waitress (3.0.1-1) unstable; urgency=medium * Team upload. * New upstream release: - CVE-2024-49768: Fix a race condition in Waitress when `channel_request_lookahead` is enabled that could lead to HTTP request smuggling (closes: #1086467). - CVE-2024-49769: Fix a bug that would lead to Waitress busy looping on select() on a half-open socket due to a race condition that existed when creating a new HTTPChannel (closes: #1086468). -- Colin Watson Wed, 30 Oct 2024 23:22:09 +0000 waitress (3.0.0-1) unstable; urgency=medium * Team upload. * d/watch: Add compression=gz * New upstream version 3.0.0 * Rebuild patch queue from patch-queue branch Adjusted patch: docs-Don-t-try-to-detect-the-version-don-t-use-Pylons-the.patch * d/control: Bump Standards-Version to 4.7.0 No further changes needed. * d/rules: Add target override_dh_clean * d/{control,rules}: Move over to use dh-sequence-sphinxdoc * d/control: Update binary package long description * d/u/metadata: Add FAQ and Security-Contact fields -- Carsten Schoenert Fri, 10 May 2024 17:50:49 +0200 waitress (2.1.2-2) unstable; urgency=medium * Team Upload. * autopkgtest: Update control file for successful testing -- Carsten Schoenert Mon, 14 Nov 2022 17:15:51 +0100 waitress (2.1.2-1) unstable; urgency=medium * Team Upload. * d/gbp.conf: Add a basic default configuration * d/README.source: Add basic information about package * d/README.Debian: Drop that file * d/watch: Update watch mode to look out git tags * New upstream version 2.1.2 Resolves CVE-2022-31015 (Closes: #1012315) * Rebuild patch queue from patch-queue branch Added patch: docs-Use-internal-ressources-for-intersphinx.patch Renamed patch: 01-fix-sphinxdoc-conf.patch -> docs-Don-t-try-to-detect-the-version-don-t-use-Pylons-the.patch * d/control: Remove Built-Using ${sphinxdoc:Built-Using} The -doc package isn't from type arch all. * d/control: Add python3-doc to Build-Depends That is used for intersphinx integration in the -doc package. * d/{control,rules}: Move over to dh-sequence-python3 * documentation: Build HTML documentation by dh_sphinxdoc * autopkgtest: Small adjustment to testing call -- Carsten Schoenert Sat, 12 Nov 2022 21:14:43 +0100 waitress (2.1.1-3) unstable; urgency=medium * Team Upload. * Remove space in DH_OPTIONS causing FTBFS (Closes: #1020065) * Bump Standards-Version to 4.6.1 (no changes needed) * Fix globbing pattern * Remove public-domain license for debian/* -- Nilesh Patra Sat, 01 Oct 2022 14:58:24 +0530 waitress (2.1.1-2) unstable; urgency=medium * Team upload. * Build-Depend and autopkgtest Depend on netbase, for services resolution in tests. -- Stefano Rivera Tue, 10 May 2022 08:31:41 -0400 waitress (2.1.1-1) unstable; urgency=medium [ Stefano Rivera ] * Team upload. * New upstream release. - Resolves CVE-2022-24761 (Closes: #1008013) * Build with pybuild's pyproject plugin. * Run test suite at build time. * Run test suite in autopkgtests. * Bump Standards-Version to 4.6.0, no changes needed. * Bump watch file version to 4. * Update 01-fix-sphinxdoc-conf.patch to determine the upstream version from the Debian changelog. * Revert the -D html_last_updated_fmt approach to get sphinx to produce reproducible docs, it supports SOURCE_DATE_EPOCH, these days. [ Debian Janitor ] * Bump debhelper from old 12 to 13. * Update standards version to 4.5.1, no changes needed. * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on python3-all and python3-setuptools. -- Stefano Rivera Mon, 09 May 2022 20:51:31 -0400 waitress (1.4.4-1.1) unstable; urgency=medium * Non-maintainer upload. * Fix cleanup of the waitress-serve alternative. (Closes: #984630) -- Andreas Beckmann Tue, 20 Apr 2021 20:58:53 +0200 waitress (1.4.4-1) unstable; urgency=medium [ Andrej Shadura ] * New upstream release. [ Michael Fladischer ] * Provide virtual package httpd-wsgi3. [ Debian Janitor ] * Replace spaces in short license names with dashes. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Update standards version to 4.5.0, no changes needed. * Apply multi-arch hints. + python-waitress-doc: Add Multi-Arch: foreign. [ Ondřej Nový ] * d/control: Update Maintainer field with new Debian Python Team contact address. * d/control: Update Vcs-* fields with new Debian Python Team Salsa layout. -- Andrej Shadura Sat, 09 Jan 2021 10:16:20 +0100 waitress (1.4.1-1) unstable; urgency=medium [ Louis-Philippe Véronneau ] * d/control: update the VCS links. (Closes: 946103) [ Andrej Shandura ] * New upstream release. - Closes: #947306: CVE-2019-16785: potential HTTP request smuggling/splitting due to differences in endline parsing. CVE-2019-16786: incorrect treatment of single requests as multiple requests in the case of HTTP pipelining due to the incorrect parsing of Transfer-Encoding ignoring all but the first comma-separated header value. - Closes: #947433: CVE-2019-16789: potential HTTP request splitting leading to potential cache poisoning or unexpected information disclosure due to incorrect parsing of special whitespace characters in the Transfer-Encoding header. * Refresh the documentation configuration patch. * Set Rules-Requires-Root: no * Bump Standards-Version to 4.4.1, no changes. * Replace dh_auto_install override with --shebang. * Update debian/copyright. * Use ${sphinxdoc:Built-Using}. -- Andrej Shadura Wed, 01 Jan 2020 14:04:40 +0100 waitress (1.3.1-4) unstable; urgency=medium * Revert the documentation package rename. * Revert the reversion of the Python 3 removal. * Remove alternatives on preinst. * Install waitress-serve into /usr/bin directly. -- Andrej Shadura Thu, 12 Sep 2019 21:38:15 +0200 waitress (1.3.1-3) unstable; urgency=medium * Revert the Python 3 removal. * Try to remove alternatives, don’t fail if we can’t. -- Andrej Shadura Thu, 12 Sep 2019 21:07:45 +0200 waitress (1.3.1-2) unstable; urgency=medium * Rename the documentation package. -- Andrej Shadura Thu, 12 Sep 2019 18:48:27 +0200 waitress (1.3.1-1) unstable; urgency=medium * New upstream release. * Maintain in the team. * Run wrap-and-sort -bask. * Use debhelper-compat instead of debian/compat. * Use secure URI in Homepage field. * Bump debhelper from old 9 to 12. * Drop Python 2 support. -- Andrej Shadura Thu, 12 Sep 2019 18:38:52 +0200 waitress (1.2.0~b2-2) unstable; urgency=medium * Unbreak docco build (Closes: #918669). -- Andrej Shadura Tue, 08 Jan 2019 15:54:08 +0100 waitress (1.2.0~b2-1) unstable; urgency=medium [ Ondřej Nový ] * d/copyright: Use https protocol in Format field. * d/control: Add Vcs-* field. [ Andrej Shadura ] * New upstream release. -- Andrej Shadura Mon, 07 Jan 2019 18:26:54 +0100 waitress (1.1.0-1) unstable; urgency=medium * New upstream release. * Enable autopkgtests. * Add Vcs-*. -- Andrej Shadura Sun, 13 May 2018 10:12:31 +0200 waitress (1.0.1-1) unstable; urgency=medium * New upstream release. * Update package descriptions. * Build-Depend on Python 2.7+/3.3+. -- Andrew Shadura Tue, 13 Dec 2016 14:34:36 +0100 waitress (0.8.10-1) unstable; urgency=medium [ Juan Picca ] * Make the build reproducible (Closes: #788597). [ Andrew Shadura ] * New upstream release. -- Andrew Shadura Sat, 26 Dec 2015 14:44:28 +0100 waitress (0.8.9-2) unstable; urgency=medium * Fix FTBFS (Closes: #765126). -- Andrew Shadura Mon, 13 Oct 2014 21:56:21 +0200 waitress (0.8.9-1) unstable; urgency=medium * New upstream release. -- Andrew Shadura Wed, 08 Oct 2014 15:58:50 +0200 waitress (0.8.8-3) unstable; urgency=low * Build against python3.4. * Fix shebangs in waitress-serve scripts. -- Andrew Shadura Thu, 24 Apr 2014 08:12:29 +0200 waitress (0.8.8-2) unstable; urgency=low * Fix the package description. * Bump Standards-Version (no changes). -- Andrew Shadura Thu, 24 Apr 2014 07:45:00 +0200 waitress (0.8.8-1) unstable; urgency=low * New upstream release. -- Andrew Shadura Sat, 14 Dec 2013 20:55:11 +0100 waitress (0.8.7-3) unstable; urgency=low * Switch to using dh-python instead of versioned depends on python3 (Closes: #731532). -- Andrew Shadura Sat, 14 Dec 2013 17:53:03 +0100 waitress (0.8.7-2) unstable; urgency=low * Update the watch file. * Use alternatives to ensure co-installability of python2 and python3 versions (Closes: #725260). -- Andrew Shadura Thu, 03 Oct 2013 15:44:25 +0200 waitress (0.8.7-1) unstable; urgency=low * New upstream version. -- Andrew Shadura Wed, 02 Oct 2013 20:49:35 +0200 waitress (0.8.1-2) unstable; urgency=low * Upload to unstable. * Remove erroneous patch. -- Andrew Shadura Sat, 13 Apr 2013 15:25:34 +0200 waitress (0.8.1-1) experimental; urgency=low * Initial release. -- Andrew Shadura Thu, 21 Mar 2013 21:02:04 +0100