Change log for jetty package in Ubuntu
| 1 → 29 of 29 results | First • Previous • Next • Last |
jetty (6.1.26-5ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Possible Timing Attack.
- debian/patches/CVE-2017-9735.patch: A timing channel in Password.java.
- CVE-2017-9735
-- Eduardo Barretto <email address hidden> Wed, 30 Jan 2019 13:45:11 -0200
Available diffs
jetty (6.1.26-1ubuntu1.2) trusty-security; urgency=medium
* SECURITY UPDATE: Possible Timing Attack.
- debian/patches/CVE-2017-9735.patch: A timing channel in Password.java.
- CVE-2017-9735
-- Eduardo Barretto <email address hidden> Wed, 30 Jan 2019 13:43:03 -0200
Available diffs
| Deleted in yakkety-release (Reason: (From Debian) ROM; No longer used, superseded by jetty{8,...) |
| Published in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
jetty (6.1.26-5) unstable; urgency=medium * Team upload. * Removed the dependency on libmx4j-java * Removed Niels Thykier from the uploaders (Closes: #770572) -- Emmanuel Bourg <email address hidden> Thu, 04 Jun 2015 08:30:40 +0200
Available diffs
- diff from 6.1.26-4 to 6.1.26-5 (1.5 KiB)
jetty (6.1.26-1ubuntu1.1) trusty; urgency=medium * Depend on tomcat7 (LP: #1286779) - Fixed by taking the tomcat-related part of the changes in 6.1.26-2. - Effectively this means the rules files as it was in http://anonscm.debian.org/viewvc/pkg-java?view=revision&revision=18019 and control file as it was in http://anonscm.debian.org/viewvc/pkg-java?view=revision&revision=18019 The other changes in 6.1.26-2 seemed unrelated to tomcat so I have not included them in order to keep the patch to a bare minimum. -- Hans Joachim Desserud <email address hidden> Sun, 21 Sep 2014 21:25:56 +0200
Available diffs
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
jetty (6.1.26-4) unstable; urgency=medium * Team upload. * Removed the jetty binary package, jetty8 should be used instead * Removed the obsolete dependency on libgnujaf-java * Replaced the dependency on libgnumail-java with libmail-java * Standards-Version updated to 3.9.6 (no changes) * Use canonical URLs for the Vcs-* fields * Switch to debhelper level 9 -- Emmanuel Bourg <email address hidden> Fri, 17 Oct 2014 08:07:06 +0200
Available diffs
- diff from 6.1.26-3 to 6.1.26-4 (2.3 KiB)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
jetty (6.1.26-3) unstable; urgency=low
* Team upload.
* d/jetty.init: variable $ROTATELOGS path chenged
from /usr/sbin to /usr/bin (Closes: #719875)
* Added Class-Path to jars to fix Lintian missing-classpath warning
-- Eugene Zhukov <email address hidden> Tue, 22 Apr 2014 10:13:52 +0000
Available diffs
| Superseded in utopic-release |
| Published in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Obsolete in quantal-release |
jetty (6.1.26-1ubuntu1) quantal; urgency=low
* Re-sync from Debian unstable.
* d/jetty.init: Look for JAVA_HOME in multiarch locations for
openjdk-6 and openjdk-7 (LP: #878527).
Available diffs
jetty (6.1.24-6ubuntu0.12.04.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service via many hash collisions
- debian/patches/CVE-2011-4461.patch: limit number of form parameters
to avoid a DoS in modules/jetty/src/main/java/org/mortbay/jetty/Request.java,
modules/jetty/src/main/java/org/mortbay/jetty/handler/ContextHandler.java,
modules/jetty/src/test/java/org/mortbay/jetty/RequestTest.java,
modules/util/src/main/java/org/mortbay/util/UrlEncoded.java,
modules/util/src/test/java/org/mortbay/util/URLEncodedTest.java.
