Branches for Utopic

Author: maozhou
Revision Date: 2016-02-19 08:34:56 UTC

add homepage (LP: #1547361)

Author: maozhou
Revision Date: 2016-01-22 08:22:46 UTC

this is a test example

Author: Adam Conrad
Revision Date: 2015-07-15 08:08:55 UTC

Enable building on all Linux architectures (LP: #1414818, #1470160)

Author: Adam Conrad
Revision Date: 2015-07-15 10:21:50 UTC

debian/patches/uninitialized-variables-O3.patch: Steal patch
from vivid/wily to fix build failure with -O3 on ppc64el.

Author: Seth Forshee
Revision Date: 2014-12-01 10:28:25 UTC

iwlwifi: update firmware for 3160 / 7260 / 7265
-LP: #1398171

Author: Steve Beattie
Revision Date: 2015-05-21 00:05:26 UTC

* SECURITY UPDATE: unsafe signal handling denial of service
  - nbd-server.c: move all signal handling logic away from the
    signal handler context to the main loop.
  - http://anonscm.debian.org/cgit/users/wouter/nbd.git/commit/?h=debian-jessie&id=383e4a70c3990be6561a02d8f068ba1fa77a2e12
  - CVE-2015-0847

Author: Steve Beattie
Revision Date: 2015-05-21 00:05:26 UTC

* SECURITY UPDATE: unsafe signal handling denial of service
  - nbd-server.c: move all signal handling logic away from the
    signal handler context to the main loop.
  - http://anonscm.debian.org/cgit/users/wouter/nbd.git/commit/?h=debian-jessie&id=383e4a70c3990be6561a02d8f068ba1fa77a2e12
  - CVE-2015-0847

Author: Mathieu Trudel-Lapierre
Revision Date: 2015-07-08 13:51:24 UTC

Add support for --- as a user-params separator (for parameters on the
kernel command-line) for parameters to pass on to the installed system.
(LP: #1402042)

Author: Marc Deslauriers
Revision Date: 2015-07-16 11:52:48 UTC

* SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1475294)
  - http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
  - CVE-2015-2582
  - CVE-2015-2620
  - CVE-2015-2643
  - CVE-2015-2648
  - CVE-2015-4737
  - CVE-2015-4752
  - CVE-2015-4757

Author: Marc Deslauriers
Revision Date: 2015-07-16 11:52:48 UTC

* SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1475294)
  - http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
  - CVE-2015-2582
  - CVE-2015-2620
  - CVE-2015-2643
  - CVE-2015-2648
  - CVE-2015-4737
  - CVE-2015-4752
  - CVE-2015-4757

Author: Adam Conrad
Revision Date: 2015-07-15 08:08:55 UTC

Enable building on all Linux architectures (LP: #1414818, #1470160)

Author: Steve Langasek
Revision Date: 2015-07-10 13:17:44 UTC

[ William Grant ]
* debian/patches/1020_fix_user_busy_errors:
  - libmisc/user_busy.c: Call sub_uid_close in all error cases, otherwise
    code that later opens it as RW fails obscurely. (LP: #1342875)

Author: Mathieu Trudel-Lapierre
Revision Date: 2015-07-08 13:51:24 UTC

Add support for --- as a user-params separator (for parameters on the
kernel command-line) for parameters to pass on to the installed system.
(LP: #1402042)

Author: Adam Conrad
Revision Date: 2015-07-15 10:21:50 UTC

debian/patches/uninitialized-variables-O3.patch: Steal patch
from vivid/wily to fix build failure with -O3 on ppc64el.

Author: Andres Rodriguez
Revision Date: 2015-07-10 13:47:40 UTC

* debian/control: Make maas-dns a Dependy of maas-region-controller.
* debian/maas-region-controller.postinst: Ensure DNS config migration is
  always run. (LP: #1413388)

Author: Robie Basak
Revision Date: 2015-07-09 15:17:51 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: dann frazier
Revision Date: 2015-06-12 17:01:44 UTC

Introduce full memory barrier support for arm64 and ppc64el to fix
corruption/hang issues (LP: #1427406).

