Change log for viewvc package in Ubuntu
| 1 → 19 of 19 results | First • Previous • Next • Last |
| Deleted in focal-release (Reason: Debian #935691, py2 removal, no rdeps) |
| Deleted in focal-proposed (Reason: moved to Release) |
viewvc (1.1.26-1build1) focal; urgency=medium * No-change rebuild to generate dependencies on python2. -- Matthias Klose <email address hidden> Tue, 17 Dec 2019 12:47:22 +0000
Available diffs
- diff from 1.1.26-1 (in Debian) to 1.1.26-1build1 (326 bytes)
viewvc (1.1.22-1+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian
Available diffs
viewvc (1.1.5-1.4+deb7u1build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian
Available diffs
viewvc (1.1.22-1+deb8u1build0.16.10.1) yakkety-security; urgency=medium * fake sync from Debian
Available diffs
| Superseded in focal-release |
| Obsolete in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Obsolete in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
viewvc (1.1.26-1) unstable; urgency=medium * Mangle Debian version in debian/watch * New upstream version 1.1.26 * Refresh patches -- Lev Lamberov <email address hidden> Sat, 28 Jan 2017 22:49:18 +0500
Available diffs
- diff from 1.1.25+repack-1 to 1.1.26-1 (12.9 KiB)
viewvc (1.1.25+repack-1) unstable; urgency=medium * Update debian/watch * Add myself as a maintainer (Closes: 843441) * Modernize Build-Depends field * Use secure URLs for Vcs-Git and Vcs-Browser * Rearrange dependencies * Convert to machine-readable copyright * Suggest default-mysql-server, not mysql-server * New upstream version 1.1.25+repack * Remove unnecessary debian/README.source * Update README.Debian * Refresh patches * Remove obsolete debian/pycompat * Move INSTALL documentation to README.Debian * Bump Standards-Version to 3.9.8 -- Lev Lamberov <email address hidden> Thu, 10 Nov 2016 00:02:12 +0500
Available diffs
- diff from 1.1.22-1 to 1.1.25+repack-1 (31.4 KiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Obsolete in wily-release |
| Obsolete in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
viewvc (1.1.22-1) unstable; urgency=medium
* New upstream release (closes: #614509). Main changes since last release
(1.1.5) are:
- Improved root look and SVN cache performance.
- New 'max_filesize_kbytes' and 'binary_mime_types' configuration options.
- Tarball generation improvements.
- File content handling improvements.
- Miscellaneous cvsdb improvements.
- Add Basic authentication support to standalone.py.
- The charset detection code is more robust.
- Remote SVN views are now more performant and robust.
- Added support for custom revision log markup rules.
- Use Pygments lexer-guessing functionality.
- Fixed a lot of bugs in corner cases.
* I'm not able to see any problems with TypeError, so closes: #706096.
Please reopen if it keeps happening.
* There was a problem in the migration code from viewcvs into viewvc, but by
now everyone is in viewvc 1.1, so I'm sad to say that this finally closes:
#409864, #410273, #410324.
* This release ships two new binaries in each package: a WSGI and a FCGI
additionally to the normal CGI program, to give you any possible option.
* debian/control:
- Removed ancient Replaces and Conflicts with versions 8-10 years old.
- Added Vcs-* fields.
- Bumped Standards-Version to 3.9.5.
- Rewritten Descriptions for both packages to reflect that now we ship 3
binaries.
- Add Depends on python, dh-python.
* debian/patches:
- Removed numbers from patches, remnants from the dpatch era, and appended
.patch suffix.
- Added DEP-3 headers to all of them.
- Patches rev2369, rev2547, rev2551, compression-content-length,
CVE-2012-3356, CVE-2012-3357 and CVE-2012-4533: Merged upstream.
- Remaining patches are resynced against current tree.
- shebang_wsgi_scripts.patch: Added to get rid of lintian warnings.
* debian/rules: Rewritten from scratch with latest abstractions in mind,
trying to mimic the old behavior.
* debian/NEWS: Removed.
* debian/source/format: Moved to 3.0 (quilt).
* debian/compat: Bumped to 9, modified debian/control.
* debian/watch: Added.
-- David Martínez Moreno <email address hidden> Thu, 10 Jul 2014 21:42:45 +0200
Available diffs
- diff from 1.1.5-1.4 to 1.1.22-1 (94.8 KiB)
viewvc (1.1.5-1.1+squeeze2build0.12.04.1) precise-security; urgency=low * fake sync from Debian
Available diffs
viewvc (1.1.5-1.1+squeeze2build0.11.10.1) oneiric-security; urgency=low * fake sync from Debian
Available diffs
| Superseded in utopic-release |
| Published in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
viewvc (1.1.5-1.4) unstable; urgency=high
* Non-maintainer upload.
* CVE-2012-4533: Fix XSS in commit message view. Found and patch provided
by Nicolás Alvarez (closes: #69106).
