File: changelog

package info (click to toggle)
passenger 5.0.30-1.1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 43,084 kB
  • sloc: cpp: 366,066; ruby: 33,237; ansic: 30,341; sh: 15,830; makefile: 356; python: 309; perl: 32
file content (398 lines) | stat: -rw-r--r-- 13,622 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
passenger (5.0.30-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * arbitrary file read via REVISION symlink (CVE-2017-16355)
    (Closes: #884463)
  * Fix privilege escalation in the Nginx module (CVE-2018-12029)
    (Closes: #921767)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 16 Mar 2019 08:54:26 +0100

passenger (5.0.30-1) unstable; urgency=medium

  * New upstream release.
  * Refresh patches.
  * Update watch file.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 21 Aug 2016 19:24:14 +0200

passenger (5.0.27-2) unstable; urgency=medium

  * Fix FTBFS on arch-all only builds.

 -- Felix Geyer <fgeyer@debian.org>  Thu, 07 Apr 2016 09:18:06 +0200

passenger (5.0.27-1) unstable; urgency=medium

  [ Felix Geyer ]
  * New upstream release.
  * Drop fix_ftbfs_boost.patch, fixed upstream.
  * Build against the libuv package instead of the bundled copy.
    (Closes: #815496)
  * Update copyright file.

  [ Cédric Boutillier ]
  * Bump debhelper compatibility level to 9
  * Use https:// in Vcs-* fields
  * Bump Standards-Version to 3.9.7 (no changes needed)
  * Run wrap-and-sort on packaging files

 -- Felix Geyer <fgeyer@debian.org>  Wed, 06 Apr 2016 22:15:56 +0200

passenger (5.0.22-1) unstable; urgency=medium

  * New upstream release.
    - Fixes CVE-2015-7519: Header overwriting issue (Closes: #807354)
    - Fixes incompatibility with Apache 2.4.17 (Closes: #804195)
  * Refresh patches.
  * Use bundled libjsoncpp as it's a modified version.

 -- Felix Geyer <fgeyer@debian.org>  Mon, 07 Dec 2015 22:35:39 +0100

passenger (5.0.7-3) unstable; urgency=medium

  * Fix FTBFS on kfreebsd in bundled boost library.
    - Add d/fix_ftbfs_boost.patch, cherry-picked from upstream.

 -- Felix Geyer <fgeyer@debian.org>  Wed, 05 Aug 2015 17:58:24 +0200

passenger (5.0.7-2) unstable; urgency=medium

  * Install /usr/bin/passenger-config. (Closes: #793013)
  * Run dh_autoreconf for ext/libev.
    - Fixes FTBFS on arm64 and ppc64el.

 -- Felix Geyer <fgeyer@debian.org>  Tue, 04 Aug 2015 00:14:14 +0200

passenger (5.0.7-1) unstable; urgency=medium

  * Rename package from ruby-passenger to passenger.
    - Requested by upstream.
    - passenger supports more than just ruby.
  * New upstream release.
  * Refresh patches.
  * Use the bundled libev as it now has local modifications.
  * Bump Standards-Version to 3.9.6, no changes needed.
  * Exclude more docs that contains embedded minified js and css.
  * Update copyright file.

 -- Felix Geyer <fgeyer@debian.org>  Thu, 07 May 2015 21:43:00 +0200

ruby-passenger (4.0.53-1) unstable; urgency=medium

  * New upstream release.
  * Remove inactive uploaders from the list. (Closes: #762563)
  * Add zlib1g-dev to build-depends. (Closes: #765138)

 -- Felix Geyer <fgeyer@debian.org>  Mon, 13 Oct 2014 21:44:07 +0200

ruby-passenger (4.0.52-1) unstable; urgency=medium

  * New upstream release.
  * Improve autopkgtests:
    - Be more verbose in case of errors.
    - Test wsgi application with python 2 and 3.
    - Add dependencies on python and python3.
  * Exclude Packaging.html from docs.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 28 Sep 2014 23:52:54 +0200

ruby-passenger (4.0.50-1) unstable; urgency=medium

  * New upstream release.
  * Change default node.js binary name to "nodejs" instead of "node".
  * Add nodejs to Suggests.
  * Add autopkgtests for running simple rack, wsgi and nodejs applications.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 31 Aug 2014 16:31:37 +0200

ruby-passenger (4.0.49-1) unstable; urgency=medium

  * New upstream release.
  * Drop CVE-2014-1832.patch, fixed upstream.
  * Make ruby-passenger use the system jsoncpp library.
    - Rename no_jsoncpp.patch to system_jsoncpp.patch.
    - Add libjsoncpp-dev to build-depends.
  * Install the ruby native extension sources to allow building it for custom
    ruby interpreters. (Closes: #758885)