Author: Patrik Lundin
Revision Date: 2015-03-04 16:16:19 UTC

Add 051_kdc_memleak patch based on Debian bug #746486. LP: #1422359

Author: Marc Deslauriers
Revision Date: 2015-07-07 14:39:48 UTC

* SECURITY UPDATE: denial of service and possible code execution
  - d/p/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch:
    check bounds and handle unexpected pixel depth in src/player/meta.h,
    src/ipa/ipa.h, src/ipa/ipa/bmp.h.
  - CVE-2015-0848
  - CVE-2015-4588
  - CVE-2015-4685
  - CVE-2015-4696

Author: Marc Deslauriers
Revision Date: 2015-07-07 14:39:48 UTC

* SECURITY UPDATE: denial of service and possible code execution
  - d/p/CVE-2015-0848_CVE-2015-4588_CVE-2015-4695_CVE-2015-4696.patch:
    check bounds and handle unexpected pixel depth in src/player/meta.h,
    src/ipa/ipa.h, src/ipa/ipa/bmp.h.
  - CVE-2015-0848
  - CVE-2015-4588
  - CVE-2015-4685
  - CVE-2015-4696

Author: Billy Olsen
Revision Date: 2015-06-26 09:59:10 UTC

* Backport fixes for reliable AMQP reconnect support, ensuring
  nova-compute instances re-connect and message correctly when
  RabbitMQ message brokers disappear is clustered configurations:
  - d/p/0001-Fix-_poll_connection-not-timeout-issue-1-2.patch:
    Improve precision of iterconsume timeouts (LP: #1400268).
  - d/p/0002-Fix-_poll_connection-not-timeout-issue-2-2.patch:
    Fix timeout timer when duration is set to None (LP: #1408370).
  - d/p/0003-qpid-Always-auto-delete-queue-of-DirectConsumer.patch:
    Ensure that message publishers fail and retry if the consumer has
    not yet declared a receiving queue (LP: #1338732).
  - d/p/0004-rabbit-redeclare-consumers-when-ack-requeue-fail.patch:
    Redeclare consumers when the ack/requeue fails (LP: #1448650).
  - d/p/0005-Fix-possible-usage-of-undefined-variable.patch:
    Fix use of a variable before its definition in the reconnect
    path when an exception is encountered (LP: #1465314).

Author: Chris J Arges
Revision Date: 2015-07-07 12:41:12 UTC

[ Stefan Bader ]
Add LDFLAGS to avoid issues with accessing global variables in
shared libraries (LP: #1470687).

Author: Timo Aaltonen
Revision Date: 2015-05-21 08:18:55 UTC

rules, install: Fix udev rules and systemd service install
destination. (LP: #1392887)

Author: Didier Roche-Tolomelli
Revision Date: 2015-05-26 09:14:36 UTC

Backporting vivid release sync to utopic to fix wrong input results
as per upstream's request (LP: #1452326)

Author: Corey Bryant
Revision Date: 2015-06-17 15:13:55 UTC

d/p/refresh-expired-admin-token.patch: Fix bug to enable refresh of
expired admin token. Thanks to Sergio Martins for recommending
this fix (LP: #1460833).

Author: Robie Basak
Revision Date: 2015-05-19 13:44:35 UTC

Do not hang headless servers indefinitely on boot after edge case power
failure timing (LP: #1443735). Instead, time out after 30 seconds and boot
anyway, including on non-headless systems.

Author: Robie Basak
Revision Date: 2015-07-03 10:19:32 UTC

Rebuild against grub-efi-amd64 2.02~beta2-15ubuntu0.1 (LP:
#1443735).

Author: Robie Basak
Revision Date: 2015-06-17 12:53:24 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:53:43 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:54:56 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:54:03 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:52:33 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:53:01 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:54:43 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Robie Basak
Revision Date: 2015-06-17 12:54:23 UTC

Backport to Ubuntu 14.10 to support Docker SRU (LP: #1454719).

Author: Marc Deslauriers
Revision Date: 2015-03-31 09:18:52 UTC

Rebuild for Ubuntu 14.10. (LP: #1420956)

Author: Marc Deslauriers
Revision Date: 2015-07-06 16:24:11 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory
  - debian/patches/CVE-2015-3281.patch: respect output data in
    src/buffer.c.
  - CVE-2015-3281

Author: Marc Deslauriers
Revision Date: 2015-07-06 16:24:11 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory
  - debian/patches/CVE-2015-3281.patch: respect output data in
    src/buffer.c.
  - CVE-2015-3281

Author: Chris J Arges
Revision Date: 2015-07-07 12:41:12 UTC

[ Stefan Bader ]
Add LDFLAGS to avoid issues with accessing global variables in
shared libraries (LP: #1470687).

