[pkg-lighttpd] r572 - lighttpd/trunk/debian

Arno Töll atoell-guest at alioth.debian.org
Sat Feb 11 12:33:52 UTC 2012 

Author: atoell-guest
Date: 2012-02-11 12:33:52 +0000 (Sat, 11 Feb 2012)
New Revision: 572

Modified:
   lighttpd/trunk/debian/NEWS
   lighttpd/trunk/debian/changelog
   lighttpd/trunk/debian/lighttpd.postrm
Log:
Make the postrm symlink handling more robust

Modified: lighttpd/trunk/debian/NEWS
===================================================================
--- lighttpd/trunk/debian/NEWS	2011-12-20 21:51:13 UTC (rev 571)
+++ lighttpd/trunk/debian/NEWS	2012-02-11 12:33:52 UTC (rev 572)
@@ -5,8 +5,9 @@
   referred to as "BEAST attack". See [1] and CVE-2011-3389 for more details.
 
   To minimze the risk of this attack it is recommended either to disable all CBC
-  ciphers (beware: this will break older clients), or pursue clients to use safe
-  ciphers where possible at least. To do so, set
+  ciphers (beware: this will break reasonably old clients or those who support
+  CBC ciphers only), or pursue clients to use safe ciphers where possible at
+  least. To do so, set
 
   ssl.cipher-list =  "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
   ssl.honor-cipher-order = "enable"

Modified: lighttpd/trunk/debian/changelog
===================================================================
--- lighttpd/trunk/debian/changelog	2011-12-20 21:51:13 UTC (rev 571)
+++ lighttpd/trunk/debian/changelog	2012-02-11 12:33:52 UTC (rev 572)
@@ -1,8 +1,10 @@
 lighttpd (1.4.30-2) UNRELEASED; urgency=low
 
   * NOT RELEASED YET
+  * Be more careful when removing dangling symlinks, as introduced in 1.4.30-1.
+    Under some configurations the postrm script could fail previously. 
 
- -- Arno Töll <debian at toell.net>  Tue, 20 Dec 2011 22:48:25 +0100
+ -- Arno Töll <debian at toell.net>  Sat, 11 Feb 2012 13:31:17 +0100
 
 lighttpd (1.4.30-1) unstable; urgency=medium
 

Modified: lighttpd/trunk/debian/lighttpd.postrm
===================================================================
--- lighttpd/trunk/debian/lighttpd.postrm	2011-12-20 21:51:13 UTC (rev 571)
+++ lighttpd/trunk/debian/lighttpd.postrm	2012-02-11 12:33:52 UTC (rev 572)
@@ -10,8 +10,8 @@
     if [ -d /etc/lighttpd/conf-enabled/ ] ; then
         # The loop below fixes #642494 (mostly)
         for link in /etc/lighttpd/conf-enabled/*.conf ; do
-            target=$(readlink "$link")
-            if [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then
+            target=$(readlink "$link") || true
+	    if [ -n "$target" ] && [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then
                 echo "removing dangling symlink $link ..."
                 rm -f $link
             fi

More information about the pkg-lighttpd-maintainers mailing list