1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478
|
memcached (1.5.6-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix NULL pointer dereference in the "lru mode" and "lru temp_ttl" commands
(CVE-2019-11596) (Closes: #928205)
-- Salvatore Bonaccorso <carnil@debian.org> Sun, 05 May 2019 13:36:30 +0200
memcached (1.5.6-1) unstable; urgency=medium
* New upstream release
+ Fix CVE-2018-1000115 (UDP is no more enabled by default)
+ Update debian/patches/02_service_wrapper.patch
+ Update debian/tests/client.pl to verify that UDP is disabled by default
* Remove generated debian/memcached.service
* Bumped policy version to 4.1.3
-- Guillaume Delacour <gui@iroqwa.org> Tue, 06 Mar 2018 18:59:39 +0100
memcached (1.5.4-1) unstable; urgency=medium
* New upstream release
* Bumped policy version to 4.1.2
+ Use debhelper 10 and remove dh-systemd in Build-Depends
+ Remove dh_autotools-dev in debian/rules
* Set myself as Maintainer as David is MIA (Closes: #843438)
-- Guillaume Delacour <gui@iroqwa.org> Tue, 09 Jan 2018 21:24:38 +0100
memcached (1.5.1-1) unstable; urgency=medium
* New upstream release
+ Fix t/stats.t failures (Closes: #871600)
+ Update debian/patches/07_disable_tests.patch
* Provide upstream hardened systemd service file (Closes: #871610)
+ Provide option to use a pidfile in service (Closes: #856568) and modify
/etc/memcached.conf to generate it
-- Guillaume Delacour <gui@iroqwa.org> Wed, 20 Sep 2017 21:41:49 +0200
memcached (1.5.0-1) unstable; urgency=medium
* New upstream release (Closes: #853544, #869479)
+ Fix CVE-2017-9951 (Closes: #868701)
+ Automated slab rebalancing
* Remove ship mc_slab_mover script as upstream don't ship it anymore
* Refresh 01_init_script_additions.patch (status implemented upstream)
* Refresh 04_add_init_retry.patch
* Bumped policy version to 4.0.0 (no changes needed)
-- Guillaume Delacour <gui@iroqwa.org> Mon, 24 Jul 2017 01:13:20 +0200
memcached (1.4.33-1) unstable; urgency=medium
* New upstream release, fix CVE-2016-8704, CVE-2016-8705, CVE-2016-8706
(Closes: #842811, #842812, #842814)
-- Guillaume Delacour <gui@iroqwa.org> Thu, 03 Nov 2016 01:50:27 +0100
memcached (1.4.31-1) unstable; urgency=medium
* New upstream release, drop merged upstream:
+ 02_manpage_additions.patch
+ 06_eol_comment_handling.patch
-- Guillaume Delacour <gui@iroqwa.org> Sun, 21 Aug 2016 18:45:21 +0200
memcached (1.4.29-1) unstable; urgency=medium
* New upstream release
+ Drop removal of t/slabs-reassign2.t (fixed upstream)
+ Fix ancient binprot bug with sets resulting in OOM (Closes: #831253)
* 02_manpage_additions.patch: Add -V option, remove merged upstream -b
clean useless spaces before forwarding all other changes upstream
-- Guillaume Delacour <gui@iroqwa.org> Mon, 01 Aug 2016 23:00:12 +0200
memcached (1.4.28-1) unstable; urgency=medium
* New upstream release
+ Drop accepted upstream patches 03_fix_ftbfs4hurd.patch
+ Refresh patch 07_disable_tests.patch
* Bumped policy version to 3.9.8 (no changes needed)
* Set Documentation key to memcached(1) for systemd unit file
-- Guillaume Delacour <gui@iroqwa.org> Sat, 02 Jul 2016 23:22:15 +0200
memcached (1.4.25-2) unstable; urgency=medium
* debian/patches/08_disable_slabs_test.patch: disable t/slabs-reassign2.t
which is unreliable and cause FTBFS, thanks Marc Deslauriers
(Closes: #813593)
* Change Vcs-{Browser,Git} to use https instead of http/git
-- Guillaume Delacour <gui@iroqwa.org> Fri, 05 Feb 2016 13:15:26 +0100
memcached (1.4.25-1) unstable; urgency=medium
* New upstream release, refresh 02_manpage_additions.patch
* Use autoreconf in addition of autotools, to regenerate build system and not
stick on older autoreconf versions
-- Guillaume Delacour <gui@iroqwa.org> Mon, 28 Dec 2015 18:01:46 +0100
memcached (1.4.24-2) unstable; urgency=medium
* Refresh 06_eol_comment_handling.patch and debian/systemd-memcached-wrapper
to handle "\#" value for -D flag
* debian/rules: remove package generated memcached.init file
-- Guillaume Delacour <gui@iroqwa.org> Sat, 18 Jul 2015 15:59:52 +0000
memcached (1.4.24-1) unstable; urgency=medium
* New upstream release, refresh 07_disable_tests.patch
* debian/control: Remove XS-Testsuite as dpkg now recognize this header
* debian/tests: test the daemon by creating, getting, and flushing keys
-- Guillaume Delacour <gui@iroqwa.org> Sat, 23 May 2015 16:15:23 +0200
memcached (1.4.21-1.1) unstable; urgency=medium
* Non-maintainer upload.
