File: changelog

package info (click to toggle)
waitress 3.0.2-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 988 kB
  • sloc: python: 10,771; makefile: 84; sh: 25
file content (324 lines) | stat: -rw-r--r-- 10,520 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
 
waitress (3.0.2-2) unstable; urgency=medium

  * Team upload.
  * Fix profile for python3-sphinx build-dependency (closes: #1116924).

 -- Colin Watson <cjwatson@debian.org>  Tue, 30 Sep 2025 19:04:08 +0100

waitress (3.0.2-1) unstable; urgency=medium

  * Team upload.
  * New upstream release:
    - [SECURITY] When using Waitress to process trusted proxy headers,
      Waitress will now update the headers to drop any untrusted values,
      thereby making sure that WSGI apps only get trusted and validated
      values that Waitress itself used to update the environ.

 -- Colin Watson <cjwatson@debian.org>  Wed, 20 Nov 2024 11:09:18 +0100

waitress (3.0.1-1) unstable; urgency=medium

  * Team upload.
  * New upstream release:
    - CVE-2024-49768: Fix a race condition in Waitress when
      `channel_request_lookahead` is enabled that could lead to HTTP request
      smuggling (closes: #1086467).
    - CVE-2024-49769: Fix a bug that would lead to Waitress busy looping on
      select() on a half-open socket due to a race condition that existed
      when creating a new HTTPChannel (closes: #1086468).

 -- Colin Watson <cjwatson@debian.org>  Wed, 30 Oct 2024 23:22:09 +0000

waitress (3.0.0-1) unstable; urgency=medium

  * Team upload.
  * d/watch: Add compression=gz
  * New upstream version 3.0.0
  * Rebuild patch queue from patch-queue branch
    Adjusted patch:
    docs-Don-t-try-to-detect-the-version-don-t-use-Pylons-the.patch
  * d/control: Bump Standards-Version to 4.7.0
    No further changes needed.
  * d/rules: Add target override_dh_clean
  * d/{control,rules}: Move over to use dh-sequence-sphinxdoc
  * d/control: Update binary package long description
  * d/u/metadata: Add FAQ and Security-Contact fields

 -- Carsten Schoenert <c.schoenert@t-online.de>  Fri, 10 May 2024 17:50:49 +0200

waitress (2.1.2-2) unstable; urgency=medium

  * Team Upload.
  * autopkgtest: Update control file for successful testing

 -- Carsten Schoenert <c.schoenert@t-online.de>  Mon, 14 Nov 2022 17:15:51 +0100

waitress (2.1.2-1) unstable; urgency=medium

  * Team Upload.
  * d/gbp.conf: Add a basic default configuration
  * d/README.source: Add basic information about package
  * d/README.Debian: Drop that file
  * d/watch: Update watch mode to look out git tags
  * New upstream version 2.1.2
    Resolves CVE-2022-31015 (Closes: #1012315)
  * Rebuild patch queue from patch-queue branch
    Added patch:
    docs-Use-internal-ressources-for-intersphinx.patch
    Renamed patch:
    01-fix-sphinxdoc-conf.patch
    -> docs-Don-t-try-to-detect-the-version-don-t-use-Pylons-the.patch
  * d/control: Remove Built-Using ${sphinxdoc:Built-Using}
    The -doc package isn't from type arch all.
  * d/control: Add python3-doc to Build-Depends
    That is used for intersphinx integration in the -doc package.
  * d/{control,rules}: Move over to dh-sequence-python3
  * documentation: Build HTML documentation by dh_sphinxdoc
  * autopkgtest: Small adjustment to testing call

 -- Carsten Schoenert <c.schoenert@t-online.de>  Sat, 12 Nov 2022 21:14:43 +0100

waitress (2.1.1-3) unstable; urgency=medium

  * Team Upload.
  * Remove space in DH_OPTIONS causing FTBFS (Closes: #1020065)
  * Bump Standards-Version to 4.6.1 (no changes needed)
  * Fix globbing pattern
  * Remove public-domain license for debian/*

 -- Nilesh Patra <nilesh@debian.org>  Sat, 01 Oct 2022 14:58:24 +0530

waitress (2.1.1-2) unstable; urgency=medium

  * Team upload.
  * Build-Depend and autopkgtest Depend on netbase, for services resolution in
    tests.