-- Thijs Kinkhorst <email address hidden> Tue, 23 Oct 2012 08:19:39 +0000
Available diffs
- diff from 1.1.5-1.3 to 1.1.5-1.4 (626 bytes)
viewvc (1.1.5-1.3) unstable; urgency=low
* Non-maintainer upload.
[ gregor herrmann ]
* [SECURITY] Fix "CVE-2012-3356 / CVE-2012-3357":
- CVE-2012-3356: * security fix: complete authz support for remote SVN views
- CVE-2012-3357: * security fix: log msg leak in SVN revision view with
unreadable copy source
Add patches "CVE-2012-3356" and "CVE-2012-3357", taken from upstream svn.
(Closes: #679069)
[ Ben Hutchings ]
* view_query: No longer allow an undocumented URL parameter to
override the admin-declared SQL row limit, which could result
in excessive CPU usage and memory consumption (CVE-2009-5024)
(Closes: #671482)
-- Thijs Kinkhorst <email address hidden> Sun, 14 Oct 2012 20:12:07 +0000
Available diffs
- diff from 1.1.5-1.2 to 1.1.5-1.3 (10.2 KiB)
viewvc (1.1.5-1.2) unstable; urgency=low
* Non-maintainer upload.
* Fix "viewvc runs extremely slowly (~15s per page)":
backport upstream commit r2471 as new patch compression-content-length:
don't set Content-Length when compression is used.
(Closes: #636805)
-- gregor herrmann <email address hidden> Fri, 17 Aug 2012 16:21:49 +0200
Available diffs
| Superseded in quantal-release |
| Published in precise-release |
| Obsolete in oneiric-release |
| Obsolete in natty-release |
viewvc (1.1.5-1.1) unstable; urgency=low
* Non-maintainer upload.
* Backporting oneliner fix from version 1.1.6, r2369,
(escape): Ensure that the input is string-ified before doing string
transformations on it. (Closes: #601805)
Thanks to Tom Albers.
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 12 Nov 2010 10:57:02 +0000
Available diffs
- diff from 1.1.5-1 to 1.1.5-1.1 (633 bytes)
viewvc (1.1.5-1) unstable; urgency=medium
[ John Zaitseff ]
* New upstream release (closes: #532611, #575777, #575787, #576307). This
solves CVE-2010-0004, CVE-2010-0005, CVE-2010-0736 and CVE-2010-0132.
* Extensive rewrite of files in the debian directory. Updated to Debian
policy 3.8.4, updated all control files to Debhelper 7, rewrote
debian/rules for clarity (and to use Debhelper 7).
* Removed all references to Debconf, as previous versions of this
package violated Debian policy (section 10.7.3): /etc/viewvc/viewvc.conf
is a conffile, and maintainer scripts must NOT modify it at any time.
* Reorganised the installation files in /usr/lib/viewvc. The CGI
programs are now links to files in /usr/lib/viewvc/cgi-bin.
* Packaged the Apache mod-python modules for optional use (in
/usr/lib/viewvc/mod-python). See README.Debian for more information.
* Moved the static help documentation ("docroot") from /usr/share/viewvc
to /usr/share/viewvc/docroot, as per Webapps Policy, section 3.1.
* Updated the debian/patches subdirectory to remove patches no longer
relevant to ViewVC 1.1.x and to update those that still apply.
* debian/control:
- Removed the dependency on gawk, as that was only required for Debconf
configuration.
- Demoted the dependency on mime-support to "Suggests": ViewVC can use
it, if appropriately configured, but does not require it.
- Added a suggestion for the python-tk package: viewvc-standalone(1)
uses this when passed the "--gui" flag.
- Modified all dependencies as appropriate. Depend on httpd-cgi, not
httpd, since the viewvc package needs a CGI server. In addition,
python-egenix-mxdatetime is no longer needed (since ViewVC 1.0.x).
- Updated the XS-Python-Version field to "all" (Closes: #570573).
- ViewVC 1.1.x supports only python-pygments as a syntax highlighter,
not enscript. Adjusted dependencies as appropriate.
[ David Martínez Moreno ]
* Changed history and added the CVE entry to the changelog for 1.0.9-1.
* debian/control:
- Moved Section to vcs in order to match the overrides.
- Make python-dev dependency just python.
- Removed dummy package viewcvs, it was already dummy in lenny.
* debian/viewcvs.*: Removed.
* debian/NEWS: Fixed version in John's entry and removed old news from 0.9.4.
* debian/README.source: Added.
* The new release also addresses in a different way how to show long
annotation messages (closes: #434301).
* Added debian/patches/92-no_strings_in_raise for fixing a couple of
occurrences of string exceptions in the code, no longer valid in Python
2.6, the default now (closes: #585366).
-- Bhavani Shankar <email address hidden> Tue, 13 Jul 2010 18:49:43 +0100
Available diffs
- diff from 1.0.9-1 to 1.1.5-1 (277.1 KiB)
viewvc (1.0.9-1) unstable; urgency=high
* New upstream release (closes: #502257):
- Ignore arbitrary user-provided MIME types (closes: #500779).