Author: Vlad Orlov
Revision Date: 2015-06-02 15:18:59 UTC

fix-invalidate.patch: new patch. Don't invalidate region when
text is deleted and engine is disabled. Fixes crash. (LP: #1461082)

Author: Brad Figg
Revision Date: 2015-07-06 19:01:48 UTC

linux ABI 3.16.0-44

Author: Brad Figg
Revision Date: 2015-07-06 19:01:48 UTC

linux ABI 3.16.0-44

Author: Brad Figg
Revision Date: 2015-07-06 19:01:48 UTC

linux ABI 3.16.0-44

Author: Robie Basak
Revision Date: 2015-07-03 10:19:32 UTC

Rebuild against grub-efi-amd64 2.02~beta2-15ubuntu0.1 (LP:
#1443735).

Author: dann frazier
Revision Date: 2015-06-11 15:01:19 UTC

Introduce full memory barrier support for arm64 and ppc64el to fix
corruption/hang issues (LP: #1427406).

Author: Steve Beattie
Revision Date: 2015-07-01 10:17:50 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-07-01 10:17:50 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-07-01 08:48:36 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-07-01 09:17:22 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-07-01 09:17:22 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-07-01 08:48:36 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-06-30 10:23:46 UTC

fake sync from Debian (LP: #1210822)

Author: Steve Beattie
Revision Date: 2015-06-30 10:23:46 UTC

fake sync from Debian (LP: #1210822)

Author: Steve Beattie
Revision Date: 2015-06-29 21:48:12 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-06-29 21:48:12 UTC

fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2015-06-29 15:00:07 UTC

* SECURITY UPDATE: resolver DoS via specially crafted zone data
  - lib/dns/validator.c: don't use uninitialized fixedname.
  - CVE-2015-4620

Author: Marc Deslauriers
Revision Date: 2015-06-29 15:00:07 UTC

* SECURITY UPDATE: resolver DoS via specially crafted zone data
  - lib/dns/validator.c: don't use uninitialized fixedname.
  - CVE-2015-4620

Author: Micah Gersten
Revision Date: 2015-06-28 16:27:00 UTC

No-change backport to utopic (LP: #1463966)

Author: Micah Gersten
Revision Date: 2015-06-22 22:19:17 UTC

No-change backport to utopic (LP: #1465770)

Author: Robie Basak
Revision Date: 2015-05-19 13:44:35 UTC

Do not hang headless servers indefinitely on boot after edge case power
failure timing (LP: #1443735). Instead, time out after 30 seconds and boot
anyway, including on non-headless systems.

Author: Jorge Niedbalski
Revision Date: 2015-06-10 10:29:50 UTC

d/*.logrotate,neutron-common.logrotate: Backport from vivid,
Move to single logrotate configuration. (LP: #1463844).

Author: Jorge Niedbalski
Revision Date: 2015-06-08 15:52:13 UTC

debian/haproxy.init: Backport of vivid stop routine,
uses start-stop-daemon to reliable terminate all haproxy processes
and return the proper exit code. (LP: #1462495)

Author: Didier Roche-Tolomelli
Revision Date: 2015-05-26 09:14:36 UTC

Backporting vivid release sync to utopic to fix wrong input results
as per upstream's request (LP: #1452326)

Author: dann frazier
Revision Date: 2015-06-23 09:30:46 UTC

Fix-for-the-ARM64-page-size-determination-on-Linux-4.patch. (LP: #1460941)

Author: Marc Deslauriers
Revision Date: 2015-06-18 09:25:31 UTC

* SECURITY UPDATE: denial of service in multiple servers
  - debian/patches/CVE-2013-1752-poplib.patch: limit maximum line length
    in Lib/poplib.py, added test to Lib/test/test_poplib.py.
  - debian/patches/CVE-2013-1752-smtplib.patch: limit amount read from
    the network in Lib/smtplib.py, added test to
    Lib/test/test_smtplib.py.
  - CVE-2013-1752
* SECURITY UPDATE: denial of service via xmlrpc gzip-compressed
  HTTP bodies
  - debian/patches/CVE-2013-1753.patch: add default limit in
    Lib/xmlrpclib.py, added test to Lib/test/test_xmlrpc.py.
  - CVE-2013-1753
* debian/patches/fix_ssl_test_dh.patch: replace 512 bit dh key with a
  2014 bit one to fix test failure with OpenSSL security update.

