Change log for commons-httpclient package in Ubuntu
| 1 → 25 of 25 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Obsolete in kinetic-release |
| Published in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
commons-httpclient (3.1-16) unstable; urgency=medium * Fixed the build failure with OpenJDK 17 (Closes #982053) * Standards-Version updated to 4.5.1 * Switch to debhelper level 13 -- Emmanuel Bourg <email address hidden> Mon, 08 Feb 2021 00:10:24 +0100
Available diffs
- diff from 3.1-15 to 3.1-16 (1.1 KiB)
| Obsolete in cosmic-updates |
| Published in bionic-updates |
| Obsolete in cosmic-security |
| Published in bionic-security |
| Deleted in cosmic-proposed (Reason: moved to -updates) |
| Deleted in bionic-proposed (Reason: moved to -updates) |
commons-httpclient (3.1-15~18.04) bionic; urgency=medium * Backport for OpenJDK 11. LP: #1814133.
Available diffs
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Published in focal-release |
| Obsolete in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
commons-httpclient (3.1-15) unstable; urgency=medium * Ignore the test failures with Java 11 (Closes: #912234) * Standards-Version updated to 4.2.1 * Use salsa.debian.org Vcs-* URLs * Removed Damien Raude-Morvan from the uploaders (Closes: #889358) -- Emmanuel Bourg <email address hidden> Mon, 29 Oct 2018 22:56:50 +0100
Available diffs
- diff from 3.1-14 to 3.1-15 (968 bytes)
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
commons-httpclient (3.1-14) unstable; urgency=medium * Team upload. * Fix Manifest file and add missing OSGi metadata. (Closes: #871142) * Build with javahelper. * Use compat level 11. * Declare compliance with Debian Policy 4.1.3. * Fix Lintian warning privacy breach logo. -- Markus Koschany <email address hidden> Thu, 01 Feb 2018 21:16:27 +0100
Available diffs
- diff from 3.1-13 to 3.1-14 (2.4 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
commons-httpclient (3.1-13) unstable; urgency=medium * Build with maven-debian-helper instead of ant * Moved the package to Git * Standards-Version updated to 4.0.0 * Switch to debhelper level 10 -- Emmanuel Bourg <email address hidden> Tue, 04 Jul 2017 10:00:57 +0200
Available diffs
- diff from 3.1-12 to 3.1-13 (1.9 KiB)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Superseded in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
commons-httpclient (3.1-12) unstable; urgency=high
* Team upload.
[ Kumar Appaiah ]
* debian/control:
+ Remove Kumar Appaiah from uploaders
[ Emmanuel Bourg ]
* Add myself to Uploaders.
* Switch to debhelper level 9
* debian/control:
- Use canonical URLs for the Vcs-* fields
- Improved the package description
- Removed Michael Koch from the uploaders (Closes: #654007)
* debian/rules: Improved the clean target
[ tony mancill ]
* Remove trailing spaces from package description of
libcommons-httpclient-java-doc in debian/control. (Closes: #783931)
[ Markus Koschany ]
* wrap-and-sort -sa.
* Declare compliance with Debian Policy 3.9.6.
* Add CVE-2015-5262.patch.
