serf 1.3.3-1ubuntu0.1 source package in Ubuntu

Changelog

serf (1.3.3-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: cert spoofing via NUL characters in CommonName and
    SubjectAltNames
    - debian/patches/CVE-2014-3504.patch: escape null bytes in
      buckets/ssl_buckets.c.
    - CVE-2014-3504
  * Fix FTBFS because of expired test certs:
    - debian/patches/expired_certs.patch: switch to test certs from serf
      1.3.6.
    - debian/source/format: switch to 3.0 (quilt) so we can handle the
      binary cert file
    - debian/source/include-binaries: include binary cert file from 1.3.6.
 -- Marc Deslauriers <email address hidden>   Thu, 14 Aug 2014 09:47:32 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2014-08-14
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2014-08-14 main libs
Trusty security on 2014-08-14 main libs

Downloads

File Size MD5 Checksum
serf_1.3.3.orig.tar.gz 177.3 KiB 294b470bb59cc7daf3ef6893cdb65c2c
serf_1.3.3-1ubuntu0.1.debian.tar.gz 24.0 KiB 2379b259c224f5ccaa341d8a526ad041
serf_1.3.3-1ubuntu0.1.dsc 1.9 KiB 00b04a0a7c86aebba512eb3f2a2417a0

View changes file

Binary packages built by this source

libserf-1-1: high-performance asynchronous HTTP client library

 serf library is a C-based HTTP client library built upon the Apache
 Portable Runtime (APR) library. It multiplexes connections, running the
 read/write communication asynchronously. Memory copies and
 transformations are kept to a minimum to provide high performance
 operation.

libserf-dev: high-performance asynchronous HTTP client library headers

 serf library is a C-based HTTP client library built upon the Apache
 Portable Runtime (APR) library. It multiplexes connections, running the
 read/write communication asynchronously. Memory copies and
 transformations are kept to a minimum to provide high performance
 operation.
 .
 This package contains development headers for serf.

libserf1-dbg: high-performance asynchronous HTTP client library debugging symbols

 serf library is a C-based HTTP client library built upon the Apache
 Portable Runtime (APR) library. It multiplexes connections, running the
 read/write communication asynchronously. Memory copies and
 transformations are kept to a minimum to provide high performance
 operation.
 .
 This package contains the debugging symbols for serf.