 -- Felix Geyer <fgeyer@debian.org>  Sun, 24 Aug 2014 22:45:24 +0200

ruby-passenger (4.0.37-3) unstable; urgency=medium

  * Query the supported ruby versions from dh_ruby instead of hardcoding them.
    (Closes: #744808)

 -- Felix Geyer <fgeyer@debian.org>  Wed, 23 Apr 2014 23:44:19 +0200

ruby-passenger (4.0.37-2) unstable; urgency=medium

  * Cherry-pick upstream commit to fix CVE-2014-1832.
    The fix for CVE-2014-1831 was incomplete.
    - Add CVE-2014-1832.patch

 -- Felix Geyer <fgeyer@debian.org>  Sat, 08 Mar 2014 19:27:27 +0100

ruby-passenger (4.0.37-1) unstable; urgency=medium

  * New upstream release.
    - Fixes CVE-2014-1831: insecure use of /tmp. (Closes: #736958)

  [ Cédric Boutillier ]
  * Move upstream GPG key into debian/upstream.

  [ Felix Geyer ]
  * Make sure the build flags are used for all source files.
    - Export CFLAGS and CPPFLAGS as EXTRA_CFLAGS.
  * Don't mention nginx in the package description as it isn't actually
    supported in this package.

 -- Felix Geyer <fgeyer@debian.org>  Sat, 08 Mar 2014 18:15:49 +0100

ruby-passenger (4.0.35-1) unstable; urgency=low

  * Team upload

  [ Felix Geyer ]
  * Import the upstream release signing key for uscan to verify the tarball.

  [ Cédric Boutillier ]
  * Imported Upstream version 4.0.35
  * Drop rubygems from Depends since it is shipped by Ruby1.9+
  * Bump Standards-Version to 3.9.5 (no changes needed)
  * debian/patches:
    - drop fix_ftbfs_fortify_source.patch, applied upstream
    - refresh fix_install_path.patch and no_jsoncpp.patch
    - add bin_load_path.patch to prevent load_path manipulation in bin/*
  * Fix installation path for (multiarch) Ruby2.0
  * Replace debian/upstream-signing-key.pgp by its armored ASCII version
  * Install NEWS as the upstream changelog

 -- Cédric Boutillier <boutil@debian.org>  Thu, 16 Jan 2014 12:53:56 +0100

ruby-passenger (4.0.25-2) unstable; urgency=low

  * Fix building the documentation. (Closes: #680357)
    - Build-depend on ruby-mizuho.

 -- Felix Geyer <fgeyer@debian.org>  Sat, 30 Nov 2013 19:12:13 +0100

ruby-passenger (4.0.25-1) unstable; urgency=low

  * New upstream release.
  * Refresh fix_install_path.patch.
  * Build for Ruby 2.0 instead of 1.8. (Closes: #725591)
  * Add fix_ftbfs_fortify_source.patch.
  * Install passenger template files.

 -- Felix Geyer <fgeyer@debian.org>  Sat, 23 Nov 2013 23:50:02 +0100

ruby-passenger (4.0.10-1) unstable; urgency=low

  * New upstream release. (Closes: #711906)
  * Stop repacking the upstream tarball as it doesn't contain any minified
    javascript files anymore.
    - Add valgrind.h license to the copyright file.
    - Drop libjs-scriptaculous from build-depends.
  * Refresh fix_install_path.patch.
  * Drop fix_ftbfs_glibc217.patch, CVE-2013-2119.patch and CVE-2013-4136.patch,
    applied upstream.
  * Point PassengerRoot to the locations.ini in passenger.conf.
  * Pass CXXFLAGS, CPPFLAGS and LDFLAGS to the build system.
  * Add ruby1.9.1 as an alternative dependency to rubygems. (Closes: #683511)
  * Add myself as Uploader.
  * Fix the watch file.
  * Use dh-autoreconf.
  * Bump Standards-Version to 3.9.4, no changes needed.
  * Don't build the embedded jsoncpp source as it's not actually used.
    - Add no_jsoncpp.patch.