[ Guillaume Delacour ]
* Provide systemd perl wrapper to load /etc/memcached.conf settings, thanks
Christos Trochalakis (Closes: #774087)
-- Ivo De Decker <ivodd@debian.org> Sat, 07 Mar 2015 14:01:15 +0100
memcached (1.4.21-1) unstable; urgency=medium
* New upstream release
* Use autotools-dev instead of dh_autoreconf, backup upstream files updated
* Patching configure.ac no more needed
* Don't run t/whitespace.t as .git in packaging report false positive
-- Guillaume Delacour <gui@iroqwa.org> Thu, 23 Oct 2014 21:56:13 +0200
memcached (1.4.20-1) unstable; urgency=medium
* New upstream release: (Closes: #733588)
- Includes fix for CVE-2013-7291 (Closes: #735314)
- Fix build for arm64 port (Closes: #761027, #721203)
* Add myself to Uploaders
* Provide scripts/damemtop, scripts/mc_slab_mover
* README is now README.md
* Suggests perl modules used by the new scripts
* Packaging updates:
- Switch to debhelper 9 and use source format 3.0
- remove dpkg-dev and quilt Build-Deps,
- add adduser dependency
- use all hardening options
- remove unnecessary debian/README.source
- update debian/copyring to use the machine-readable format
* Bumped policy version to 3.9.6 (no changes needed)
* Use dedicated memcache user instead of nobody, thanks Clint Byrum
(Closes: #587797)
* Use DEP-8 to test the package, thanks Yolanda Robla (Closes: #710015)
* Update description to remove "A" article and change Homepage
* Handle end of line comments in memcached.conf (Closes: #683144)
* Update debian/watch to track memcached.org (github has old 1.6.0-beta1)
* Update upstream manpage to add missing options (Closes: #685800)
* Add Vcs-{Git,Browser}
* Provide systemd support.
* Provide the status for several instances in scripts/memcached-init, if
the script is used. (Closes: #709163, LP: #1177398)
[ Ana Beatriz Guerrero Lopez ]
* As discussed with David by IRC, sponsor the package with Guillaume
co-maintaining.
* Add the stanza "XS-Testsuite: autopkgtest" in debian/control
* Acknowledge old NMUs from Arno Töll. (Closes: #641770, #672125)
-- Guillaume Delacour <gui@iroqwa.org> Sat, 04 Oct 2014 15:19:45 +0200
memcached (1.4.13-0.3) unstable; urgency=high
* Non-maintainer upload.
* Add 06_CVE-2011-4971.patch patch.
CVE-2011-4971: Fix remote denial of service. Sending a specially
crafted packet cause memcached to segfault. (Closes: #706426)
* Add 07_CVE-2013-7239.patch patch.
CVE-2013-7239: SASL authentication allows wrong credentials to access
memcache. (Closes: #733643)
-- Salvatore Bonaccorso <carnil@debian.org> Mon, 30 Dec 2013 17:47:44 +0100
memcached (1.4.13-0.2) unstable; urgency=low
* Non-maintainer upload.
