-
serf (1.3.3-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: cert spoofing via NUL characters in CommonName and
SubjectAltNames
- debian/patches/CVE-2014-3504.patch: escape null bytes in
buckets/ssl_buckets.c.
- CVE-2014-3504
* Fix FTBFS because of expired test certs:
- debian/patches/expired_certs.patch: switch to test certs from serf
1.3.6.
- debian/source/format: switch to 3.0 (quilt) so we can handle the
binary cert file
- debian/source/include-binaries: include binary cert file from 1.3.6.
-- Marc Deslauriers <email address hidden> Thu, 14 Aug 2014 09:47:32 -0400
-
serf (1.3.3-1) unstable; urgency=low
* Add myself to Uploaders.
* Change the watch file to better handle code.google.com.
* New upstream release. (Closes: #716793)
+ Refresh patches/libtool
+ Update symbols
* Adapt packaging for the upstream switch to SCons.
+ control: + scons, - autotools-dev, autoconf
+ rules: Change configure/make calls to scons
* Rename libserf1 to libserf-1-1, following standard naming conventions.
* Enable hardening flags.
* Strip unnecessary RPATH from libserf.
* Honor DEB_BUILD_OPTIONS=parallel=X
-- James McCoy <email address hidden> Tue, 31 Dec 2013 13:17:16 -0500
-
serf (1.1.0-2ubuntu1) saucy; urgency=low
* Copy config.{guess,sub} into the correct directory.
-- Matthias Klose <email address hidden> Wed, 09 Oct 2013 11:39:24 +0200