 -- Felix Geyer <fgeyer@debian.org>  Tue, 06 Aug 2013 23:08:29 +0200

ruby-passenger (3.0.13debian-1.2) unstable; urgency=high

  * Non-maintainer upload.

  [ Laurent Bigonville ]
  * debian/control: Use canonical VCS URL
  * debian/control: Move libapache2-mod-passenger to httpd section

  [ Felix Geyer ]
  * Cherry-pick another commit to properly fix CVE-2013-2119.
  * Fix CVE-2013-4136: insecure tmp files usage. (Closes: #717176)
    - Add CVE-2013-4136.patch, backported from upstream.

 -- Felix Geyer <fgeyer@debian.org>  Sun, 21 Jul 2013 10:41:42 +0200

ruby-passenger (3.0.13debian-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Transition towards Apache 2.4. (Closes: #707063)
    - Build-depend on apache2-dev and apache2.
    - Use apache2 dh helper.
    - Drop libapache2-mod-passenger maintainer scripts, now handled by
      dh_apache2.
  * Fix buiding against glibc 2.17.
    - Add fix_ftbfs_glibc217.patch, cherry-picked from upstream.
  * Fix CVE-2013-2119: insecure temporary file usage. (Closes: #710351)
    - Add CVE-2013-2119.patch, cherry-picked from upstream.

 -- Felix Geyer <fgeyer@debian.org>  Thu, 30 May 2013 09:27:46 +0200

ruby-passenger (3.0.13debian-1) unstable; urgency=low

  * Team upload.
  * New upstream release
  * debian/control: Add apache2-mpm-event to the dependency alternative, it is
    now supported by passenger (Closes: #600679)
  * Drop debian/patches/fix_ftbfs_gcc47.patch: Applied upstream
  * Add debian/gbp.conf file
  * debian/rules: Remove leftover MacOS resource fork file

 -- Laurent Bigonville <bigon@debian.org>  Thu, 28 Jun 2012 17:00:42 +0200

ruby-passenger (3.0.12debian-1) unstable; urgency=low

  * Team upload.
  * New upstream release
  * Add debian/patches/fix_ftbfs_gcc47.patch: Fix FTBFS with GCC 4.7
    (Closes: #672096)

 -- Laurent Bigonville <bigon@debian.org>  Wed, 23 May 2012 18:40:57 +0200

ruby-passenger (3.0.11debian-1) unstable; urgency=low

  * Team upload.
  [ Dmitry Borodaenko ]
  * New upstream release (Closes: #588256)

  [ Laurent Bigonville ]
  * Rename packages to follow new ruby policy
  * Split all ruby files into the ruby-passenger package (Closes: #664152)
  * debian/control: Fix typo, the right package is www-browser (Closes:
    #628479)
  * Also build for ruby 1.9.1 (LP: #695159)

 -- Laurent Bigonville <bigon@debian.org>  Fri, 23 Mar 2012 13:14:01 +0100

passenger (2.2.11debian-2) unstable; urgency=low

  [Laurent Arnoud]
  * Team upload.
  * Bump Standards version to 3.9.1 (no changes).

  [Evgeni Golov]
  * Correctly install docs in passenger-doc (Closes: #599024)

 -- Evgeni Golov <evgeni@debian.org>  Wed, 06 Oct 2010 11:49:07 +0200

passenger (2.2.11debian-1) unstable; urgency=low

  [ Paul van Tilburg ]
  * debian/watch: fixed typo in the dversionmangle regexp.

