Processed: Re: Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-08-12 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #862363 [release.debian.org] jessie-pu: package dwww/1.12.1+deb8u1
Added tag(s) pending.

-- 
862363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-08-12 Thread Adam D. Barratt 
Control: tags -1 + pending

On Tue, 2017-08-08 at 15:41 -0400, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Wed, 2017-07-05 at 23:39 +0200, Robert Luberda wrote:
> > +dwww (1.12.1+deb8u1) jessie; urgency=medium
> > +
> > +  * Fix an old typo in the `Last-Modified' header name that prevents dwww
> > +from working correctly on systems running the latest available jessie
> > +version of apache2, which as a part its security update for
> > CVE-2016-8743
> > +started enforcing HTTP headers conformance with the appropriate
> > standards
> > +(closes: #850016, #850885).
> =
> 
> Apologies for the delay in getting back to you; please go ahead.
> 
> [...]
> > Would this be accepted? If yes, could you please let me know how should
> > I upload this, as I haven't uploaded anything to stable for ages?
> 
> Build the package in a jessie chroot, then simply upload it as you would
> for a package destined for any other suite in the main archive (e.g.
> unstable). The archive software will automagically do the right thing
> based on the changelog (more specifically the .changes) using a target
> distribution of "jessie".

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-08-08 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #862363 [release.debian.org] jessie-pu: package dwww/1.12.1+deb8u1
Added tag(s) confirmed.

-- 
862363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-08-08 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Wed, 2017-07-05 at 23:39 +0200, Robert Luberda wrote:
> +dwww (1.12.1+deb8u1) jessie; urgency=medium
> +
> +  * Fix an old typo in the `Last-Modified' header name that prevents dwww
> +from working correctly on systems running the latest available jessie
> +version of apache2, which as a part its security update for
> CVE-2016-8743
> +started enforcing HTTP headers conformance with the appropriate
> standards
> +(closes: #850016, #850885).
=

Apologies for the delay in getting back to you; please go ahead.

[...]
> Would this be accepted? If yes, could you please let me know how should
> I upload this, as I haven't uploaded anything to stable for ages?

Build the package in a jessie chroot, then simply upload it as you would
for a package destined for any other suite in the main archive (e.g.
unstable). The archive software will automagically do the right thing
based on the changelog (more specifically the .changes) using a target
distribution of "jessie".

Regards,

Adam

Processed: Re: Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-07-05 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reopen 862363 !
Bug #862363 {Done: Adrian Bunk } [release.debian.org] 
jessie-pu: package dwww/1.12.1+deb8u1
Bug reopened
Changed Bug submitter to 'Robert Luberda ' from 'Adrian Bunk 
'.
Ignoring request to alter fixed versions of bug #862363 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-07-05 Thread Robert Luberda 
reopen 862363 !
thanks

Cyril Brulebois writes:

>> Could you please approve this change and allow Adrian to proceed with
>> the NMU?
>>
>> It fixes a pretty old bug in dwww that was recently made visible (and
>> thus made dwww mostly unusable) due to the security upload of apache2
>> into jessie.
> 
> This is the kind of things that should have been in the pu request. This
> should also be mentioned in the changelog. Fixing bugs is great, but
> providing explanations while doing so is even better.
> 

I can see that Adrian has closed the bug report, so I've just prepared
another version of the patch:


diff --git a/debian/changelog b/debian/changelog
index d30cd60..48f6a8d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+dwww (1.12.1+deb8u1) jessie; urgency=medium
+
+  * Fix an old typo in the `Last-Modified' header name that prevents dwww
+from working correctly on systems running the latest available jessie
+version of apache2, which as a part its security update for
CVE-2016-8743
+started enforcing HTTP headers conformance with the appropriate
standards
+(closes: #850016, #850885).
+
 dwww (1.12.1) unstable; urgency=medium