- Fixed bug in regexp searches.
- Fixed bug in handling of certain 'co' output.
- Fixed annotate code syntax error.
- Fixed mod_python import cycle.
- Fixed directory view sorting UI.
- Tolerate malformed Accept-Language headers.
- Fixed directory log views in revision-less Subversion repositories.
- Fixed exception in rev-sorted remote Subversion directory views.
- Security fixes: validate the 'view' parameter to avoid XSS attack
and avoid printing illegal parameter names and values (closes:
#545779).
* debian/control:
- Moved docbook-to-man from B-D-I to B-D, as it is in build target
(closes: #440188).
- Added B-D on quilt (>= 0.46-7) in order to have dh_quilt_*.
- Upgraded Standards-Version to 3.8.3.
- Added ${misc:Depends} to viewvc and viewvc-query.
- Bumped dependency on debhelper to >=6.
- Added Homepage.
* debian/rules:
- Moved patch targets into the XXI century: removed lots of old lines
by a couple of calls to dh_quilt_* helpers.
* debian/patches:
- Refreshed everything to get rid of errors and removed additional
options like -p0 (closes: #485187).
- 04_tarball_permission_fix: Added to series, closes: #482323.
* debian/viewvc.config: Removed prepended path to debconf-show.
* debian/compat: Upgraded to v6.
* debian/viewvc.postinst: Added set -e to catch up errors.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 23 Nov 2009 18:28:14 +0000
Available diffs
- diff from 1.0.5-0.2 to 1.0.9-1 (15.9 KiB)
viewvc (1.0.5-0.2) unstable; urgency=low
* Non-maintainer upload.
* Fix pending l10n bugs. Debconf translations:
- Portuguese. Closes: #489388
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 05 Nov 2008 18:04:01 +0000
Available diffs
- diff from 1.0.5-0.1 to 1.0.5-0.2 (3.2 KiB)
viewvc (1.0.5-0.1) unstable; urgency=medium
* Non-maintainer upload to fix security, and pending l10n, issues
[ John Zaitseff ]
* New upstream release, originally packaged by the ZAP Group
(Closes: #471380, #463195). Thanks to John Zaitseff for the patch
Fixed:
- CVE-2008-1290 - list CVS or SVN commits on "all-forbidden"
files
- CVE-2008-1291 - directly access hidden CVSROOT folders
- CVE-2008-1292 - expose restricted content via the revision
view, the log history, or the diff view
* Updated the following files in the debian/patches subdirectory:
series
02_py2html_activation
101_viewvc-install_Debian_paths
102_viewvc.conf_Debian_customization
* Updated debian/rules to install documentation in the docs directory
and example templates in templates-contrib.
[ Christian Perrier ]
* Debconf translations:
- Vietnamese. Closes: #426876
* [Lintian] Fix syntax in NEWS.Debian
* [Lintian] Replace obsolete ${Source-Version} variable by
${source:Version}
* Finnish. Closes: #473466
* Basque. Closes: #476172
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:32:41 +0100
viewvc (1.0.3-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Apply the "forbidden" option on files as well, thanks to Chung-chieh Shan
for the patch (Closes: #416696).
* Really added quilt to build dependencies
(Closes: #426073, #409774, #419674).
-- Scott Kitterman <email address hidden> Tue, 4 Sep 2007 17:34:21 +0200
viewvc (1.0.3-2) unstable; urgency=low
* debian/control:
- It seems that the build dependency on quilt was lost in some internal
release. Now it is back (closes: #409774).
- Added po-debconf to Build-Depends.
* Debconf translations:
- Updated Czech (closes: #409618). Thanks, Miroslav Kure.
- Updated Swedish (closes: #409624). Thanks, Daniel Nylander.
- Added Galician (closes: #409626). Thanks, Jacobo Tarrío.
- Updated Japanese (closes: #409940). Thanks, Hideki Yamane.
- Updated French (closes: #409949). Thanks, Michel Grentzinger.
- Added Russian (closes: #409958). Thanks, Yuri Kozlov.
- Added German (closes: #409979). Thanks, Henrik Kröger.
- Updated Dutch (closes: #410034). Thanks, Thijs Kinkhorst.
- Added Romanian (closes: #410136). Thanks, Eddy Petrișor.
* debian/viewvc-config: Added -c/--config in order to have the possibility
to query a different config file.
* debian/viewvc.config, debian/viewvc.postinst: Rewrote the migration code
in order to make it compliant with the debconf Developers' Guide, in
particular:
"[...]the config script is run before the package is unpacked.[...] The
config script should not need to modify the filesystem at all."
Now it simply saves viewcvs' information for later use in postinst, where
it moves viewcvs.conf into viewvc.conf (closes: #409836).
| 1 → 19 of 19 results | First • Previous • Next • Last |