Author: Marc Deslauriers
Revision Date: 2015-06-19 09:52:59 UTC

* SECURITY UPDATE: SecurityManager bypass via Expression Language
  - debian/patches/CVE-2014-7810.patch: handle classes that may not be
    accessible but have accessible interfaces in
    java/javax/el/BeanELResolver.java, remove unnecessary code in
    java/org/apache/jasper/runtime/PageContextImpl.java,
    java/org/apache/jasper/security/SecurityClassLoad.java.
  - CVE-2014-7810
* Replace expired ssl certs and use TLS to fix tests causing FTBFS:
  - debian/patches/0022-use-tls-in-ssl-unit-tests.patch
  - debian/patches/0023-replace-expired-ssl-certificates.patch
  - debian/source/include-binaries

Author: Marc Deslauriers
Revision Date: 2015-06-19 09:52:59 UTC

* SECURITY UPDATE: SecurityManager bypass via Expression Language
  - debian/patches/CVE-2014-7810.patch: handle classes that may not be
    accessible but have accessible interfaces in
    java/javax/el/BeanELResolver.java, remove unnecessary code in
    java/org/apache/jasper/runtime/PageContextImpl.java,
    java/org/apache/jasper/security/SecurityClassLoad.java.
  - CVE-2014-7810
* Replace expired ssl certs and use TLS to fix tests causing FTBFS:
  - debian/patches/0022-use-tls-in-ssl-unit-tests.patch
  - debian/patches/0023-replace-expired-ssl-certificates.patch
  - debian/source/include-binaries

Author: Marc Deslauriers
Revision Date: 2015-06-18 09:25:31 UTC

* SECURITY UPDATE: denial of service in multiple servers
  - debian/patches/CVE-2013-1752-poplib.patch: limit maximum line length
    in Lib/poplib.py, added test to Lib/test/test_poplib.py.
  - debian/patches/CVE-2013-1752-smtplib.patch: limit amount read from
    the network in Lib/smtplib.py, added test to
    Lib/test/test_smtplib.py.
  - CVE-2013-1752
* SECURITY UPDATE: denial of service via xmlrpc gzip-compressed
  HTTP bodies
  - debian/patches/CVE-2013-1753.patch: add default limit in
    Lib/xmlrpclib.py, added test to Lib/test/test_xmlrpc.py.
  - CVE-2013-1753
* debian/patches/fix_ssl_test_dh.patch: replace 512 bit dh key with a
  2014 bit one to fix test failure with OpenSSL security update.

Author: Vlad Orlov
Revision Date: 2015-06-02 15:18:59 UTC

fix-invalidate.patch: new patch. Don't invalidate region when
text is deleted and engine is disabled. Fixes crash. (LP: #1461082)

Author: Micah Gersten
Revision Date: 2015-06-22 21:18:07 UTC

Backport patch from vivid to allow non-JPEG scanning on the HP DeskJet 3520
All-in-One and similar devices. Thanks to Lubos Dolezel for the patch.
Refreshed patch against trusty package (LP: #1245578)

Author: Corey Bryant
Revision Date: 2015-06-17 15:13:55 UTC

d/p/refresh-expired-admin-token.patch: Fix bug to enable refresh of
expired admin token. Thanks to Sergio Martins for recommending
this fix (LP: #1460833).