* Add 05_fix-buffer-overrun_when_logging_keys.patch patch
[SECURITY] CVE-2013-0179: DoS due to buffer overrun when printing out keys
to be deleted in verbose mode. (Closes: #698231).
-- Salvatore Bonaccorso <carnil@debian.org> Wed, 23 Jan 2013 21:22:09 +0100
memcached (1.4.13-0.1) unstable; urgency=low
* Non-maintainer upload.
+ Include changes of my previous NMU (filed as #641770 back then)
* Package new upstream release
+ this fixes "Please package upstream version 1.4.13" (Closes: #667746)
+ enable support for SASL authentication in debian/rules and add
build-dependencies accordingly (Closes: #616148)
+ Include support for "-o maxconns_fast" which causes clients not to block
for a long time on busy servers
* Build package with hardened build flags. Thanks to Moritz Muehlenhoff for
providing a patch. Moreover, add a build-dependency for dpkg-dev (>=
1.15.7) for people considering to make a backport on very old systems
(Closes: #655134)
* Update patches:
+ 03_fix_ftbfs4hurd.patch: Refresh hunk offsets, leave changes untouched
+ Drop 04_fix_double_fork_in_start-memcached.patch: applied upstream
+ Apply patch supplied by Clint Byrum as 04_add_init_retry.patch which
causes start-stop-daemon to wait up to 5 seconds upon termination of
memached (Closes: #659300)
-- Arno Töll <arno@debian.org> Tue, 08 May 2012 19:24:27 +0200
memcached (1.4.7-0.1) unstable; urgency=low
* Non-maintainer upload.
* Refresh patches, keep all changed hunks except some changes in
`01_init_script_additions.patch' untouched.
* New upstream release. Closes:
- "FTBFS: memcached.c:1023:16: error: dereferencing type-punned
pointer will break strict-aliasing rules" (Closes: #618096)
- "ftbfs with gcc-4.6 -Werror" (Closes: #625397)
- "FTBFS with libevent 2.0 in experimental" This is actually a duplicate
of #625397 above (Closes: #632764)
- Fix "please package new upstream release" (Closes: #641059)
* Fix "Fix FTBFS on hurd-i386" add proposed patch as
`03_fix_ftbfs4hurd.patch'. Thanks Svante Signell (Closes: #637695)
* Fix "initscript on restart ignore $ENABLE_MEMCACHED" Add a sanity check
to the init script (Closes: #636496)
* Fix "debian/watch doesn't work" Replace the watch file to match the new
Google Code layout (taken from the sinntp package) (Closes: #641520)
* Add `04_fix_double_fork_in_start-memcached.patch'. This patch causes the
start-memcached script to correctly write its PIDFILE, which, in turn,
allows the init script correct operations. This also fixes "status
operation on init.d not working correctly (needs to pass $PIDFILE to
status_of_proc)", however add the $PIDFILE argument additionally none-
theless as suggested (Closes: #622281)
-- Arno Töll <debian@toell.net> Thu, 15 Sep 2011 12:43:27 +0200
memcached (1.4.5-1) unstable; urgency=high
* New upstream release. Main changes since 1.4.2 are:
New features:
- Support for SASL authentication.
- New script damemtop - a memcached top.
- Slab optimizations.
- New stats, for reclaimed memory and SASL events.
Bugs fixed:
- Malicious input can crash server (CVE-2010-1152). Closes: #579913.
- Fixed several problems with slab handling and growth.
- Provide better error reporting.
- Fix get stats accounting.
- Fixed backwards compatibility with delete 0.
- Documentation fixes.
- Various build fixes, among others, fixed FTBFS with gcc-4.5 (closes:
#565033).
* Refreshed and renamed 01_init_script_compliant_with_LSB.patch.
* Fixed lintian warnings by adding $remote_fs to init.d script.
* Removed non-existent document (doc/memory_management.txt).
* debian/control: Bumped Standards-Version to 3.8.4 (no changes).
*
-- David Martínez Moreno <ender@debian.org> Wed, 12 May 2010 11:41:22 +0200
memcached (1.4.2-1) unstable; urgency=medium
* New upstream release, primarily bugfixes, some of them critical, hence
the urgency:
- Reject keys larger than 250 bytes in the binary protocol.
