/trunk/debian/changelog |
---|
1,3 → 1,15 |
prayer (1.3.5-dfsg1-6) unstable; urgency=medium |
* Merge changes from Ubuntu (Closes: #913848). |
-- Magnus Holmgren <holmgren@debian.org> Sun, 16 Dec 2018 22:27:47 +0100 |
prayer (1.3.5-dfsg1-5ubuntu1) disco; urgency=medium |
* debian/patches/glibc-2.28.patch: drop wrong prototype for crypt(). |
-- Steve Langasek <steve.langasek@ubuntu.com> Thu, 15 Nov 2018 22:34:06 +0000 |
prayer (1.3.5-dfsg1-5) unstable; urgency=medium |
* [SECURITY] CVE-2018-18655 (information disclosure) no-referrer.patch: |
/trunk/debian/patches/glibc-2.28.patch |
---|
0,0 → 1,23 |
Description: drop wrong prototype for crypt() |
The code provides its own protoype for crypt, claiming that Linux doesn't |
have one in its system headers. Not only is that wrong, but the local |
prototype is now incorrect, causing a build failure. |
Author: Steve Langasek <steve.langasek@ubuntu.com> |
Last-Modified: 2018-11-15 |
Index: prayer-1.3.5-dfsg1/accountd/authenticate.c |
=================================================================== |
--- prayer-1.3.5-dfsg1.orig/accountd/authenticate.c |
+++ prayer-1.3.5-dfsg1/accountd/authenticate.c |
@@ -94,11 +94,6 @@ |
/* Definies a whole series of different authentication methods, including |
* PAM if PAM support configured in ../Config */ |
-/* No prototype for crypt, at least on Linux */ |
-#if HAVE_SHADOW |
-extern char *crypt(char *password, char *salt); |
-#endif |
- |
/* ====================================================================== */ |
#ifdef ACCOUNTD_PAM_ENABLE |
/trunk/debian/patches/no-referrer.patch |
---|
2,8 → 2,10 |
Description: Add no-referrer meta header to templates. |
* CVE-2018-18655 |
--- a/templates/cam/header.t |
+++ b/templates/cam/header.t |
Index: prayer-1.3.5-dfsg1/templates/cam/header.t |
=================================================================== |
--- prayer-1.3.5-dfsg1.orig/templates/cam/header.t |
+++ prayer-1.3.5-dfsg1/templates/cam/header.t |
@@ -11,6 +11,7 @@ |
% ENDIF |
<meta name="robots" content="none" /> |
12,8 → 14,10 |
<link rel="stylesheet" href="/static/layout.css" |
type="text/css" media="all" /> |
<link rel="stylesheet" href="/static/print.css" |
--- a/templates/old/header.t |
+++ b/templates/old/header.t |
Index: prayer-1.3.5-dfsg1/templates/old/header.t |
=================================================================== |
--- prayer-1.3.5-dfsg1.orig/templates/old/header.t |
+++ prayer-1.3.5-dfsg1/templates/old/header.t |
@@ -11,6 +11,7 @@ |
% ENDIF |
<meta name="robots" content="none" /> |
/trunk/debian/patches/series |
---|
9,3 → 9,4 |
disable_ssl3.patch |
openssl1.1.patch |
no-referrer.patch |
glibc-2.28.patch |