commit lighttpd for openSUSE:Factory
![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community,
here is the log from the commit of package lighttpd for openSUSE:Factory checked in at 2013-06-28 17:46:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lighttpd (Old)
and /work/SRC/openSUSE:Factory/.lighttpd.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lighttpd"
Changes:
--------
--- /work/SRC/openSUSE:Factory/lighttpd/lighttpd.changes 2012-06-13 22:24:42.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lighttpd.new/lighttpd.changes 2013-06-28 17:46:27.000000000 +0200
@@ -1,0 +2,32 @@
+Tue Jun 25 09:57:35 UTC 2013 - pgajdos@suse.com
+
+- with gcc 4.8 parallel tests seems to be broken
+ * lighttpd-serial-tests.patch
+
+-------------------------------------------------------------------
+Wed Nov 21 12:10:56 UTC 2012 - mrueckert@suse.de
+
+- update to 1.4.32: bnc#790258 CVE-2012-5533
+ - Code cleanup with clang/sparse (fixes #2437, thx kibi)
+ - Ignore EPIPE/ECONNRESET after SSL_shutdown
+ - Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx
+ dererkazo)
+ - configure.ac: remove old stuff, add some new to fix warnings in
+ automake 1.12 (fixes #2419, thx blino)
+ - add PATCH method (fixes #2424)
+ - fix :port handling in $HTTP["host"] checks (fixes #2135. thx
+ liming)
+ - network_server_init: fix double free and memleak on error
+ (fixes #2440, thx kyprizel)
+ - detect "x-gzip"/"x-bzip2" as separate encodings, more strict
+ encoding matching (fixes #2443)
+ - tests: make sure mod_proxy doesn't leave running processes
+ (fixes #2435, thx kibi)
+ - mod_extforward: log address of untrusted proxy with
+ debug.log-request-handling
+ - fix DoS in Connection header value split (reported by Jesse
+ Sipprell, CVE-2012-5533)
+ - remove whitespace at end of header keys
+- refreshed lighttpd-automake.patch
+
+-------------------------------------------------------------------
Old:
----
lighttpd_1.4.31-1.dsc
lighttpd_1.4.31.orig.tar.bz2
New:
----
lighttpd-serial-tests.patch
lighttpd_1.4.32-0.1.debian.tar.gz
lighttpd_1.4.32-0.1.dsc
lighttpd_1.4.32.orig.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lighttpd.spec ++++++
--- /var/tmp/diff_new_pack.TasO0J/_old 2013-06-28 17:46:28.000000000 +0200
+++ /var/tmp/diff_new_pack.TasO0J/_new 2013-06-28 17:46:28.000000000 +0200
@@ -17,7 +17,7 @@
Name: lighttpd
-Version: 1.4.31
+Version: 1.4.32
Release: 0
#
%define pkg_name lighttpd
@@ -25,6 +25,7 @@
%define pkg_home /var/lib/%{pkg_name}
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: iputils
BuildRequires: FastCGI-devel
BuildRequires: e2fsprogs-devel
BuildRequires: fam-devel
@@ -93,7 +94,7 @@
#
Url: http://www.lighttpd.net/
# Source: http://www.lighttpd.net/download/%{pkg_name}-%{version}.tar.bz2
-Source: lighttpd_%{version}.orig.tar.bz2
+Source: lighttpd_%{version}.orig.tar.gz
Source1: %{pkg_name}.init
Source2: %{pkg_name}.sysconfig
Source4: lightytest.sh
@@ -101,13 +102,17 @@
Source6: lighttpd-ssl.SuSEfirewall
Source7: lighttpd.logrotate
# this is just dummy to pass the check for factory and still have one package for deb and rpm
-Source99: lighttpd_1.4.31-1.debian.tar.gz
+Source99: lighttpd_1.4.32-0.1.debian.tar.gz
Patch: lighttpd-1.4.13_geoip.patch
Patch1: lighttpd-automake.patch
+# workaround -- disable parallel tests, broken with gcc 4.8
+Patch2: lighttpd-serial-tests.patch
#
Summary: A Secure, Fast, Compliant, and Very Flexible Web Server
License: BSD-3-Clause
Group: Productivity/Networking/Web/Servers
+Provides: http_daemon
+Provides: httpd
%description
Lighttpd is a secure, fast, compliant, and very flexible Web server
@@ -290,14 +295,13 @@
%if 0%{?with_geoip}
%patch
%if 0%{?suse_version} > 1210
-%patch1 -p1
+%patch1
%endif
%endif
+%patch2 -p1
%build
-%if 0%{?with_geoip}
autoreconf -fi
-%endif
export CFLAGS="%{optflags} -DLDAP_DEPRECATED -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -std=gnu99"
%if %suse_version > 1000
export CFLAGS="$CFLAGS -fstack-protector"
++++++ lighttpd-automake.patch ++++++
--- /var/tmp/diff_new_pack.TasO0J/_old 2013-06-28 17:46:28.000000000 +0200
+++ /var/tmp/diff_new_pack.TasO0J/_new 2013-06-28 17:46:28.000000000 +0200
@@ -1,21 +1,12 @@
-Index: lighttpd-1.4.31/configure.ac
+Index: configure.ac
===================================================================
---- lighttpd-1.4.31.orig/configure.ac
-+++ lighttpd-1.4.31/configure.ac
+--- configure.ac.orig
++++ configure.ac
@@ -23,6 +23,7 @@ AC_PROG_CPP
dnl AC_PROG_CXX
AC_PROG_LN_S
AC_PROG_MAKE_SET
+AM_PROG_AR
- dnl check environment
- AC_AIX
-@@ -39,7 +40,7 @@ AM_CONDITIONAL(NO_RDYNAMIC, test x$NO_RD
- AC_EXEEXT
-
- dnl more automake stuff
--AM_C_PROTOTYPES
-+dnl AM_C_PROTOTYPES
-
- dnl libtool
- AC_DISABLE_STATIC
+ dnl AM_PROG_AR is needed for some linker stuff
+ dnl AC_USE_SYSTEM_EXTENSIONS requires autoconf 2.60
++++++ lighttpd-serial-tests.patch ++++++
Index: lighttpd-1.4.32/tests/Makefile.am
===================================================================
--- lighttpd-1.4.32.orig/tests/Makefile.am
+++ lighttpd-1.4.32/tests/Makefile.am
@@ -1,6 +1,8 @@
# lighttpd.conf and conformance.pl expect this directory
testdir=$(srcdir)/tmp/lighttpd/
+AUTOMAKE_OPTIONS = serial-tests
+
if CHECK_WITH_FASTCGI
check_PROGRAMS=fcgi-auth fcgi-responder
++++++ lighttpd_1.4.31-1.dsc -> lighttpd_1.4.32-0.1.dsc ++++++
--- /work/SRC/openSUSE:Factory/lighttpd/lighttpd_1.4.31-1.dsc 2012-06-12 07:09:20.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lighttpd.new/lighttpd_1.4.32-0.1.dsc 2013-06-28 17:46:27.000000000 +0200
@@ -1,18 +1,18 @@
-----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
Format: 3.0 (quilt)
Source: lighttpd
Binary: lighttpd, lighttpd-doc, lighttpd-mod-mysql-vhost, lighttpd-mod-trigger-b4-dl, lighttpd-mod-cml, lighttpd-mod-magnet, lighttpd-mod-webdav
Architecture: any all
-Version: 1.4.31-1
+Version: 1.4.32-0.1
Maintainer: Debian lighttpd maintainers
participants (1)
-
root@hilbert.suse.de