- CVE-2011-4461
-- Marc Deslauriers <email address hidden> Mon, 23 Apr 2012 09:26:54 -0400
Available diffs
jetty (6.1.24-6ubuntu0.11.10.1) oneiric-security; urgency=low
* SECURITY UPDATE: denial of service via many hash collisions
- debian/patches/CVE-2011-4461.patch: limit number of form parameters
to avoid a DoS in modules/jetty/src/main/java/org/mortbay/jetty/Request.java,
modules/jetty/src/main/java/org/mortbay/jetty/handler/ContextHandler.java,
modules/jetty/src/test/java/org/mortbay/jetty/RequestTest.java,
modules/util/src/main/java/org/mortbay/util/UrlEncoded.java,
modules/util/src/test/java/org/mortbay/util/URLEncodedTest.java.
- CVE-2011-4461
-- Marc Deslauriers <email address hidden> Mon, 23 Apr 2012 09:26:54 -0400
Available diffs
jetty (6.1.26-1) unstable; urgency=low
* New upstream release.
- Fixes issues with loading javax.activation.
(Closes: #594913)
* Enable hardening flags for the setuid.so file.
* Updated d/copyright to DEP-5 format 1.0.
* Exit 0 in jetty's init script if jetty is already running.
Thanks to Toby for the report and patch. (Closes: #626382)
* Fix misspelled "character-class" in grep invocation. Thanks
to Isaac for the report and correction. (Closes: #637961)
* Allow java.library.path to be set in /etc/default/jetty.
Thanks to "biddster" for the report and the patches.
(Closes: #600175, LP: #656374)
* Apply patch from Fedora to fix hash collision related DOS.
- CVE-2011-4461
* Remove Michael Koch from Uploaders. Thanks for your work
on this package in the past. (Closes: #654034)
* Add gnumail-providers.jar to start.config. Thanks to
Michele Renda for the suggestion. (Closes: #591851)
* Add symlinks from jetty{,-util}-6.1.24.jar to the 6.1.26
version to avoid breaking eclipse.
-- Niels Thykier <email address hidden> Wed, 25 Apr 2012 12:26:13 +0200
Available diffs
- diff from 6.1.24-6 (in Ubuntu) to 6.1.26-1 (58.3 KiB)
jetty (6.1.22-1ubuntu1.1) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via many hash collisions
- debian/patches/CVE-2011-4461.patch: limit number of form parameters
to avoid a DoS in modules/jetty/src/main/java/org/mortbay/jetty/Request.java,
modules/jetty/src/main/java/org/mortbay/jetty/handler/ContextHandler.java,
modules/jetty/src/test/java/org/mortbay/jetty/RequestTest.java,
modules/util/src/main/java/org/mortbay/util/UrlEncoded.java,
modules/util/src/test/java/org/mortbay/util/URLEncodedTest.java.
- CVE-2011-4461
-- Marc Deslauriers <email address hidden> Mon, 23 Apr 2012 14:42:06 -0400
Available diffs
jetty (6.1.24-6ubuntu0.11.04.1) natty-security; urgency=low
* SECURITY UPDATE: denial of service via many hash collisions
- debian/patches/CVE-2011-4461.patch: limit number of form parameters
to avoid a DoS in modules/jetty/src/main/java/org/mortbay/jetty/Request.java,
modules/jetty/src/main/java/org/mortbay/jetty/handler/ContextHandler.java,
modules/jetty/src/test/java/org/mortbay/jetty/RequestTest.java,
modules/util/src/main/java/org/mortbay/util/UrlEncoded.java,
modules/util/src/test/java/org/mortbay/util/URLEncodedTest.java.
- CVE-2011-4461
-- Marc Deslauriers <email address hidden> Mon, 23 Apr 2012 09:26:54 -0400
Available diffs
| Superseded in quantal-release |
| Published in precise-release |
| Obsolete in oneiric-release |
| Superseded in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
jetty (6.1.24-6) unstable; urgency=medium
* Removed Depends on JREs for library packages, no longer required
by the policy.
