Back to jetty PTS page

Accepted jetty 6.1.20-1 (source all amd64)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 06 Sep 2009 23:06:45 +0200
Source: jetty
Binary: libjetty-java libjetty-java-doc libjetty-extra-java libjetty-setuid-java jetty
Architecture: source all amd64
Version: 6.1.20-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Torsten Werner <twerner@debian.org>
Description: 
 jetty      - Java servlet engine and webserver
 libjetty-extra-java - Java servlet engine and webserver -- extra libraries
 libjetty-java - Java servlet engine and webserver -- core libraries
 libjetty-java-doc - Javadoc for the Jetty API
 libjetty-setuid-java - Java servlet engine and webserver -- extra libraries
Closes: 425152 452586 454529 454529 458399 498582 527571 527571 528389 528389 530720 540861 543462
Changes: 
 jetty (6.1.20-1) unstable; urgency=medium
 .
   [ Niels Thykier ]
   * New upstream release.
   * Stop using Build-Depends-Indep, since the policy and the build
     daemons disagree on when it should be used (Closes: #540861).
   * Corrected jetty.install to reflect the move of some license files
     in the source tree.
   * Bumped to Standard-Versions 3.8.3 - no changes required.
   * Updated jetty.post{install,rm} scripts to use "set -e" instead of
     passing it to sh.
   * Installed "VERSION.txt" as upstream changelog.
   * A previous version (6.1.18-1) fixed the following security problems, which
     were not mentioned in the changelog: CVE-2007-5613, CVE-2007-5614,
     CVE-2007-5615, CVE-2009-1523, and CVE-2009-1524 (see below for more
     information).
 .
   [ Torsten Werner ]
   * Set urgency to medium because this version fixes a FTBFS.
 .
 jetty (6.1.19-2) unstable; urgency=low
 .
   * Upload to unstable.
 .
 jetty (6.1.19-1) experimental; urgency=low
 .
   [ Ludovic Claude ]
   * New upstream release fixing a security vulnerability
     (cookies are not secure if you are running behind a netscaler).
   * Remove the bootstrap patch as it has been added upstream and update
     the build to use the new start-daemon component.
   * Remove the Build-Depend on quilt as the patch is not needed anymore.
   * Add the Maven POM to the package.
   * Add a Build-Depends dependency on maven-repo-helper.
   * Use mh_installpom and mh_installjar to install the POM and the jar to the
     Maven repository.
   * Add optional support for web applications located in /usr/share/webapps.
   * Add a cron job that cleans up the old log files in /var/log/jetty.
   * Register the Javadoc into Debian documentation and put it in a
     separate package (libjetty-java-doc).
   * Use openjdk-6-jdk for the build; add a Build-Depends on this
     package. Required to build the javadoc.
   * Update debian/copyright (patch provided by Jan Pascal Vanbest
     <janpascal@vanbest.org>).
 .
   [ Torsten Werner ]
   * Add myself to Uploaders.
   * Update Standards-Version: 3.8.2.
   * Move package libjetty-java-doc to Section: doc.
   * Fix init script: check for /etc/default/rcS before reading it.
 .
 jetty (6.1.18-1) unstable; urgency=low
 .
   [Ludovic Claude]
   * Add myself to Uploaders.
   * Change the build dependency on java-gcj to default-jdk.
   * Add init.d startup script.
   * Add dependencies on ant, libslf4j-java, libxerces2-java, libtomcat6-java
     for libjetty-extra-java, add links for the lib folder.
   * Add dependency on jsvc to run jetty as a daemon.
   * Add the package libjetty-setuid-java for the Setuid module (with native
     code).
   * Add an index page used when Jetty starts.
   * Use latest jasper from Tomcat to provide jsp 2.1 instead of
     Glassfish JSP implementation as in the standard distribution.
   * Add tools.jar to the classpath to be able to run JSP (Closes: #452586).
   * Fix Lintian warnings: add ${misc:Depends} to all Depends.
   * Move jetty to main as all its dependencies are in main,
     and jetty contains only code that complies with Debian guidelines,
     use java section like tomcat6
     (Closes: #498582).
   * Do not depend on tomcat 5.5 (Closes: #530720, #458399).
   * Remove empty prerm and preinst scripts.
   * Remove old patches that don't apply anymore.
   * Update copyright and remove full text of Apache license.
   * Bump up compat to 6 and Standards-Version to 3.8.1.
 .
   [David Yu]
   * New upstream release for jetty
     (Closes: #528389, #527571, #454529, #425152).
   * Fixed jetty.links. Now delegates install of start.jar to libjetty-java.
 .
   [ Torsten Werner ]
   * fixes several security issues:
     - CVE-2007-5613: Cross-site scripting (XSS) vulnerability in Dump Servlet.
     - CVE-2007-5614: Quote Sequence vulnerability.
     - CVE-2007-5615: CRLF injection vulnerability.
     - CVE-2009-1523: Directory traversal vulnerability in the HTTP server in
     Mort Bay Jetty.