Author: Dustin Kirkland 
Revision Date: 2014-07-23 00:08:55 UTC

* debian/pollen-restart.upstart, debian/pollen.upstart, debian/rules:
  - LP: #1386052
  - add a new upstart job that restarts pollen any time the rsyslog server
    is restarted
  - this is necessary to work around a bug in the golang syslog library
    where syslog restarts break logging
    + https://code.google.com/p/go/issues/detail?id=2264#c8

Author: Thomas Ward
Revision Date: 2015-06-22 14:12:25 UTC

* SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
  system memory, which can allow local users to obtain sensitive information
  by reading the memory. (LP: #1467631)
  - debian/patches/private-key-not-wiped-2.patch: Add in fix patch from
    Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original
    patch.
  - CVE-2015-2157

Author: Thomas Ward
Revision Date: 2015-06-22 14:12:25 UTC

* SECURITY UPDATE: PuTTY did not properly wipe SSH-2 Private Keys from
  system memory, which can allow local users to obtain sensitive information
  by reading the memory. (LP: #1467631)
  - debian/patches/private-key-not-wiped-2.patch: Add in fix patch from
    Debian 0.63-10 packaging. Thanks to Patrick Coleman for the original
    patch.
  - CVE-2015-2157

Author: dann frazier
Revision Date: 2015-06-23 09:30:46 UTC

Fix-for-the-ARM64-page-size-determination-on-Linux-4.patch. (LP: #1460941)

Author: Tyler Hicks
Revision Date: 2015-06-02 16:18:53 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via a crafted PFB font file
  - debian/patches/0001-Security-fixes.patch: Dynamically allocate a buffer
    of sufficient size. Based on upstream patch.
  - CVE-2015-3905

Author: Tyler Hicks
Revision Date: 2015-06-02 16:18:53 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via a crafted PFB font file
  - debian/patches/0001-Security-fixes.patch: Dynamically allocate a buffer
    of sufficient size. Based on upstream patch.
  - CVE-2015-3905

Author: Serge Hallyn
Revision Date: 2015-05-21 15:30:52 UTC

* d/p/libnuma-ppc64el-cpu-number-not-contiguous - patch from Thierry FAUCK
  (LP: #1358835)
* d/patches/from-git-6a7c2cf3-fix-uninitialised-mask.patch: Fix libnuma SEGV
  due to uninitialised mask. (LP: #1441388)
* d/rules: include simple-patchsys.mk to get patches applied

Author: Marc Deslauriers
Revision Date: 2015-06-15 13:13:17 UTC

* SECURITY UPDATE: directory traversal issue in uupdate
  - scripts/uupdate.sh: remove symlinks before applying patches, and
    restore them afterwards.
  - http://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=0fef671
  - CVE-2014-1833

Author: Marc Deslauriers
Revision Date: 2015-06-15 13:13:17 UTC

* SECURITY UPDATE: directory traversal issue in uupdate
  - scripts/uupdate.sh: remove symlinks before applying patches, and
    restore them afterwards.
  - http://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=0fef671
  - CVE-2014-1833

Author: William Grant
Revision Date: 2015-06-19 19:34:36 UTC

debian/patches/bug-1285197.diff: Don't leave suffix uninitialised when
none was passed to IeeeToInt. Fixes incorrect partition boundaries and
other failures on ppc64el and possibly other architectures. (LP: #1285197)

Author: William Grant
Revision Date: 2015-06-19 19:34:36 UTC

debian/patches/bug-1285197.diff: Don't leave suffix uninitialised when
none was passed to IeeeToInt. Fixes incorrect partition boundaries and
other failures on ppc64el and possibly other architectures. (LP: #1285197)

Author: Michael Vogt
Revision Date: 2015-05-29 19:03:05 UTC

* SECURITY UPDATE: information disclosure via simulate dbus method
  (LP: #1449587)
  - debian/patches/lp1449587.diff: drop privileges when running lintian,
    update tests.
  - CVE-2015-1323

Author: Michael Vogt
Revision Date: 2015-05-29 19:03:05 UTC

* SECURITY UPDATE: information disclosure via simulate dbus method
  (LP: #1449587)
  - debian/patches/lp1449587.diff: drop privileges when running lintian,
    update tests.
  - CVE-2015-1323

Author: Timo Aaltonen
Revision Date: 2015-05-21 08:18:55 UTC

rules, install: Fix udev rules and systemd service install
destination. (LP: #1392887)