* Added missing depends on JREs for the jetty package.
* Made init script ignore weird exit statuses from logrotate.
(Closes: 589681, LP: #607202)
* Fixed broken restart command in jetty init script. Was missing a
negation.
-- Benjamin Drung <email address hidden> Mon, 05 Jul 2010 22:28:14 +0200
Available diffs
- diff from 6.1.24-5 to 6.1.24-6 (1.2 KiB)
jetty (6.1.24-5) unstable; urgency=low * Ignore test failures. (Closes: #587459) * Remove debian/.mh in clean target. -- Benjamin Drung <email address hidden> Tue, 29 Jun 2010 20:53:42 +0200
Available diffs
- diff from 6.1.24-4 to 6.1.24-5 (712 bytes)
jetty (6.1.24-4) unstable; urgency=low
* Updated the versions in the Manifests to match the actual version
of jetty.
* Remove all use of sudo in jetty.init. (Closes: #580639)
* Fixed some formatting issues in the NEWS file.
* Bumped debhelper compat to 7.
* Made the javadoc link against system javadocs. This includes adding
Recommends on various java-doc packages.
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 22 Jun 2010 08:40:20 +0100
Available diffs
- diff from 6.1.24-3 to 6.1.24-4 (3.0 KiB)
jetty (6.1.24-3) unstable; urgency=low
[ Torsten Werner ]
* Merge changes from Ubuntu version 6.1.22-1ubuntu1:
- debian/build.xml, debian/module.xml: Enable tests in the jetty module
- debian/rules: Adding slf4j-simple to the DEB_JARS since it's used in
tests
- debian/rules, debian/control: Added junit and ant-optional needed for
tests
[ Miguel Landaeta ]
* Enable jetty-plus and jetty-annotations modules. (Closes: #585387).
-- Benjamin Drung <email address hidden> Thu, 10 Jun 2010 14:07:51 -0430
Available diffs
- diff from 6.1.24-2ubuntu1 to 6.1.24-3 (3.3 KiB)
| Superseded in maverick-release |
jetty (6.1.24-2ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/build.xml, debian/module.xml: Enable tests in the jetty module
- debian/rules: Adding slf4j-simple to DEB_JARS since it's used in tests
- debian/rules, debian/control: junit and ant-optional are needed for tests
Available diffs
- diff from 6.1.22-1ubuntu1 to 6.1.24-2ubuntu1 (49.2 KiB)
jetty (6.1.22-1ubuntu1) lucid; urgency=low * debian/build.xml, debian/module.xml: Enable tests in the jetty module * debian/rules: Adding slf4j-simple to the DEB_JARS since it's used in tests * debian/rules, debian/control: Added junit and ant-optional needed for tests * debian/control, debian/rules: Build with default-jdk. -- Thierry Carrez <email address hidden> Tue, 26 Jan 2010 09:52:06 +0100
Available diffs
- diff from 6.1.22-1 to 6.1.22-1ubuntu1 (1.9 KiB)
jetty (6.1.22-1) unstable; urgency=medium * New upstream release. (Closes: #553644) * Added OSGi bundle metadata (by upstream). (Closes: #558187) * Corrected path to jetty web-apps (by Niels Thykier). (Closes: #554877) -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 05 Jan 2010 06:05:10 +0000
Available diffs
- diff from 6.1.21-1 to 6.1.22-1 (30.9 KiB)
jetty (6.1.21-1) unstable; urgency=medium
* New upstream release.
* Stopped using /tmp/jetty-temp in /etc/init.d/jetty for security
reasons.
- JVM_TMP is now /var/cache/jetty/tmp
- JETTY_TMP is now /var/cache/jetty/data
* The postrm script no longer deletes files in /tmp/jetty-temp.
* Removed Philipp Meier from Uploaders (last upload was 2006-06-07).
Thanks for your work on this package.
* Corrected javadoc symlink in binary package jetty.
