Moritz Mühlenhoff [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Merge trafficserver (8.0.2+ds-1+deb10u5) import into refs/heads/workingbranch
Evan Zelkowitz [Tue, 22 Jun 2021 21:32:55 +0000 (14:32 -0700)]
[PATCH] Fixes (#7971)
* String the url fragment for outgoing requests (#7966)
Co-authored-by: Susan Hinrichs <shinrich@verizonmedia.com>
(cherry picked from commit
2b13eb33794574e62249997b4ba654d943a10f2d)
* Ensure that the content-length value is only digits (#7964)
Co-authored-by: Susan Hinrichs <shinrich@verizonmedia.com>
(cherry picked from commit
668d0f8668fec1cd350b0ceba3f7f8e4020ae3ca)
* Schedule H2 reenable event only if it's necessary
Co-authored-by: Katsutoshi Ikenoya <kikenoya@yahoo-corp.jp>
* Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945)
* Fix dynamic-stack-buffer-overflow of cachekey plugin
* Check dst_size include null termination
(cherry picked from commit
5a9339d7bc65e1c2d8d2a0fc80bb051daf3cdb0b)
Co-authored-by: Bryan Call <bcall@apache.org>
Co-authored-by: Masakazu Kitajo <maskit@apache.org>
Co-authored-by: Katsutoshi Ikenoya <kikenoya@yahoo-corp.jp>
Co-authored-by: Masaori Koshiba <masaori@apache.org>
Gbp-Pq: Name 0019-CVE-2021-35474_32567_32566_32565_27577.patch
Brian Neradt [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
CVE-2020-17509
Origin: backport
Applied-upstream: https://github.com/apache/trafficserver/pull/7359
Last-Update: 2020-06-25
Last-Update: 2020-06-25
Gbp-Pq: Name 0018-CVE-2020-17509.patch
Brian Neradt [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
CVE-2020-17508
Origin: backport
Applied-upstream: https://github.com/apache/trafficserver/pull/7358
Last-Update: 2020-12-06
Last-Update: 2020-12-06
Gbp-Pq: Name 0018-CVE-2020-17508.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
CVE-2020-9494
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6922
Last-Update: 2020-06-25
Last-Update: 2020-06-25
Gbp-Pq: Name 0017-CVE-2020-9494.patch
Aron Xu [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
CVE-2020-9481
===================================================================
Gbp-Pq: Name 0016-CVE-2020-9481.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix for CVE-2020-1944
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6390
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2020-1944.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix for CVE-2019-17565
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6398
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17565.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix for CVE-2019-17559
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6389
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17559.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
HTTP/2 fix with realloc (CVE-2019-9518)
Origin: backport, https://github.com/apache/trafficserver/pull/5850
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.5-CVE-backport.patch
Bryan Call [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
HTTP/2 rate limiting
Origin: backport, https://github.com/apache/trafficserver/pull/5822
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Fix for CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-10079
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.4-CVE-backport.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Update compilation chain after embedded libyamlcpp removal
Origin: other
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-30
Last-Update: 2019-01-30
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix Perl interpreter path
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix various speeling issues
Forwarded: https://github.com/apache/trafficserver/pull/4750
Applied-Upstream: https://github.com/apache/trafficserver/commit/
af0ad4a1880a21743e98331855bb78e15d5406ef
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0012-fix-spelling-checks.patch
zhang [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix Segmentation fault in ShowCache::handleCacheEvent
Origin: upstream
Bug: https://github.com/apache/trafficserver/issues/4328
Applied-Upstream: https://github.com/apache/trafficserver/commit/
616eb10bfc35599a2c93ff30879d584a05ddf83e
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-17
Last-Update: 2018-10-17
Gbp-Pq: Name 0011-fix-segfault.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Fix build issue with MySQL 8
Origin: other, https://bugs.launchpad.net/ubuntu/+source/trafficserver/+bug/
1795362
Forwarded: https://github.com/apache/trafficserver/pull/4360
Applied-Upstream: https://github.com/apache/trafficserver/commit/
05b30527974416768515506f69da338652c23260
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-06
The my_bool type is no longer used in MySQL source code.
Any third-party code that used this type to represent C
boolean variables should use the bool or int C type instead.