Author: Tyler Hicks
Revision Date: 2015-06-22 14:34:29 UTC

* SECURITY UPDATE: Denial of service via crafted patch
  - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
    allocation failures
  - CVE-2014-9637
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
    outside of the current directory
  - CVE-2015-1196
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
    during a rename or copy
  - CVE-2015-1395
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
    outside of the current directory. This patch corrects the incomplete fix
    for CVE-2015-1196.
  - CVE-2015-1396
* debian/rules: Fix FTBFS caused by ed check. Based on Debian change
  suggested by Simon McVittie.
* debian/control: Add automake1.11 as a build-depends since some of the
  patches adjust Makefile.am files

Author: Tyler Hicks
Revision Date: 2015-06-22 14:34:29 UTC

* SECURITY UPDATE: Denial of service via crafted patch
  - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
    allocation failures
  - CVE-2014-9637
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
    outside of the current directory
  - CVE-2015-1196
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
    during a rename or copy
  - CVE-2015-1395
* SECURITY UPDATE: Directory traversal via crafted patch
  - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
    outside of the current directory. This patch corrects the incomplete fix
    for CVE-2015-1196.
  - CVE-2015-1396
* debian/rules: Fix FTBFS caused by ed check. Based on Debian change
  suggested by Simon McVittie.
* debian/control: Add automake1.11 as a build-depends since some of the
  patches adjust Makefile.am files

Author: Micah Gersten
Revision Date: 2015-06-08 16:55:25 UTC

No-change backport to utopic (LP: #1461503)

Author: Micah Gersten
Revision Date: 2015-06-09 13:15:43 UTC

No-change backport to utopic (LP: #1459426)

Author: Micah Gersten
Revision Date: 2015-06-09 14:18:04 UTC

No-change backport to utopic (LP: #1458035)

Author: Martin Pitt
Revision Date: 2015-06-12 15:47:35 UTC

* New upstream bug fix release (LP: #1464669)
  - Fix possible failure to recover from an inconsistent database state
  - Fix rare failure to invalidate relation cache init file
  - See http://www.postgresql.org/about/news/1592/ for details.

Author: Otto Kekäläinen
Revision Date: 2015-06-13 21:09:48 UTC

* SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1464895):
  - CVE-2015-3152
* Upstream also includes lots of line ending changes (from CRLF -> LF)
* Removed hotfix patch now included in upstream release (MDEV-8115)

Author: Micah Gersten
Revision Date: 2015-06-08 16:25:48 UTC

No-change backport to utopic (LP: #1462686)

Author: Micah Gersten
Revision Date: 2015-06-09 11:55:30 UTC

No-change backport to utopic (LP: #1462684)

Author: Didier Roche-Tolomelli
Revision Date: 2015-05-26 09:19:14 UTC

Backporting wily release sync to utopic to fix multiple UX issues
as per upstream request (LP: #1452376)

Author: Didier Roche-Tolomelli
Revision Date: 2015-05-26 09:19:14 UTC

Backporting wily release sync to utopic to fix multiple UX issues
as per upstream request (LP: #1452376)

Author: Micah Gersten
Revision Date: 2015-06-02 23:50:53 UTC

* Add upstream patch to fix lpeg 0.12 compatibility (LP: #1443288)
  - add debian/patches/fix-lpeg.patch
  - add debian/patches/series

Author: Micah Gersten
Revision Date: 2015-06-09 11:17:05 UTC

No-change backport to utopic (LP: #1460890)

Author: Marc Deslauriers
Revision Date: 2015-06-17 13:09:05 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix for improperly handling case-insensitive paths on
  Windows and OS X clients
  - http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
  - http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
  - http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
  - CVE-2014-9390
  - LP: #1404035

[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary command exection via crafted repository
  name in a clone command
  - d/p/from_upstream__sshpeer_more_thorough_shell_quoting.patch: add
    more thorough shell quoting to mercurial/sshpeer.py.
  - CVE-2014-9462

Author: Marc Deslauriers
Revision Date: 2015-06-17 13:09:05 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix for improperly handling case-insensitive paths on
  Windows and OS X clients
  - http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
  - http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
  - http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
  - CVE-2014-9390
  - LP: #1404035

[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary command exection via crafted repository
  name in a clone command
  - d/p/from_upstream__sshpeer_more_thorough_shell_quoting.patch: add
    more thorough shell quoting to mercurial/sshpeer.py.
  - CVE-2014-9462