-
memcached (1.4.14-0ubuntu1.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: denial of service via large body length
- debian/patches/CVE-2011-4971.patch: check length in memcached.c,
added test to t/issue_192.t.
- CVE-2011-4971
* SECURITY UPDATE: denial of service when using -vv
- debian/patches/CVE-2013-0179.patch: properly format key in items.c,
memcached.c.
- CVE-2013-0179
* SECURITY UPDATE: SASL authentication bypass
- debian/patches/CVE-2013-7239.patch: explicitly record sasl auth
states in memcached.*, added test to t/binary-sasl.t.
- CVE-2013-7239
-- Marc Deslauriers <email address hidden> Tue, 07 Jan 2014 09:14:01 -0500
-
memcached (1.4.14-0ubuntu1) quantal; urgency=low
* New upstream release.
* d/p/60_fix_racey_test.patch: Dropped, applied upstream.
-- Clint Byrum <email address hidden> Thu, 23 Aug 2012 13:52:39 -0700
-
memcached (1.4.13-0.1ubuntu3) quantal; urgency=low
* d/p/start-memcached-fix-hash.patch: Change regex to make sure
inline comments can function per feedback from upstream. Passing
"#" to arguments now requires escaping with \.
-- Clint Byrum <email address hidden> Tue, 31 Jul 2012 14:40:31 -0700
-
memcached (1.4.13-0.1ubuntu2) quantal; urgency=low
* d/p/start-memcached-fix-hash.patch: Apply patch to allow passing
# as a value for memcached options such as -D to use # as a prefix
delimiter for stats collection. (LP: #1005821)
-- Clint Byrum <email address hidden> Sun, 29 Jul 2012 00:14:09 -0700
-
memcached (1.4.13-0.1ubuntu1) quantal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Run as 'memcache' user instead of nobody.
- Depend on adduser for preinst/postrm.
- Create user in postinst.
- d/rules: run test suite on build.
- d/patches/50_fix_racey_test.patch: Cherry picked patch from
upstream bug tracker which endeavours to avoid the race condition.
Thanks to Clint Byrum for this fix.
- d/patches/50_add_init_retry.patch: Dropped - superceeded by Debian
patch.
memcached (1.4.13-0.1) unstable; urgency=low
* Non-maintainer upload.
+ Include changes of my previous NMU (filed as #641770 back then)
* Package new upstream release
+ this fixes "Please package upstream version 1.4.13" (Closes: #667746)
+ enable support for SASL authentication in debian/rules and add
build-dependencies accordingly (Closes: #616148)
+ Include support for "-o maxconns_fast" which causes clients not to block
for a long time on busy servers
* Build package with hardened build flags. Thanks to Moritz Muehlenhoff for
providing a patch. Moreover, add a build-dependency for dpkg-dev (>=
1.15.7) for people considering to make a backport on very old systems
(Closes: #655134)
* Update patches:
+ 03_fix_ftbfs4hurd.patch: Refresh hunk offsets, leave changes untouched
+ Drop 04_fix_double_fork_in_start-memcached.patch: applied upstream
+ Apply patch supplied by Clint Byrum as 04_add_init_retry.patch which
causes start-stop-daemon to wait up to 5 seconds upon termination of
memached (Closes: #659300)
-- James Page <email address hidden> Mon, 28 May 2012 15:21:53 +0100
-
memcached (1.4.13-0ubuntu2) precise; urgency=low
* Fix FTBFS due to racey test case:
- d/patches/50_fix_racey_test.patch: Cherry picked patch from
upstream bug tracker which endeavours to avoid the race condition.
Thanks to Clint Byrum for this fix.
-- James Page <email address hidden> Wed, 04 Apr 2012 17:21:16 +0100