Last-Update: 2018-10-06
Gbp-Pq: Name 0009-fix-mysql-8-build.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Force python3 usage, add libfakeroot-sysv to blacklist
Origin: other
Last-Update: 2018-09-24
Last-Update: 2018-09-24
Gbp-Pq: Name 0008-fix-python-check-unused-dependencies.patch
Jean Baptiste Favre [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Make documentation build works outside of git repository
Origin: other
Last-Update: 2019-01-03
Current documentation build requires git and curl to get some stuff from the internet
This patch aims to delete those dependencies, forcing git branch to master,
and using Debian provided plantuml instead of downloading it from apache mirror
Last-Update: 2019-01-03
Gbp-Pq: Name 0006-fix-doc-build.patch
Reiner Herrmann [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
make the build reproducible
Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2016-11-18
Last-Update: 2016-11-18
Gbp-Pq: Name 0003-reproductible-build.patch
Aron Xu [Tue, 2 Feb 2016 04:17:24 +0000 (12:17 +0800)]
Use -mcx16 on x86 platforms only
Gbp-Pq: Name 0001-Use-mcx16-on-x86-platforms-only.patch
Moritz Mühlenhoff [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
trafficserver (8.0.2+ds-1+deb10u5) buster-security; urgency=medium
* CVE-2021-35474 CVE-2021-32567 CVE-2021-32566 CVE_2021-32565
CVE-2021-27577 (Closes: #990303)
[dgit import unpatched trafficserver 8.0.2+ds-1+deb10u5]
Moritz Mühlenhoff [Mon, 26 Jul 2021 20:59:59 +0000 (21:59 +0100)]
Import trafficserver_8.0.2+ds-1+deb10u5.debian.tar.xz
[dgit import tarball trafficserver 8.0.2+ds-1+deb10u5 trafficserver_8.0.2+ds-1+deb10u5.debian.tar.xz]
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Merge trafficserver (8.0.2+ds-1+deb10u4) import into refs/heads/workingbranch
Brian Neradt [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
CVE-2020-17509
Origin: backport
Applied-upstream: https://github.com/apache/trafficserver/pull/7359
Last-Update: 2020-06-25
Last-Update: 2020-06-25
Gbp-Pq: Name 0018-CVE-2020-17509.patch
Brian Neradt [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
CVE-2020-17508
Origin: backport
Applied-upstream: https://github.com/apache/trafficserver/pull/7358
Last-Update: 2020-12-06
Last-Update: 2020-12-06
Gbp-Pq: Name 0018-CVE-2020-17508.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
CVE-2020-9494
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6922
Last-Update: 2020-06-25
Last-Update: 2020-06-25
Gbp-Pq: Name 0017-CVE-2020-9494.patch
Aron Xu [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
CVE-2020-9481
===================================================================
Gbp-Pq: Name 0016-CVE-2020-9481.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix for CVE-2020-1944
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6390
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2020-1944.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix for CVE-2019-17565
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6398
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17565.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix for CVE-2019-17559
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6389
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17559.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
HTTP/2 fix with realloc (CVE-2019-9518)
Origin: backport, https://github.com/apache/trafficserver/pull/5850
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.5-CVE-backport.patch
Bryan Call [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
HTTP/2 rate limiting
Origin: backport, https://github.com/apache/trafficserver/pull/5822
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Fix for CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-10079
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.4-CVE-backport.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Update compilation chain after embedded libyamlcpp removal
Origin: other
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-30
Last-Update: 2019-01-30
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix Perl interpreter path
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix various speeling issues
Forwarded: https://github.com/apache/trafficserver/pull/4750
Applied-Upstream: https://github.com/apache/trafficserver/commit/
af0ad4a1880a21743e98331855bb78e15d5406ef
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0012-fix-spelling-checks.patch
zhang [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix Segmentation fault in ShowCache::handleCacheEvent
Origin: upstream
Bug: https://github.com/apache/trafficserver/issues/4328
Applied-Upstream: https://github.com/apache/trafficserver/commit/
616eb10bfc35599a2c93ff30879d584a05ddf83e
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-17
Last-Update: 2018-10-17
Gbp-Pq: Name 0011-fix-segfault.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Fix build issue with MySQL 8
Origin: other, https://bugs.launchpad.net/ubuntu/+source/trafficserver/+bug/
1795362
Forwarded: https://github.com/apache/trafficserver/pull/4360
Applied-Upstream: https://github.com/apache/trafficserver/commit/
05b30527974416768515506f69da338652c23260
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-06
The my_bool type is no longer used in MySQL source code.