Fix CVE-2015-5262 jakarta-commons-httpclient: https calls ignore
http.socket.timeout during SSL Handshake. (Closes: #798650)
-- Markus Koschany <email address hidden> Mon, 02 Nov 2015 15:32:33 +0100
Available diffs
commons-httpclient (3.1-10.2ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: improper certificate hostname verification
- debian/patches/CVE-2014-3577.patch: fix Common Name logic in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
- debian/patches/CVE-2015-5262.patch: respect configured timeout in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2015 08:51:52 -0400
Available diffs
commons-httpclient (3.1-10ubuntu0.1) precise-security; urgency=medium
* SECURITY UPDATE: improper certificate hostname verification
- debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
wildcard verification in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- debian/patches/CVE-2014-3577.patch: fix Common Name logic in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2012-5783
- CVE-2012-6153
- CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
- debian/patches/CVE-2015-5262.patch: respect configured timeout in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2015 09:05:17 -0400
Available diffs
commons-httpclient (3.1-10.2ubuntu0.15.04.1) vivid-security; urgency=medium
* SECURITY UPDATE: improper certificate hostname verification
- debian/patches/CVE-2014-3577.patch: fix Common Name logic in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
- debian/patches/CVE-2015-5262.patch: respect configured timeout in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2015 08:51:52 -0400
Available diffs
| Superseded in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
commons-httpclient (3.1-11ubuntu1) wily; urgency=medium
* SECURITY UPDATE: denial of service via failure to set socket timeout
- debian/patches/CVE-2015-5262.patch: respect configured timeout in
src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
- CVE-2015-5262
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2015 08:49:28 -0400
Available diffs
commons-httpclient (3.1-11) unstable; urgency=high
* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
It was found that the fix for CVE-2012-6153 was incomplete: the code added
to check that the server hostname matches the domain name in a subject's
Common Name (CN) field in X.509 certificates was flawed. A
man-in-the-middle attacker could use this flaw to spoof an SSL server using
a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
intended to address the incomplete patch for CVE-2012-5783. The issue is
now completely resolved by applying this patch and the
06_fix_CVE-2012-5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
commons-httpclient will not compile with this patch.
-- Markus Koschany <email address hidden> Mon, 23 Mar 2015 22:57:54 +0100
Available diffs
- diff from 3.1-10.2 to 3.1-11 (2.2 KiB)
| Superseded in wily-release |
| Obsolete in vivid-release |
| Obsolete in utopic-release |
| Published in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
commons-httpclient (3.1-10.2) unstable; urgency=low * Non-maintainer upload. * Fix CVE-2012-5783 (Closes: #692442) * Fix CN extraction from DN of X500 principal. * Fix wildcard validation on ssl connections -- Alberto Fernández Martínez <email address hidden> Thu, 6 Dec 2012 14:28:00 +0100
Available diffs
- diff from 3.1-10.1 to 3.1-10.2 (3.2 KiB)
commons-httpclient (3.1-10.1) unstable; urgency=low * Non-maintainer upload. * Fix CVE-2012-5783 (Closes: #692442) -- Alberto Fernández Martínez <email address hidden> Wed, 5 Dec 2012 17:28:00 +0100
Available diffs
commons-httpclient (3.1-10build1) quantal; urgency=low * No-change rebuild with openjdk-7 as default-jdk. -- James Page <email address hidden> Fri, 18 May 2012 11:35:24 +0100
Available diffs
- diff from 3.1-10 (in Debian) to 3.1-10build1 (355 bytes)
commons-httpclient (3.1-10) unstable; urgency=low
[ Damien Raude-Morvan ]
* Remove Arnaud Vandyck from Uploaders
* d/control: Drop Depends on any JRE as a Java library don't need to
depends on a runtime (Java Policy)
[ Torsten Werner ]
* Switch to source format 3.0.
* Update Standards-Version: 3.9.1.
* Remove Barry from Uploaders list.
-- Torsten Werner <email address hidden> Tue, 30 Aug 2011 11:47:01 +0200
Available diffs
- diff from 3.1-9 to 3.1-10 (1.2 KiB)
| Superseded in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
| Obsolete in lucid-release |
commons-httpclient (3.1-9) unstable; urgency=low
* Add myself to Uploaders
* Use quilt as patch system
- Build-Depends on quilt
- Add debian/README.source
- Use CDBS patchsys-quilt.mk
* New debian/patches/05_osgi_metadata.diff to include OSGi metadata
in JAR (Closes: #558182)
-- Ubuntu Archive Auto-Sync <email address hidden> Sat, 12 Dec 2009 14:53:28 +0000
Available diffs
- diff from 3.1-8 to 3.1-9 (2.2 KiB)
commons-httpclient (3.1-8) unstable; urgency=low
[Damien Raude-Morvan]
* Fix debian/watch: use http://www.apache.org/dist/
[Onkar Shinde]
* debian/patches/04_fix_classpath.patch
- Add appropriate jar files in classpath using manifest attribute.
(LP: #459251)
* debian/ant.properties
- Add properties to set target JVM version 1.4.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 23 Nov 2009 18:26:11 +0000
Available diffs
- diff from 3.1-7 to 3.1-8 (838 bytes)
commons-httpclient (3.1-7) unstable; urgency=low
* Add myself to Uploaders.
