Please merge with latest upstream from Debian
Bug #1462747 reported by
Guillaume Delacour
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
memcached (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Hi,
The Ubuntu archive is still sticked on 1.4.14-0u9 while Debian has 1.4.24-1, i think it could be great if Ubuntu use the last version available in Debian.
To post a comment you must log in.
Can you please review which of our changes were already applied in Debian? Syncing would effectively mean dropping all our changes. Ubuntu currently has the following changes applied on top of Debian's 1.4.14:
* SECURITY UPDATE: denial of service via large body length patches/ CVE-2011- 4971.patch: check length in memcached.c, patches/ CVE-2013- 0179.patch: properly format key in items.c, patches/ CVE-2013- 7239.patch: explicitly record sasl auth memcached. postinst: don't create home directory so we don't end patches/ fix-distributio n.patch: added patch to show fix_racey_ test.patch: Dropped, applied upstream. memcached- fix-hash. patch: Change regex to make sure memcached- fix-hash. patch: Apply patch to allow passing 50_fix_ racey_test. patch: Cherry picked patch from 50_add_ init_retry. patch: Dropped - superceeded by Debian
- debian/
added test to t/issue_192.t.
- CVE-2011-4971
* SECURITY UPDATE: denial of service when using -vv
- debian/
memcached.c.
- CVE-2013-0179
* SECURITY UPDATE: SASL authentication bypass
- debian/
states in memcached.*, added test to t/binary-sasl.t.
- CVE-2013-7239
* debian/
up with /nonexistent. Thanks to Dustin Lundquist for patch.
(LP: #1255328)
* Revert unnecessary deltas added to patches compared to Debian.
* Revert use of dh-autoreconf and patch configure manually to
match configure.ac, as this package despises modern autotools.
* debian/rules: Fix the previous fixes a little harder, so they work.
* debian/rules: Shuffle things around so that dh_autoreconf is always
run before dh_quilt_patch. Fixes FTBFS with dpkg-buildpackage -B.
* debian/control: added lsb-release, dh-autoreconf to build depends
* debian/rules: run autoreconf
* debian/
distribution on version
* Move dh_quilt_apply into configure step so that config.{sub,guess}
patches get applied before running configure. (LP: #1218114)
* Update config.{guess,sub} for Aarch64.
* debian/tests: Add autopkgtest.
* d/p/60_
* d/p/start-
inline comments can function per feedback from upstream. Passing
"#" to arguments now requires escaping with \.
* d/p/start-
# as a value for memcached options such as -D to use # as a prefix
delimiter for stats collection. (LP: #1005821)
- Run as 'memcache' user instead of nobody.
- Depend on adduser for preinst/postrm.
- Create user in postinst.
- d/rules: run test suite on build.
- d/patches/
upstream bug tracker which endeavours to avoid the race condition.
Thanks to Clint Byrum for this fix.
- d/patches/
patch.