Any third-party code that used this type to represent C
boolean variables should use the bool or int C type instead.
Last-Update: 2018-10-06
Gbp-Pq: Name 0009-fix-mysql-8-build.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Force python3 usage, add libfakeroot-sysv to blacklist
Origin: other
Last-Update: 2018-09-24
Last-Update: 2018-09-24
Gbp-Pq: Name 0008-fix-python-check-unused-dependencies.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Make documentation build works outside of git repository
Origin: other
Last-Update: 2019-01-03
Current documentation build requires git and curl to get some stuff from the internet
This patch aims to delete those dependencies, forcing git branch to master,
and using Debian provided plantuml instead of downloading it from apache mirror
Last-Update: 2019-01-03
Gbp-Pq: Name 0006-fix-doc-build.patch
Reiner Herrmann [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
make the build reproducible
Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2016-11-18
Last-Update: 2016-11-18
Gbp-Pq: Name 0003-reproductible-build.patch
Aron Xu [Tue, 2 Feb 2016 04:17:24 +0000 (12:17 +0800)]
Use -mcx16 on x86 platforms only
Gbp-Pq: Name 0001-Use-mcx16-on-x86-platforms-only.patch
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
trafficserver (8.0.2+ds-1+deb10u4) buster-security; urgency=high
* Add fix from upstream for CVE-2020-17508
* Add fix from upstream for CVE-2020-17509
[dgit import unpatched trafficserver 8.0.2+ds-1+deb10u4]
Jean Baptiste Favre [Sun, 6 Dec 2020 16:00:17 +0000 (16:00 +0000)]
Import trafficserver_8.0.2+ds-1+deb10u4.debian.tar.xz
[dgit import tarball trafficserver 8.0.2+ds-1+deb10u4 trafficserver_8.0.2+ds-1+deb10u4.debian.tar.xz]
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Merge trafficserver (8.0.2+ds-1+deb10u3) import into refs/heads/workingbranch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
CVE-2020-9494
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6922
Last-Update: 2020-06-25
Last-Update: 2020-06-25
Gbp-Pq: Name 0017-CVE-2020-9494.patch
Aron Xu [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
CVE-2020-9481
===================================================================
Gbp-Pq: Name 0016-CVE-2020-9481.patch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix for CVE-2020-1944
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6390
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2020-1944.patch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix for CVE-2019-17565
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6398
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17565.patch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix for CVE-2019-17559
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6389
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17559.patch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
HTTP/2 fix with realloc (CVE-2019-9518)
Origin: backport, https://github.com/apache/trafficserver/pull/5850
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.5-CVE-backport.patch
Bryan Call [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
HTTP/2 rate limiting
Origin: backport, https://github.com/apache/trafficserver/pull/5822
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Fix for CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-10079
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.4-CVE-backport.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Update compilation chain after embedded libyamlcpp removal
Origin: other
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-30
Last-Update: 2019-01-30
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix Perl interpreter path
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix various speeling issues
Forwarded: https://github.com/apache/trafficserver/pull/4750
Applied-Upstream: https://github.com/apache/trafficserver/commit/
af0ad4a1880a21743e98331855bb78e15d5406ef
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0012-fix-spelling-checks.patch
zhang [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix Segmentation fault in ShowCache::handleCacheEvent
Origin: upstream
Bug: https://github.com/apache/trafficserver/issues/4328
Applied-Upstream: https://github.com/apache/trafficserver/commit/
616eb10bfc35599a2c93ff30879d584a05ddf83e
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-17
Last-Update: 2018-10-17
Gbp-Pq: Name 0011-fix-segfault.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Fix build issue with MySQL 8
Origin: other, https://bugs.launchpad.net/ubuntu/+source/trafficserver/+bug/
1795362
Forwarded: https://github.com/apache/trafficserver/pull/4360
Applied-Upstream: https://github.com/apache/trafficserver/commit/
05b30527974416768515506f69da338652c23260
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-06
The my_bool type is no longer used in MySQL source code.
Any third-party code that used this type to represent C
boolean variables should use the bool or int C type instead.