 -- Stefano Rivera <stefanor@debian.org>  Tue, 10 May 2022 08:31:41 -0400

waitress (2.1.1-1) unstable; urgency=medium

  [ Stefano Rivera ]
  * Team upload.
  * New upstream release.
    - Resolves CVE-2022-24761 (Closes: #1008013)
  * Build with pybuild's pyproject plugin.
  * Run test suite at build time.
  * Run test suite in autopkgtests.
  * Bump Standards-Version to 4.6.0, no changes needed.
  * Bump watch file version to 4.
  * Update 01-fix-sphinxdoc-conf.patch to determine the upstream version from
    the Debian changelog.
  * Revert the -D html_last_updated_fmt approach to get sphinx to produce
    reproducible docs, it supports SOURCE_DATE_EPOCH, these days.

  [ Debian Janitor ]
  * Bump debhelper from old 12 to 13.
  * Update standards version to 4.5.1, no changes needed.
  * Remove constraints unnecessary since buster:
    + Build-Depends: Drop versioned constraint on python3-all and
      python3-setuptools.

 -- Stefano Rivera <stefanor@debian.org>  Mon, 09 May 2022 20:51:31 -0400

waitress (1.4.4-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix cleanup of the waitress-serve alternative.  (Closes: #984630)

 -- Andreas Beckmann <anbe@debian.org>  Tue, 20 Apr 2021 20:58:53 +0200

waitress (1.4.4-1) unstable; urgency=medium

  [ Andrej Shadura ]
  * New upstream release.

  [ Michael Fladischer ]
  * Provide virtual package httpd-wsgi3.

  [ Debian Janitor ]
  * Replace spaces in short license names with dashes.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
    Repository-Browse.
  * Update standards version to 4.5.0, no changes needed.
  * Apply multi-arch hints.
    + python-waitress-doc: Add Multi-Arch: foreign.

  [ Ondřej Nový ]
  * d/control: Update Maintainer field with new Debian Python Team
    contact address.
  * d/control: Update Vcs-* fields with new Debian Python Team Salsa
    layout.

 -- Andrej Shadura <andrewsh@debian.org>  Sat, 09 Jan 2021 10:16:20 +0100

waitress (1.4.1-1) unstable; urgency=medium

  [ Louis-Philippe Véronneau ]
  * d/control: update the VCS links. (Closes: 946103)

  [ Andrej Shandura ]
  * New upstream release.
    - Closes: #947306:
      CVE-2019-16785: potential HTTP request smuggling/splitting
      due to differences in endline parsing.
      CVE-2019-16786: incorrect treatment of single requests as
      multiple requests in the case of HTTP pipelining due to
      the incorrect parsing of Transfer-Encoding ignoring all but
      the first comma-separated header value.
    - Closes: #947433:
      CVE-2019-16789: potential HTTP request splitting leading
      to potential cache poisoning or unexpected information
      disclosure due to incorrect parsing of special whitespace
      characters in the Transfer-Encoding header.
  * Refresh the documentation configuration patch.
  * Set Rules-Requires-Root: no
  * Bump Standards-Version to 4.4.1, no changes.
  * Replace dh_auto_install override with --shebang.
  * Update debian/copyright.
  * Use ${sphinxdoc:Built-Using}.

 -- Andrej Shadura <andrewsh@debian.org>  Wed, 01 Jan 2020 14:04:40 +0100

waitress (1.3.1-4) unstable; urgency=medium

  * Revert the documentation package rename.
  * Revert the reversion of the Python 3 removal.
  * Remove alternatives on preinst.
  * Install waitress-serve into /usr/bin directly.

 -- Andrej Shadura <andrewsh@debian.org>  Thu, 12 Sep 2019 21:38:15 +0200

waitress (1.3.1-3) unstable; urgency=medium

  * Revert the Python 3 removal.
  * Try to remove alternatives, don’t fail if we can’t.

 -- Andrej Shadura <andrewsh@debian.org>  Thu, 12 Sep 2019 21:07:45 +0200

waitress (1.3.1-2) unstable; urgency=medium

  * Rename the documentation package.