   * apache.conf: add an `Alias /dwww /var/www/dwww' line to accommodate
diff --git a/scripts/dwww-convert b/scripts/dwww-convert
index a9792c5..d296d32 100755
--- a/scripts/dwww-convert
+++ b/scripts/dwww-convert
@@ -327,7 +327,7 @@ sub PrintHeaders() { # {{{
 print "Content-type: $mime_type" . (defined $mime_charset ? ";
charset=$mime_charset\n" : "\n");
 my @stat = stat( $filename );
 my $mtime = $stat[9];
-print "Last modified: " . gmtime($mtime) . "\n";
+print "Last-modified: " . gmtime($mtime) . "\n";
 print "Content-Disposition: inline; filename=\"$base_name\"\n";
 print "\n";
 } # }}}


Would this be accepted? If yes, could you please let me know how should
I upload this, as I haven't uploaded anything to stable for ages?

Regards,
robert

Processed: Re: Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-06-27 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 moreinfo
Bug #862363 [release.debian.org] jessie-pu: package dwww/1.12.1+deb8u1
Added tag(s) moreinfo.

-- 
862363: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862363
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-06-27 Thread Cyril Brulebois 
Control: tag -1 moreinfo

Hi,

Robert Luberda  (2017-05-20):
> Adrian Bunk wrote:

[ a patch with no context whatsoever ]

Seriously?!

> Could you please approve this change and allow Adrian to proceed with
> the NMU?
> 
> It fixes a pretty old bug in dwww that was recently made visible (and
> thus made dwww mostly unusable) due to the security upload of apache2
> into jessie.

This is the kind of things that should have been in the pu request. This
should also be mentioned in the changelog. Fixing bugs is great, but
providing explanations while doing so is even better.


KiBi.


signature.asc
Description: Digital signature

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-05-20 Thread Adam D. Barratt 
On Sat, 2017-05-20 at 11:40 +0200, Robert Luberda wrote:
> Could you please approve this change and allow Adrian to proceed with
> the NMU?
> 
> It fixes a pretty old bug in dwww that was recently made visible (and
>  thus made dwww mostly unusable) due to the security upload of apache2
> into jessie.

When someone has time to review it, they'll do so. Prioritising this
request over others right now won't change when the fix reaches users.

Adrian's request was filed just over a week ago; that's not really a
long time to wait, particularly at this stage of a freeze.

Regards,

Adam

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-05-20 Thread Robert Luberda 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Adrian Bunk wrote:

Hi,

> 
> debian/changelog |8  scripts/dwww-convert |2
> +- 2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff -Nru dwww-1.12.1/debian/changelog
> dwww-1.12.1+deb8u1/debian/changelog ---
> dwww-1.12.1/debian/changelog  2014-01-14 00:10:17.0 +0200 
> +++ dwww-1.12.1+deb8u1/debian/changelog   2017-05-11
> 22:14:30.0 +0300 @@ -1,3 +1,11 @@ +dwww (1.12.1+deb8u1)
> jessie; urgency=medium + +  * Non-maintainer upload. +  * Apply fix
> from Holger Spielmann for the `Last-Modified' header. +(Closes:
> #850016, #850885) + + -- Adrian Bunk   Thu, 11 May
> 2017 22:07:36 +0300 + dwww (1.12.1) unstable; urgency=medium
> 
> * apache.conf: add an `Alias /dwww /var/www/dwww' line to
> accommodate diff -Nru dwww-1.12.1/scripts/dwww-convert
> dwww-1.12.1+deb8u1/scripts/dwww-convert ---
> dwww-1.12.1/scripts/dwww-convert  2014-01-14 00:10:17.0
> +0200 +++ dwww-1.12.1+deb8u1/scripts/dwww-convert 2017-05-11
> 22:03:26.0 +0300 @@ -327,7 +327,7 @@ print "Content-type:
> $mime_type" . (defined $mime_charset ? "; charset=$mime_charset\n"
> : "\n"); my @stat = stat( $filename ); my $mtime = $stat[9]; -
> print "Last modified: " . gmtime($mtime) . "\n"; +print
> "Last-modified: " . gmtime($mtime) . "\n"; print
> "Content-Disposition: inline; filename=\"$base_name\"\n"; print
> "\n"; } # }}}
> 


Release Team,

Could you please approve this change and allow Adrian to proceed with
the NMU?

