Changelog
fcgiwrap (1.1.0-13) unstable; urgency=medium
[ Jordi Mallach ]
* Tighten permissions and ownership of fcgiwrap socket.
This was previously mode 0666, thus writable by any user,
which could lead to trivial privilege escalation to www-data.
Thanks to Anton Luka Šijanec. (Closes: #1023688)
* Bump debhelper compat to v13 and use debhelper-compat to declare it.
* Set Rules-Requires-Root to no.
* Update copyright years.
* Make systemd the main dependency, with spawn-fcgi as the alternative.
* Add missing ${misc:Pre-Depends} to handle init-system-helpers requirement.
* Update Standards-Version to 4.6.1, with no changes needed.
* Add a NEWS.Debian entry pointing out that the socket permission change
might break existing setups if they relied on a world-writable socket.
* Change all references to /var/run to just /run.
[ Debian Janitor ]
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
* Trim trailing whitespace.
-- Jordi Mallach <email address hidden> Fri, 09 Dec 2022 12:47:07 +0100