- Bounds checking on stats cachedump.
- Binary protocol set+cas wasn't returning a new cas ID.
- Binary quitq didn't actually close the connection
- Slab boundary checking cleanup (bad logic in unreachable code)
- Get hit memory optimizations
- Disallow -t options that cause the server to not work
- Killed off incomplete slab rebalance feature.
* debian/patches:
- 01_init_script_compliant_with_LSB.patch: Remade as upstream applied a
whitespace cleanup script that broke the patch.
- 02_manpage_additions.patch: Added missing parameters to the memcached
manpage.
* Removed TODO from debian/docs.
-- David Martínez Moreno <ender@debian.org> Fri, 16 Oct 2009 15:09:43 +0200
memcached (1.4.1-1) unstable; urgency=high
* New upstream release (closes: #545883):
- Finally addressed CVE-2009-2415: heap-based buffer overflow in length
processing (closes: #540379).
- Boundary condition during pipelined decoding caused crash.
- Bad initialization during buffer realloc.
- Buffer overrun in stats_prefix_find.
- Other fixes and cleanups.
* Changed the default start to yes in /etc/init.d/memcached as well.
* debian/watch updated with new format and URL in code.google.com. Thanks,
Monty Taylor.
* Added get-orig-source target, thanks to Monty Taylor.
* debian/control:
- Upgraded Standards-Version to 3.8.3 (no changes).
- Added Suggests: libmemcached.
- Bumped debhelper dependency and debian/compat to 6.
- Added Depends on quilt 0.46-7 in order to use dh_quilt_* helpers.
* debian/rules: Added dh_quilt_* helpers.
* Added direct patches to source as quilt patches.
* debian/README.source: Created such file to shut up lintian pedantic.
-- David Martínez Moreno <ender@debian.org> Fri, 18 Sep 2009 02:43:54 +0200
memcached (1.4.0-1) unstable; urgency=low
* New upstream release (closes: #484301, #537239):
- New binary protocol, supporting CAS (compare-and-swap).
- Non-threaded version is no longer possible, you just choose to run 1
thread to have similar behaviour.
- Lots of performance bottlenecks fixed (connection starvation,
contention, disabling of CAS, locks for hash table expansion...).
- Lots of new stats. Main change is that stats now are per-slab where
possible.
- Code cleanup, lots of bugs fixed, added tests, enhanced documentation.
-- David Martínez Moreno <ender@debian.org> Sat, 01 Aug 2009 23:26:45 +0200
memcached (1.2.8-2) unstable; urgency=low
* After some thinking, probably making memcached starting by default is the
right thing to do (closes: #536524).
* Added status support to init.d script (closes: #528689). Thanks, Peter!
* debian/control: Added dependency on lsb-base (>= 3.2-13).
-- David Martínez Moreno <ender@debian.org> Sat, 11 Jul 2009 00:29:51 +0200
memcached (1.2.8-1) unstable; urgency=high
* New upstream release, urgency=high because of two critical bugs prior
to this release:
- In 1.2.7 under multithreaded mode, memcached would never restart
accepting connections after hitting the maximum connection limit.
- Remove 'stats maps' command, as it is a potential information leak,
usable if versions prior to 1.2.8 ever have buffer overflows discovered
(CVE-2009-1494). Closes: #526554.
- Make -b command (setting the TCP listen backlog) actually work.
* debian/rules: Removed obsolete --disable-static.
-- David Martínez Moreno <ender@debian.org> Sat, 02 May 2009 19:15:49 +0200
memcached (1.2.7-1) unstable; urgency=low
* New upstream release, released on 4/3/2009.
- New statistics.
- Added -R option. Limit the number of requests processed by a connection
at once. Prevents starving other threads if bulk loading.
- Added -b command for setting the tcp listen backlog.
- Many minor bugfixes.
-- David Martínez Moreno <ender@debian.org> Sat, 02 May 2009 18:13:39 +0200
memcached (1.2.6-1) unstable; urgency=low
* New upstream release (closes: #505037). Released on 29/7/2008.
- Major crash fixes.
- DTrace support.
- Minor updates.