* Revert change from last upload:
- Don't map version of commons-httpclient explicitly.
(Closes: #551126, #551214, #551217, #551218, #551221, #551224, #551226,
#551227, #551231, #551242)
Available diffs
- diff from 3.1-3 to 3.1-7 (7.6 KiB)
commons-httpclient (3.1-3) unstable; urgency=low * Convert to default-jdk/jre (Closes: #508949) * Bump Standards-Version to 3.8.1 -- Muharem Hrnjadovic <email address hidden> Mon, 18 May 2009 11:50:41 +0100
Available diffs
- diff from 3.1-2ubuntu1 to 3.1-3 (1.4 KiB)
commons-httpclient (3.1-2ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- default-java transition.
-- Chris Cheney <email address hidden> Wed, 17 Dec 2008 00:15:00 -0600
Available diffs
- diff from 3.1-2 to 3.1-2ubuntu1 (1.2 KiB)
commons-httpclient (3.1-2) unstable; urgency=low
* debian/watch:
+ Update to reflect new upstream mirror structure.
(Closes: #459995)
* debian/control:
+ Update my e-mail address to <email address hidden>.
+ Standards Version is now 3.7.3.
+ Use Vcs-Svn and Vcs-Browser in place of XS-Vcs-*.
+ Depend on ant 1.6.5 and above, instead of 1.6.5-1.
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 01:55:06 +0100
commons-httpclient (3.1-1) unstable; urgency=low
* New upstream release.
* Acknowledge NMU. Thanks to Michael Meskes for the upload.
* debian/ant.properties:
+ Correct Java directory spelling.
* debian/control:
+ Add Varun Hiremath and Kumar Appaiah to Uploaders.
+ Add XS-Vcs-Browser and XS-Vcs-Browser.
+ Move section of libcommons-httpclient-doc to doc.
+ Add Homepage Field.
* debian/patches:
+ Remove 00b_build_xml_dont_copy_lib_dir.patch
+ Update patches/01_build_xml_version_jar.patch and
patches/02_upstream_disable_examples_classes.patch for the new
upstream version
* debian/rules:
+ Remove dependence on package version; use DEB_UPSTREAM_VERSION for version
* debian/libcommons-httpclient-java.install:
+ Not needed, since functionality written in debian.rules.
* debian/watch
+ Update watch file to new upstream tarball directory.
* debian/libcommons-httpclient-java.link:
+ Not needed, since functionality written in debian.rules.
* Upstream has fixed some RFC violations. (Closes: #329245)
* Remove .cvsignore files.
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 23 Oct 2007 15:45:58 +0100
commons-httpclient (3.0.1-0.1) unstable; urgency=low
* Non-maintainer upload.
* Bump debhelper Build-Depends to (>= 4.1.0) as required by cdbs'
debhelper.mk
* Put the coppyright holders in debian/copyright
* Include the jar file in the package. (Closes: #381354)
* Only include one copy of the docs.
done by James Westby <email address hidden> Mon, 14 Aug 2006 02:29:47 +0100
| Superseded in feisty-release |
| Obsolete in edgy-release |
| Obsolete in dapper-release |
| Superseded in dapper-release |
commons-httpclient (2.0.2-2) unstable; urgency=low
* Provide non-version-specific symlink "commons-httpclient.jar" to
commons-httpclient-2.0.2.jar per Debian Java Policy Section 2.4
(Closes: 340308)
* Added additional doc-base entry to point to main section of
Jakarta Commons HttpClient documentation in addition to the
API Javadoc
* Maintainer email address updated for Barry Hawkins
* Upload sponsored by Petter Reinholdtsen
-- Barry Hawkins <email address hidden> Fri, 25 Nov 2005 13:12:23 -0500
commons-httpclient (2.0a1+20020904-2) unstable; urgency=low * Fix leading directory in Jar file (closes: #162606) -- Stephen Peters <email address hidden> Thu, 3 Oct 2002 16:32:59 -0400
| 1 → 25 of 25 results | First • Previous • Next • Last |