-- Ubuntu Archive Auto-Sync <email address hidden> Thu, 05 Nov 2009 06:02:37 +0000
Available diffs
- diff from 6.1.20-2 to 6.1.21-1 (27.9 KiB)
jetty (6.1.20-2) unstable; urgency=low
* Move documentation to /usr/share/doc/libjetty-java
* Better postinst and postrm scripts, aligned with tomcat6 scripts:
- postinst: user jetty is created with its own group
- postrm: better cleanup of temporary data,
thourough remove and purge of data
* debian/changelog:
- fix suggest for package libjetty-java-doc, add libjetty-java-doc
to the list of Suggests for libjetty-java
- add libjetty-extra to the list of Suggests for package jetty.
Available diffs
- diff from 5.1.14-1 to 6.1.20-2 (2.0 MiB)
| Superseded in karmic-release |
| Obsolete in jaunty-release |
| Obsolete in intrepid-release |
| Obsolete in hardy-release |
| Superseded in hardy-release |
jetty (5.1.14-1) unstable; urgency=low
* New upstream release.
- Removed debian/patches/cve-2007-6969.patch. Applied upstream.
* Added recognition of installed libcommons-el-java to debian/start.config.
Closes: #352093.
* Fixed short and long service description in debian/jetty.init.
Closes: #446788.
* Removed libapache2-mod-webapp from Suggests.
* Added watch file.
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 23 Nov 2007 09:30:29 +0000
jetty (5.1.10-4) unstable; urgency=low
* Added patch to fix CVE-2006-6969. Thanks to Greg Wilkins for the patch.
Closes: #445283.
* Updated debian/patches/jdk-1.2-src-encoding.patch to make it work with
current ecj.
-- Michael Bienia <email address hidden> Tue, 09 Oct 2007 15:03:11 +0100
jetty (5.1.10-3) unstable; urgency=low
* Fix debian/jetty.init to permit removal without purge and offer a new
NO_START option in /etc/default/jetty. Closes: #356067.
Thanks to Loic Minier for the patch.
* Added additional paths to JDK_DIRS in debian/jetty.init.
Closes: #405851.
* (Build-)Depends on java-gcj-compat.
* Moved debhelper from Build-Depends-Indep to Build-Depends.
* Removed Build-Depends on libtomcat5-java and replace Depends on
libtomcat5-java by libtomcat5.5-java.
* Added LSB section in debian/jetty.init.
* Removed extra license file from /usr/share/doc/jetty.
* Added myself to Uploaders.
-- Sebastien Bacher <email address hidden> Fri, 03 Aug 2007 10:49:53 +0100
jetty (5.1.10-2) unstable; urgency=low * Fix in init script for new version of su (closes #367491). * Create logfile if not existing. Aknolwedge NMU (closes #356066).
| Superseded in feisty-release |
| Obsolete in edgy-release |
| Obsolete in dapper-release |
| Superseded in dapper-release |
jetty (5.1.5rc1-6) unstable; urgency=low * Fix location of jasper since upgrade to tomcat5. Closes: #333010. -- Philipp Meier <email address hidden> Mon, 10 Oct 2005 13:12:59 +0200
jetty (5.0.0-2.1) unstable; urgency=low * Non-maintainer upload. * Transition to liblog4j1.2-java. Closes: #306761. -- Matej Vela <email address hidden> Mon, 2 May 2005 12:12:12 +0200
jetty (5.0.0-2) unstable; urgency=low
* Shipping working default configuration in /etc/jetty/jetty.xml.
Closes: #278134
-- Philipp Meier <email address hidden> Mon, 25 Oct 2004 11:52:25 +0200
jetty (4.2.19-1) unstable; urgency=high * New upstream release. * Fixed DOS attack problem -- Philipp Meier <email address hidden> Fri, 19 Mar 2004 17:55:45 +0100
| 1 → 29 of 29 results | First • Previous • Next • Last |