 -- Andrej Shadura <andrewsh@debian.org>  Thu, 12 Sep 2019 18:48:27 +0200

waitress (1.3.1-1) unstable; urgency=medium

  * New upstream release.
  * Maintain in the team.
  * Run wrap-and-sort -bask.
  * Use debhelper-compat instead of debian/compat.
  * Use secure URI in Homepage field.
  * Bump debhelper from old 9 to 12.
  * Drop Python 2 support.

 -- Andrej Shadura <andrewsh@debian.org>  Thu, 12 Sep 2019 18:38:52 +0200

waitress (1.2.0~b2-2) unstable; urgency=medium

  * Unbreak docco build (Closes: #918669).

 -- Andrej Shadura <andrewsh@debian.org>  Tue, 08 Jan 2019 15:54:08 +0100

waitress (1.2.0~b2-1) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/copyright: Use https protocol in Format field.
  * d/control: Add Vcs-* field.

  [ Andrej Shadura ]
  * New upstream release.

 -- Andrej Shadura <andrewsh@debian.org>  Mon, 07 Jan 2019 18:26:54 +0100

waitress (1.1.0-1) unstable; urgency=medium

  * New upstream release.
  * Enable autopkgtests.
  * Add Vcs-*.

 -- Andrej Shadura <andrewsh@debian.org>  Sun, 13 May 2018 10:12:31 +0200

waitress (1.0.1-1) unstable; urgency=medium

  * New upstream release.
  * Update package descriptions.
  * Build-Depend on Python 2.7+/3.3+.

 -- Andrew Shadura <andrewsh@debian.org>  Tue, 13 Dec 2016 14:34:36 +0100

waitress (0.8.10-1) unstable; urgency=medium

  [ Juan Picca ]
  * Make the build reproducible (Closes: #788597).

  [ Andrew Shadura ]
  * New upstream release.

 -- Andrew Shadura <andrewsh@debian.org>  Sat, 26 Dec 2015 14:44:28 +0100

waitress (0.8.9-2) unstable; urgency=medium

  * Fix FTBFS (Closes: #765126).

 -- Andrew Shadura <andrewsh@debian.org>  Mon, 13 Oct 2014 21:56:21 +0200

waitress (0.8.9-1) unstable; urgency=medium

  * New upstream release.

 -- Andrew Shadura <andrewsh@debian.org>  Wed, 08 Oct 2014 15:58:50 +0200

waitress (0.8.8-3) unstable; urgency=low

  * Build against python3.4.
  * Fix shebangs in waitress-serve scripts.

 -- Andrew Shadura <andrewsh@debian.org>  Thu, 24 Apr 2014 08:12:29 +0200

waitress (0.8.8-2) unstable; urgency=low

  * Fix the package description.
  * Bump Standards-Version (no changes).

 -- Andrew Shadura <andrewsh@debian.org>  Thu, 24 Apr 2014 07:45:00 +0200

waitress (0.8.8-1) unstable; urgency=low

  * New upstream release.

 -- Andrew Shadura <andrewsh@debian.org>  Sat, 14 Dec 2013 20:55:11 +0100

waitress (0.8.7-3) unstable; urgency=low

  * Switch to using dh-python instead of versioned depends
    on python3 (Closes: #731532).

 -- Andrew Shadura <andrewsh@debian.org>  Sat, 14 Dec 2013 17:53:03 +0100

waitress (0.8.7-2) unstable; urgency=low

  * Update the watch file.
  * Use alternatives to ensure co-installability of python2 and python3
    versions (Closes: #725260).

 -- Andrew Shadura <andrewsh@debian.org>  Thu, 03 Oct 2013 15:44:25 +0200

waitress (0.8.7-1) unstable; urgency=low

  * New upstream version.

 -- Andrew Shadura <andrewsh@debian.org>  Wed, 02 Oct 2013 20:49:35 +0200

waitress (0.8.1-2) unstable; urgency=low

  * Upload to unstable.
  * Remove erroneous patch.

 -- Andrew Shadura <andrewsh@debian.org>  Sat, 13 Apr 2013 15:25:34 +0200

waitress (0.8.1-1) experimental; urgency=low

  * Initial release.

 -- Andrew Shadura <andrewsh@debian.org>  Thu, 21 Mar 2013 21:02:04 +0100