Change logs for libsoup2.4 source package in Maverick

  • libsoup2.4 (2.31.92-0ubuntu1.1) maverick-security; urgency=low
    
      * SECURITY UPDATE: directory traversal in SoupServer
        - debian/patches/91_CVE-2011-2524.patch: adjust libsoup/soup-server.c
          to properly verify path input
        - CVE-2011-2524
     -- Jamie Strandboge <email address hidden>   Thu, 21 Jul 2011 12:36:32 -0500
  • libsoup2.4 (2.31.92-0ubuntu1) maverick; urgency=low
    
      * New upstream release:
        - Percent-encoded characters in URIs are no longer
          automatically normalized to uppercase, since apparently some
          servers are stupid. (Sergio Villar Senin)
        - Fixed a crash when resolving a URI containing both spaces
          and non-UTF8 8bit characters. (LP: #624896)
      * add debian/patches/89_revert_new_gi.patch:
        - don't use new gir for maverick
      * add debian/patches/90_autoreconf.patch to take previous patch into account
     -- Didier Roche <email address hidden>   Mon, 13 Sep 2010 23:29:17 +0200
  • libsoup2.4 (2.31.90-0ubuntu1) maverick; urgency=low
    
      * New upstream version
      * debian/libsoup2.4-1.symbols,
        debian/rules:
        - new version update
     -- Sebastien Bacher <email address hidden>   Tue, 17 Aug 2010 15:52:18 +0200
  • libsoup2.4 (2.31.6-0ubuntu2) maverick; urgency=low
    
      * Rebuild for the current gobject introspection
     -- Sebastien Bacher <email address hidden>   Tue, 10 Aug 2010 22:57:01 +0200
  • libsoup2.4 (2.31.6-0ubuntu1) maverick; urgency=low
    
      * New upstream release
      * debian/control:
        - Set Vcs-Bzr link
        - Use standards version 3.9.1
     -- Robert Ancell <email address hidden>   Tue, 10 Aug 2010 11:30:15 +1000
  • libsoup2.4 (2.30.2-1) unstable; urgency=low
    
      * New upstream release.
      * 01_disable_tls1.2.patch: stolen from git master. Disable TLS 1.2 and 
        use SSL 3.0 instead. Closes: #576339.
      * libsoup2.4-1.symbols: updated for the new version.
     -- Robert Ancell <email address hidden>   Wed,  14 Jul 2010 11:01:13 +0100
  • libsoup2.4 (2.30.2-0ubuntu1) maverick; urgency=low
    
      * New upstream version:
        - Fixed a problem with SoupSessionAsync that would cause messages to get
          lost if you aborted a previous message while it was still looking up the
          hostname. Fixed several other problems that were discovered
          while adding a regression test for that.
        - SoupSession now only allows a message to be redirected a fixed number of
          times, and returns an error after that.
        - Fixed another connecting-to-lame-https-server problem, and a
          getting-stuck-in-a-loop-reconnecting bug that it revealed.
        - Fixed an invalid read when parsing certain Cookie headers
        - Fixed a memory leak in soup_form_request_from_data
        - Failed SSL connections now include the correct reason_phrase
          ("SSL handshake failed" rather than "SSL support not available").
      * debian/libsoup2.4-1.symbols:
        - updated to list the new soup_connection_get_ever_used symbol
     -- Sebastien Bacher <email address hidden>   Thu, 24 Jun 2010 10:51:59 +0200
  • libsoup2.4 (2.30.1-1) unstable; urgency=low
    
      [ Emilio Pozuelo Monfort ]
      * debian/rules:
        - Make test suite errors fatal for the build.
      * debian/rules,
        debian/source/format:
        - Switch to source format 3.0 (quilt).
    
      [ Sebastian Dröge ]
      * New upstream bugfix release:
        + debian/libsoup2.4-1.symbols,
          debian/rules:
          - Updated for API additions.
     -- Sebastien Bacher <email address hidden>   Thu,  24 Jun 2010 09:48:49 +0100
  • libsoup2.4 (2.30.1-0ubuntu1) lucid-proposed; urgency=low
    
      * New upstream version (lp: #571242):
        - Fix for https through proxies that close the connection when returning a
          "407 Proxy Authentication Required" response, and add a
          regression test for that case.
        - Fixed multiple forms/multipart-related interoperability problems reported
          by Egon Andersen:
        - Don't quote the multipart boundary string if it's not needed, since
          RFC 2616 recommends that you don't, and some servers don't handle quotes
          there correctly. (Sigh.)
        - Don't put an extra blank line before the first multipart part, since it's
          unnecessary and some servers don't handle a multipart preamble correctly.
        - Don't put Content-Transfer-Encoding headers in
          the multipart/form-data parts, even though the HTML 4 spec says you must,
          since no other browsers do, and some servers don't handle them correctly.
        - Changed SoupCookieJarSqlite to actually erase deleted
          cookies from the database.
        - Fixed SoupLogger to be more robust against getting passed bad data
           by the session.
        - Fixed SoupAuthDomain to ignore paths when doing proxy auth
        - Fixed a g_warning when hovering over a javascript link in WebKit
      * debian/libsoup2.4-1.symbols:
        - new version update
      * debian/rules:
        - copied new Debian soname computation code to fix build issue
        - updated shlib version
     -- Sebastien Bacher <email address hidden>   Wed, 28 Apr 2010 15:26:36 +0200
  • libsoup2.4 (2.30.0-0ubuntu1) lucid; urgency=low
    
      * New upstream version:
        - Fixed a crash in the whitespace-stripping code in soup_uri_new()
        - Update content-sniffing algorithm to match Chrome and the
          soon-to-be-updated sniffing spec
        - We now handle "Content-Encoding: x-gzip" as well as "gzip"
         (even though "x-gzip" has been deprecated for more than 10 years).
        - Fixed leaks found by valgrind
        - Make the "make check" programs only bind to 127.0.0.1, not any public
          network interfaces.
        - Add a test to sniffing-test to make sure that
          Content-Type parameters are preserved correctly.
     -- Sebastien Bacher <email address hidden>   Tue, 30 Mar 2010 14:52:24 +0200