  [ Micah Anderson ]
  * New upstream release
  * Update Standards version, no changes
  * Remove unused patchsystem in debian/rules

 -- Micah Anderson <micah@debian.org>  Wed, 17 Mar 2010 00:27:59 -0400

passenger (2.2.9debian-1) unstable; urgency=low

  * New upstream release (Closes: #555552)

 -- Micah Anderson <micah@debian.org>  Sun, 31 Jan 2010 14:19:55 -0500

passenger (2.2.7debian-1) unstable; urgency=low

  * Added possibile dependency on apache2-mpm-itk (Closes: #556230)
  * New upstream release

 -- Micah Anderson <micah@debian.org>  Fri, 20 Nov 2009 13:56:00 -0500

passenger (2.2.5debian1-1) unstable; urgency=low

  * Really sort out the Build-deps this time (Closes: #555155)
  * Remove embedded prototype.js, Build-dep on libjs-prototype
    and symlink to that version, requires repack of orig
    tarball (Closes: #555273)

 -- Micah Anderson <micah@debian.org>  Mon, 09 Nov 2009 12:07:15 -0500

passenger (2.2.5debian-5) unstable; urgency=low

  * Build-dep on apache2 to fix FTBS (Closes: #555155)

 -- Micah Anderson <micah@debian.org>  Sun, 08 Nov 2009 21:22:47 -0500

passenger (2.2.5debian-3) unstable; urgency=low

  * Really fix apache2-mpm-preform dependencies (Closes: #545872)

 -- Micah Anderson <micah@debian.org>  Fri, 06 Nov 2009 17:41:46 -0500

passenger (2.2.5debian-2) unstable; urgency=low

  * Update control to allow for possible installation of
    apache2-mpm-prefork (Closes: #545872)

 -- Micah Anderson <micah@debian.org>  Wed, 23 Sep 2009 14:55:53 -0400

passenger (2.2.5debian-1) unstable; urgency=low

  * New upstream release
  * Bump standards version one minor number (no changes)

 -- Micah Anderson <micah@debian.org>  Thu, 17 Sep 2009 22:55:23 -0400

passenger (2.2.4debian-1) unstable; urgency=low

  * Updated debian/copyright information with information for:
    . test/support/tut.h and tut_reporter.h
    . test/stub/rails_apps/mycookbook/public/javascripts/prototype.js
    . test/stub/rails_apps/mycookbook/public/javascripts/effects.js
    . test/stub/rails_apps/mycookbook/public/javascripts/dragdrop.js
    . test/stub/rails_apps/mycookbook/public/javascripts/controls.js
    . ext/nginx/StaticContentHandler.c
    . ext/nginx/Configuration.[c,h], ContentHandler.[c,h],
    . ext/nginx/ngx_http_passenger_module.[c,h] and StaticContentHandler.h
    . ext/apache2/Hooks.cpp
    . ext/common/Base65.[cpp,h]
  * Update Standards-Version to 3.8.2 (no changes)
  * Also remove passenger-install-nginx-module, same as the apache piece
  * Add myself and damog to Uploaders
  * Set Maintainer field to Debian Ruby Extras Maintainers
  * Make sure the modsavailabledir is properly created
  * Fix the DEB_INSTALL_DOCS package name
  * Update the passengermodule and admintools names for the new upstream
  * Removed etc from libapache2-mod-passenger.install
  * Updated to new upstream version
  * Added librack-ruby Depends
  * Removed tests/support/valgrind.h, incompatible 4-clause BSD license
  * Added Build-dep on source-highlight

 -- Micah Anderson <micah@debian.org>  Sat, 25 Jul 2009 11:46:51 -0400

passenger (2.1.2-1) unstable; urgency=low

  * New upstream version.
  * Added license and copyright information for Boost library at
    debian/copyright.
  * Updated source paths.
  * Updated Standards-Version to 3.8.1 .

 -- Filipe Lautert <filipe@debian.org>  Thu, 26 Mar 2009 19:56:22 -0300

passenger (2.0.3-1) unstable; urgency=low

  [Filipe Lautert]

  * Some corrections to changelog file.
  * Added myself and ruby-extras group to uploaders field.

  [Leandro Nunes dos Santos]

  * Initial release (Closes: #488753).

 -- Filipe Lautert <filipe@debian.org>  Wed, 15 Oct 2008 23:04:26 -0200