Last-Update: 2018-10-06
Gbp-Pq: Name 0009-fix-mysql-8-build.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Force python3 usage, add libfakeroot-sysv to blacklist
Origin: other
Last-Update: 2018-09-24
Last-Update: 2018-09-24
Gbp-Pq: Name 0008-fix-python-check-unused-dependencies.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Make documentation build works outside of git repository
Origin: other
Last-Update: 2019-01-03
Current documentation build requires git and curl to get some stuff from the internet
This patch aims to delete those dependencies, forcing git branch to master,
and using Debian provided plantuml instead of downloading it from apache mirror
Last-Update: 2019-01-03
Gbp-Pq: Name 0006-fix-doc-build.patch
Reiner Herrmann [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
make the build reproducible
Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2016-11-18
Last-Update: 2016-11-18
Gbp-Pq: Name 0003-reproductible-build.patch
Aron Xu [Tue, 2 Feb 2016 04:17:24 +0000 (12:17 +0800)]
Use -mcx16 on x86 platforms only
Gbp-Pq: Name 0001-Use-mcx16-on-x86-platforms-only.patch
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
trafficserver (8.0.2+ds-1+deb10u3) buster-security; urgency=high
* Add fix from upstream for CVE-2020-9494 (Closes: #963629)
[dgit import unpatched trafficserver 8.0.2+ds-1+deb10u3]
Jean Baptiste Favre [Thu, 25 Jun 2020 17:58:34 +0000 (18:58 +0100)]
Import trafficserver_8.0.2+ds-1+deb10u3.debian.tar.xz
[dgit import tarball trafficserver 8.0.2+ds-1+deb10u3 trafficserver_8.0.2+ds-1+deb10u3.debian.tar.xz]
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Merge trafficserver (8.0.2+ds-1+deb10u2) import into refs/heads/workingbranch
Aron Xu [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
CVE-2020-9481
===================================================================
Gbp-Pq: Name 0016-CVE-2020-9481.patch
Bryan Call [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix for CVE-2020-1944
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6390
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2020-1944.patch
Bryan Call [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix for CVE-2019-17565
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6398
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17565.patch
Bryan Call [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix for CVE-2019-17559
Origin: backport
Applied-Upstream: https://github.com/apache/trafficserver/pull/6389
Last-Update: 2020-04-16
Last-Update: 2020-04-16
Gbp-Pq: Name 0016-CVE-2019-17559.patch
Bryan Call [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
HTTP/2 fix with realloc (CVE-2019-9518)
Origin: backport, https://github.com/apache/trafficserver/pull/5850
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.5-CVE-backport.patch
Bryan Call [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
HTTP/2 rate limiting
Origin: backport, https://github.com/apache/trafficserver/pull/5822
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-08-26
Fix for CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-10079
Last-Update: 2019-08-26
Gbp-Pq: Name 0015-8.0.4-CVE-backport.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Update compilation chain after embedded libyamlcpp removal
Origin: other
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-30
Last-Update: 2019-01-30
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix Perl interpreter path
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix various speeling issues
Forwarded: https://github.com/apache/trafficserver/pull/4750
Applied-Upstream: https://github.com/apache/trafficserver/commit/
af0ad4a1880a21743e98331855bb78e15d5406ef
Last-Update: 2019-01-03
Last-Update: 2019-01-03
Gbp-Pq: Name 0012-fix-spelling-checks.patch
zhang [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix Segmentation fault in ShowCache::handleCacheEvent
Origin: upstream
Bug: https://github.com/apache/trafficserver/issues/4328
Applied-Upstream: https://github.com/apache/trafficserver/commit/
616eb10bfc35599a2c93ff30879d584a05ddf83e
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-17
Last-Update: 2018-10-17
Gbp-Pq: Name 0011-fix-segfault.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Fix build issue with MySQL 8
Origin: other, https://bugs.launchpad.net/ubuntu/+source/trafficserver/+bug/
1795362
Forwarded: https://github.com/apache/trafficserver/pull/4360
Applied-Upstream: https://github.com/apache/trafficserver/commit/
05b30527974416768515506f69da338652c23260
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2018-10-06
The my_bool type is no longer used in MySQL source code.
Any third-party code that used this type to represent C
boolean variables should use the bool or int C type instead.