     - CVE-2009-1524: Cross-site scripting (XSS) vulnerability in Mort
     Bay Jetty.
     (Closes: #454529, #528389, #527571, #543462).
Checksums-Sha1: 
 cc9fa191dd73d66aedcef05acee5e2d9b1d8016c 1605 jetty_6.1.20-1.dsc
 cc2c8784dd9d25be5a89fe3315ef1ab481d0cdba 2051081 jetty_6.1.20.orig.tar.gz
 fd0b083a6b199d0aebf6b15f5796f006f4333460 18125 jetty_6.1.20-1.diff.gz
 e31651813c90383cb7ddc1cc8069fdfbe082ef5e 769390 libjetty-java_6.1.20-1_all.deb
 29182c16ef3ae40947429305ebc251f7d2b34985 745354 libjetty-java-doc_6.1.20-1_all.deb
 cf455696221952ccee11e5fb04399792a28fe582 254872 libjetty-extra-java_6.1.20-1_all.deb
 4f55ca9d4a04773025e26ab7ba410934f4a6e7d1 848986 jetty_6.1.20-1_all.deb
 7642167b67aed0614c2c6eb3f9d92abff97ab4eb 68278 libjetty-setuid-java_6.1.20-1_amd64.deb
Checksums-Sha256: 
 270ee8453b154f2c9c41e99c14328da7e68eabdfeb1a8bc403e0e8ac4cfbc80a 1605 jetty_6.1.20-1.dsc
 213a436999ce5614869a359335c834a7dbb61c4aa94e018e9a801fbc59ffcb49 2051081 jetty_6.1.20.orig.tar.gz
 dce11b30abcfda11e9b943d3d5cdf560018c020b411e33b42fd1851fa9dbb1fa 18125 jetty_6.1.20-1.diff.gz
 70a60804575b8fd95d730a29d5990140d09a7c046a3fccd13064d1590344bdc4 769390 libjetty-java_6.1.20-1_all.deb
 00ac7ffc3c7df0a0ad539c36e65dc8043d62a199c29c200bcff999c5b17b3922 745354 libjetty-java-doc_6.1.20-1_all.deb
 2139cb11284b339c8c88f94c3dba37fd30696896edad54caddd534437935342e 254872 libjetty-extra-java_6.1.20-1_all.deb
 fae4889da4f0e8769557943164325ead0e2ba0fc5b01d1845171dc4e4764ec8a 848986 jetty_6.1.20-1_all.deb
 5b7e3056d86908840d213320485c73d2fce10fc4b383f3ea8338853e70e94636 68278 libjetty-setuid-java_6.1.20-1_amd64.deb
Files: 
 6951ff5cd4d591e4ecdc3fde42ce1d8b 1605 java optional jetty_6.1.20-1.dsc
 891a807131b74b67e2ebaf3c631614e1 2051081 java optional jetty_6.1.20.orig.tar.gz
 c1f0540c34722f8c70001a47525f6c1a 18125 java optional jetty_6.1.20-1.diff.gz
 4252291b405972d97b2434e22d99a7ab 769390 java optional libjetty-java_6.1.20-1_all.deb
 8aa6ee5712c6ad84057cd0aec4223740 745354 doc optional libjetty-java-doc_6.1.20-1_all.deb
 20fe0fb192e5a6b7b98abc0e692f5a8d 254872 java optional libjetty-extra-java_6.1.20-1_all.deb
 508bf888d8d5f68e6320c5dafdc39541 848986 java optional jetty_6.1.20-1_all.deb
 4084484c2e3bd42fd01199f6d1c9986e 68278 java optional libjetty-setuid-java_6.1.20-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqkJ2MACgkQfY3dicTPjsOt4ACgjKmi/dkLbrgo+WbHmryTATFG
/VkAn2OKy6HFaZe6ChA28efD7B+fa26S
=vKvG
-----END PGP SIGNATURE-----


Accepted:
jetty_6.1.20-1.diff.gz
  to pool/main/j/jetty/jetty_6.1.20-1.diff.gz
jetty_6.1.20-1.dsc
  to pool/main/j/jetty/jetty_6.1.20-1.dsc
jetty_6.1.20-1_all.deb
  to pool/main/j/jetty/jetty_6.1.20-1_all.deb
jetty_6.1.20.orig.tar.gz
  to pool/main/j/jetty/jetty_6.1.20.orig.tar.gz
libjetty-extra-java_6.1.20-1_all.deb
  to pool/main/j/jetty/libjetty-extra-java_6.1.20-1_all.deb
libjetty-java-doc_6.1.20-1_all.deb
  to pool/main/j/jetty/libjetty-java-doc_6.1.20-1_all.deb
libjetty-java_6.1.20-1_all.deb
  to pool/main/j/jetty/libjetty-java_6.1.20-1_all.deb
libjetty-setuid-java_6.1.20-1_amd64.deb
  to pool/main/j/jetty/libjetty-setuid-java_6.1.20-1_amd64.deb