d2af11ae58aeec2770b91d04ee4f9e4a5cd19266 41602 squid3_3.3.4-1ubuntu1.debian.tar.gz
Files:
5be1920284a45edfad584c24cdb1f841 2303 web optional squid3_3.3.4-1ubuntu1.dsc
0ef8e63a980389c62130fa639079fb54 2987756 web optional squid3_3.3.4.orig.tar.bz2
8d5a9623ab2e142edbf086e98521ef0f 41602 web optional squid3_3.3.4-1ubuntu1.debian.tar.gz
Original-Maintainer: Luigi Gangitano <luigi at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJR5U7PAAoJEL/srsug59jD6HoP+gJ9AnxBYpBM0Qs07IfBv9PG
L5B3BFVzeHsL0r8q/qfWssKnuoDtBQ5bGwTueskSgWVYhg2oy4zRUkEX6Iryvipa
ZgpBlwuhIIHZuT+9sU22dSq9KE6/YPiRRJPUV9ao+MYrPvLRNzoSli3G3DDqMWEd
2AXpLj2+JGhTaz+v/JNSi1H2FTG4HxmOJiRaZP4yCfVpJlAbfyD94BTryNS2RGtv
gr56BB1r5PvvMIrISHACqY+FvDk20A+xgnoWN+by85FsInW+zR6fqrDMe75QxC2e
WAv8ACZob6zV5Jt1n2U0ls2NGCrktby9mWyExbMK+1/EA24NNWYNxF9tkEDMen+1
fPyjuM8rQkwCt0d+YFKidaAFxO4MlL8/X17RnWu1pVsFGDuDLFsqz5BKEJHF35ph
esdU6jw9FcfZv6SChs9oJelfEzxABWLLndlDnouYHWy2S3vULUK+vmjM1fx+mGyF
Lq5ecjOXuW9Yz0kNIWPZM7HHKEco2XeM7MK/wSP8P8OB83PqaylUOqR7pH+PBNrT
nkHwSC0ICf0JbSZkiSU3PKYHX/exMNh+ZjcLsn+pjJxw1YxYTKbZEnajyhTS8pDn
t/HNI3XeIh5ew+RdvtslLG7BesgGglVpmhWxScuoX1o4mABOHptHpU1IUVmj3e+l
0x4PYBSdkaG15fbNyMiF
=AGnm
-----END PGP SIGNATURE-----
More information about the Saucy-changes
mailing list