jetty 6.1.20-2 source package in Ubuntu


jetty (6.1.20-2) unstable; urgency=low

  * Move documentation to /usr/share/doc/libjetty-java
  * Better postinst and postrm scripts, aligned with tomcat6 scripts:
     - postinst: user jetty is created with its own group
     - postrm: better cleanup of temporary data,
       thourough remove and purge of data
  * debian/changelog:
    - fix suggest for package libjetty-java-doc, add libjetty-java-doc
      to the list of Suggests for libjetty-java
    - add libjetty-extra to the list of Suggests for package jetty.

jetty (6.1.20-1) unstable; urgency=medium

  [ Niels Thykier ]
  * New upstream release.
  * Stop using Build-Depends-Indep, since the policy and the build
    daemons disagree on when it should be used (Closes: #540861).
  * Corrected jetty.install to reflect the move of some license files
    in the source tree.
  * Bumped to Standard-Versions 3.8.3 - no changes required.
  * Updated{install,rm} scripts to use "set -e" instead of
    passing it to sh.
  * Installed "VERSION.txt" as upstream changelog.
  * A previous version (6.1.18-1) fixed the following security problems, which
    were not mentioned in the changelog: CVE-2007-5613, CVE-2007-5614,
    CVE-2007-5615, CVE-2009-1523, and CVE-2009-1524 (see below for more

  [ Torsten Werner ]
  * Set urgency to medium because this version fixes a FTBFS.

jetty (6.1.19-2) unstable; urgency=low

  * Upload to unstable.

jetty (6.1.19-1) experimental; urgency=low

  [ Ludovic Claude ]
  * New upstream release fixing a security vulnerability
    (cookies are not secure if you are running behind a netscaler).
  * Remove the bootstrap patch as it has been added upstream and update
    the build to use the new start-daemon component.
  * Remove the Build-Depend on quilt as the patch is not needed anymore.
  * Add the Maven POM to the package.
  * Add a Build-Depends dependency on maven-repo-helper.
  * Use mh_installpom and mh_installjar to install the POM and the jar to the
    Maven repository.
  * Add optional support for web applications located in /usr/share/webapps.
  * Add a cron job that cleans up the old log files in /var/log/jetty.
  * Register the Javadoc into Debian documentation and put it in a
    separate package (libjetty-java-doc).
  * Use openjdk-6-jdk for the build; add a Build-Depends on this
    package. Required to build the javadoc.
  * Update debian/copyright (patch provided by Jan Pascal Vanbest
    <email address hidden>).

  [ Torsten Werner ]
  * Add myself to Uploaders.
  * Update Standards-Version: 3.8.2.
  * Move package libjetty-java-doc to Section: doc.
  * Fix init script: check for /etc/default/rcS before reading it.

jetty (6.1.18-1) unstable; urgency=low

  [Ludovic Claude]
  * Add myself to Uploaders.
  * Change the build dependency on java-gcj to default-jdk.
  * Add init.d startup script.
  * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java
    for libjetty-extra-java, add links for the lib folder.
  * Add dependency on jsvc to run jetty as a daemon.
  * Add the package libjetty-setuid-java for the Setuid module (with native
  * Add an index page used when Jetty starts.
  * Use latest jasper from Tomcat to provide jsp 2.1 instead of
    Glassfish JSP implementation as in the standard distribution.
  * Add tools.jar to the classpath to be able to run JSP (Closes: #452586).
  * Fix Lintian warnings: add ${misc:Depends} to all Depends.
  * Move jetty to main as all its dependencies are in main,
    and jetty contains only code that complies with Debian guidelines,
    use java section like tomcat6
    (Closes: #498582).
  * Do not depend on tomcat 5.5 (Closes: #530720, #458399).
  * Remove empty prerm and preinst scripts.
  * Remove old patches that don't apply anymore.
  * Update copyright and remove full text of Apache license.
  * Bump up compat to 6 and Standards-Version to 3.8.1.

  [David Yu]
  * New upstream release for jetty
    (Closes: #528389, #527571, #454529, #425152).
  * Fixed jetty.links. Now delegates install of start.jar to libjetty-java.

  [ Torsten Werner ]
  * fixes several security issues:
    - CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump Servlet.
    - CVE-2007-5614: Quote Sequence vulnerability.
    - CVE-2007-5615: CRLF injection vulnerability.
    - CVE-2009-1523: Directory traversal vulnerability in the HTTP server in
    Mort Bay Jetty.
    - CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
    Bay Jetty.
    (Closes: #454529, #528389, #527571, #543462).

 -- Matthias Klose <email address hidden>   Tue,  20 Oct 2009 15:11:18 +0100

Upload details

Uploaded by:
Matthias Klose on 2009-10-20
Uploaded to:
Original maintainer:
Debian Java Maintainers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
jetty_6.1.20.orig.tar.gz 2.0 MiB 213a436999ce5614869a359335c834a7dbb61c4aa94e018e9a801fbc59ffcb49
jetty_6.1.20-2.diff.gz 18.2 KiB 517a11bc0650dd762791dee4227163a357d729e384ec6ec37099c035804677aa
jetty_6.1.20-2.dsc 1.6 KiB 2b8d9b568ed735c4dc266ab67fd173f2e8b3c77178a62973d888cab65eac7c0a

Available diffs

View changes file

Binary packages built by this source

jetty: No summary available for jetty in ubuntu karmic.

No description available for jetty in ubuntu karmic.

libjetty-extra: No summary available for libjetty-extra in ubuntu karmic.

No description available for libjetty-extra in ubuntu karmic.

libjetty-extra-java: No summary available for libjetty-extra-java in ubuntu karmic.

No description available for libjetty-extra-java in ubuntu karmic.

libjetty-java: No summary available for libjetty-java in ubuntu lucid.

No description available for libjetty-java in ubuntu lucid.

libjetty-java-doc: No summary available for libjetty-java-doc in ubuntu karmic.

No description available for libjetty-java-doc in ubuntu karmic.