Last-Update: 2018-10-06
Gbp-Pq: Name 0009-fix-mysql-8-build.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Force python3 usage, add libfakeroot-sysv to blacklist
Origin: other
Last-Update: 2018-09-24
Last-Update: 2018-09-24
Gbp-Pq: Name 0008-fix-python-check-unused-dependencies.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Make documentation build works outside of git repository
Origin: other
Last-Update: 2019-01-03
Current documentation build requires git and curl to get some stuff from the internet
This patch aims to delete those dependencies, forcing git branch to master,
and using Debian provided plantuml instead of downloading it from apache mirror
Last-Update: 2019-01-03
Gbp-Pq: Name 0006-fix-doc-build.patch
Reiner Herrmann [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
make the build reproducible
Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2016-11-18
Last-Update: 2016-11-18
Gbp-Pq: Name 0003-reproductible-build.patch
Aron Xu [Tue, 2 Feb 2016 04:17:24 +0000 (12:17 +0800)]
Use -mcx16 on x86 platforms only
Gbp-Pq: Name 0001-Use-mcx16-on-x86-platforms-only.patch
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
trafficserver (8.0.2+ds-1+deb10u2) buster-security; urgency=medium
* Add fix from upstream for CVE-2019-17559
* Add fix from upstream for CVE-2019-17565
* Add fix from upstream for CVE-2020-1944
* Add fix from upstream for CVE-2020-9481
[dgit import unpatched trafficserver 8.0.2+ds-1+deb10u2]
Jean Baptiste Favre [Thu, 16 Apr 2020 19:36:40 +0000 (20:36 +0100)]
Import trafficserver_8.0.2+ds-1+deb10u2.debian.tar.xz
[dgit import tarball trafficserver 8.0.2+ds-1+deb10u2 trafficserver_8.0.2+ds-1+deb10u2.debian.tar.xz]
Jean Baptiste Favre [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
Merge trafficserver (8.0.2+ds-1+deb10u1) import into refs/heads/workingbranch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
.0.5-CVE-backport
Gbp-Pq: Name 0015-8.0.5-CVE-backport.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
.0.4-CVE-backport
Gbp-Pq: Name 0015-8.0.4-CVE-backport.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
use_system_yaml-cpp
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-perl-interpreter-path
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-spelling-checks
Gbp-Pq: Name 0012-fix-spelling-checks.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-segfault
Gbp-Pq: Name 0011-fix-segfault.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-mysql-8-build
Gbp-Pq: Name 0009-fix-mysql-8-build.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-python-check-unused-dependencies
Gbp-Pq: Name 0008-fix-python-check-unused-dependencies.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
fix-doc-build
Gbp-Pq: Name 0006-fix-doc-build.patch
Aron Xu [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
reproductible-build
Gbp-Pq: Name 0003-reproductible-build.patch
Aron Xu [Tue, 2 Feb 2016 04:17:24 +0000 (12:17 +0800)]
Use -mcx16 on x86 platforms only
Gbp-Pq: Name 0001-Use-mcx16-on-x86-platforms-only.patch
Jean Baptiste Favre [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
trafficserver (8.0.2+ds-1+deb10u1) buster-security; urgency=high
* Add patch for security backport from 8.0.4 for CVE-2019-9512,
CVE-2019-9514, and CVE-2019-9515. (Closes: #934887)
* Add patch for security backport from 8.0.5 for fixes
CVE-2019-9518 (Closes: #935314)
[dgit import unpatched trafficserver 8.0.2+ds-1+deb10u1]
Jean Baptiste Favre [Mon, 26 Aug 2019 11:55:33 +0000 (12:55 +0100)]
Import trafficserver_8.0.2+ds-1+deb10u1.debian.tar.xz
[dgit import tarball trafficserver 8.0.2+ds-1+deb10u1 trafficserver_8.0.2+ds-1+deb10u1.debian.tar.xz]
Jean Baptiste Favre [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
Import trafficserver_8.0.2+ds.orig.tar.xz
[dgit import orig trafficserver_8.0.2+ds.orig.tar.xz]
Jean Baptiste Favre [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
Merge trafficserver (8.0.2+ds-1) import into refs/heads/workingbranch
Aron Xu [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
use_system_yaml-cpp
Gbp-Pq: Name 0014-use_system_yaml-cpp.patch
Aron Xu [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
fix-perl-interpreter-path
Gbp-Pq: Name 0013-fix-perl-interpreter-path.patch
Aron Xu [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
fix-spelling-checks
Gbp-Pq: Name 0012-fix-spelling-checks.patch
Aron Xu [Wed, 30 Jan 2019 13:45:09 +0000 (13:45 +0000)]
fix-segfault
Gbp-Pq: Name 0011-fix-segfault.patch
projects / trafficserver.git / log