It fixes a pretty old bug in dwww that was recently made visible (and
 thus made dwww mostly unusable) due to the security upload of apache2
into jessie.

Regads,
robert, dwww maintainer



-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEENeh2+rTTcy6TtNI3Yx3nVTvor9QFAlkgDvoACgkQYx3nVTvo
r9TEpxAAq+rfbXQzAHBv88RC28dbzo4D5c2Op2w/cuwQaV6kQZB089wsRuTtW4f2
7GovlpbwfXZR2TIp98KN3+kinz+CySu0n/XpKyfgFzdKUGuCVdoNpNLJV/YhXAWA
E7t+BhGFIj0MTI1b4vDe4ZPxIDhtxFwFI57iW6G7RzqHOL6gVPbk4NZW+LKgaCma
piW3ec7SGUR+ZTCa5QzMLCr9YUpubzeUBLD1EesFTtnjPZAyLqjYpEYQryRI/Udt
WLISOyyRUCECcq89ff2FbR2Z62AOKHGFuR2dFLL41H5up69NRh/hK1JzwKBBVRCG
2v79CJy9gX8Ee8S4o9LvAbPeBwu0ga9WIcutMngbjJzLi+C2Qaex7A6D6zXzk3x5
XSMwFFB53eW1UJX4R0HZ+4V8D9ai1os3wTEDMpb/i2ZyeUFr138NtRDLL/hxqWqn
Hmm/0XgzR0f6Nzvhmq25vbXgbAq2FIhsjA2s2b6dmktU5lSB92PdxrES9rnWFMXe
g7J1rccrQ+n1C2YIzwxlvyZxtx2NkjfzzeWSP4gHdWOlfk8biorltMeURpxUV5X8
G0YPmj9uf0Ilx5fNTAoqfAb/wyLwM2ky46N8mO4jlVLJO8c+YL0LqDaQslurjTJw
9gqa9W4wgdPpRd7v4Ygamo/rpExLATaPmZYOUTHsg6rzdLfdD3c=
=zpV9
-END PGP SIGNATURE-

Bug#862363: jessie-pu: package dwww/1.12.1+deb8u1

2017-05-11 Thread Adrian Bunk 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu


 debian/changelog |8 
 scripts/dwww-convert |2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff -Nru dwww-1.12.1/debian/changelog dwww-1.12.1+deb8u1/debian/changelog
--- dwww-1.12.1/debian/changelog2014-01-14 00:10:17.0 +0200
+++ dwww-1.12.1+deb8u1/debian/changelog 2017-05-11 22:14:30.0 +0300
@@ -1,3 +1,11 @@
+dwww (1.12.1+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Apply fix from Holger Spielmann for the `Last-Modified' header.
+(Closes: #850016, #850885)
+
+ -- Adrian Bunk   Thu, 11 May 2017 22:07:36 +0300
+
 dwww (1.12.1) unstable; urgency=medium
 
   * apache.conf: add an `Alias /dwww /var/www/dwww' line to accommodate
diff -Nru dwww-1.12.1/scripts/dwww-convert 
dwww-1.12.1+deb8u1/scripts/dwww-convert
--- dwww-1.12.1/scripts/dwww-convert2014-01-14 00:10:17.0 +0200
+++ dwww-1.12.1+deb8u1/scripts/dwww-convert 2017-05-11 22:03:26.0 
+0300
@@ -327,7 +327,7 @@
 print "Content-type: $mime_type" . (defined $mime_charset ? "; 
charset=$mime_charset\n" : "\n");
 my @stat = stat( $filename );
 my $mtime = $stat[9];
-print "Last modified: " . gmtime($mtime) . "\n";
+print "Last-modified: " . gmtime($mtime) . "\n";
 print "Content-Disposition: inline; filename=\"$base_name\"\n";
 print "\n";
 } # }}}