* debian/memcached.postrm: Now /var/log/memcached.log is removed on purge.
Thanks, jidanni! (closes: #447288).
-- David Martínez Moreno <ender@debian.org> Sat, 28 Feb 2009 09:43:24 +0000
memcached (1.2.5-1) unstable; urgency=low
* New upstream release, released on 3/2/2008:
- Minor bugfixes.
- Added support for Opensolaris.
- IPv6 support.
- "noreply" mode for many commands.
- Made "out of memory· errors more clear.
- Added eviction/OOM tracking per slab class.
-- David Martínez Moreno <ender@debian.org> Fri, 27 Feb 2009 10:48:14 +0000
memcached (1.2.4-1) unstable; urgency=low
* New upstream release (closes: #454699). Released on 6/12/2007:
- Many bug and platform fixes since 1.2.2.
- New threading support for stat queries.
- New commands 'append', 'prepend', 'gets', and 'cas'.
- Updates to the manpage (closes: #441067).
- Now memcached has a flag -a to restrict the socket to a group (closes:
#446606).
* debian/rules: Added memcached-tool to the set of installed scripts.
Thanks, Cyril! (closes: #512400).
-- David Martínez Moreno <ender@debian.org> Thu, 26 Feb 2009 12:07:03 +0000
memcached (1.2.3-1) unstable; urgency=low
* Take over memcached package.
* New upstream release. Mostly a documentation and warning fixing release.
This one was released on 6/7/2007.
* Added an /etc/default/memcached, thanks to Mark Ferlatte (closes:
#467356).
* debian/rules: Added --enable-threads to configure. It's amazing how this
could be missing from mainstream packages in Debian.
* debian/control:
- Put myself as Maintainer.
- Added Homepage field.
- Bumped Standards-Version to 3.8.0.
- Added ${misc:Depends} to Depends line.
* debian/copyright: Added a lot of information.
* debian/memcached.post{inst,rm}: Added set -e in order to catch errors.
-- David Martínez Moreno <ender@debian.org> Thu, 26 Feb 2009 09:51:46 +0000
memcached (1.2.2-1) unstable; urgency=low
* New upstream release
-- Jay Bonci <jaybonci@debian.org> Fri, 29 Jun 2007 10:18:03 -0400
memcached (1.2.1-1) unstable; urgency=low
* New upstream release (Closes: #405054)
* Fix to logfile output so logrotate will work (Closes: #417941)
* Listen in on localhost by default (Closes: #383660)
* Default configuration suggests nobody by default (Closes: #391351)
* Bumped policy version to 3.7.2.2 (No other changes)
-- Jay Bonci <jaybonci@debian.org> Wed, 02 May 2007 11:35:42 -0400
memcached (1.1.12-1) unstable; urgency=low
* New upstream version
* Updates watchfile so uupdate will work
-- Jay Bonci <jaybonci@debian.org> Mon, 11 Apr 2005 11:54:39 -0400
memcached (1.1.11-3) unstable; urgency=low
* Rebuild against non-broken libevent
-- Jay Bonci <jaybonci@debian.org> Fri, 18 Feb 2005 09:11:55 -0500
memcached (1.1.11-2) unstable; urgency=low
* Adds debian/watch file so uscan will work
* Added additional paragraph to debian/control (Closes: #262069)
-- Jay Bonci <jaybonci@debian.org> Wed, 27 Oct 2004 13:49:22 -0400
memcached (1.1.11-1) unstable; urgency=low
* New upstream version
* Fix silly typo that kept daemon from running as www-data (Closes: #239854)
- Thanks to Karaszi Istvan for the report
* Fix to reopen fds as the logfile, adds logfile support (Closes: #243522)
-- Jay Bonci <jaybonci@debian.org> Wed, 5 May 2004 17:25:25 -0400
memcached (1.1.10-1) unstable; urgency=low
* New upstream version
-- Jay Bonci <jaybonci@debian.org> Wed, 31 Dec 2003 10:01:27 -0500
memcached (1.1.9-1) unstable; urgency=low
* Initial Release (Closes: #206268).
-- Jay Bonci <jaybonci@debian.org> Wed, 15 Oct 2003 15:53:51 -0400
|