diff options
| author | Arno Töll <arno@debian.org> | 2012-02-11 12:33:52 +0000 |
|---|---|---|
| committer | Arno Töll <arno@debian.org> | 2012-02-11 12:33:52 +0000 |
| commit | 24745671eea2128d9027db884ab5c7e44a901710 (patch) | |
| tree | 4c6767492394408e9a5acea8384fa5d0acb8e786 /debian | |
| parent | 19188b1ffacd7767f1c70c10775a9daaa52004e8 (diff) | |
| download | lighttpd-24745671eea2128d9027db884ab5c7e44a901710.tar.gz | |
Make the postrm symlink handling more robust
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/NEWS | 5 | ||||
| -rw-r--r-- | debian/changelog | 4 | ||||
| -rw-r--r-- | debian/lighttpd.postrm | 4 |
3 files changed, 8 insertions, 5 deletions
diff --git a/debian/NEWS b/debian/NEWS index 4dc5e39..33cb310 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -5,8 +5,9 @@ lighttpd (1.4.30-1) unstable; urgency=medium referred to as "BEAST attack". See [1] and CVE-2011-3389 for more details. To minimze the risk of this attack it is recommended either to disable all CBC - ciphers (beware: this will break older clients), or pursue clients to use safe - ciphers where possible at least. To do so, set + ciphers (beware: this will break reasonably old clients or those who support + CBC ciphers only), or pursue clients to use safe ciphers where possible at + least. To do so, set ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" ssl.honor-cipher-order = "enable" diff --git a/debian/changelog b/debian/changelog index 4b13029..10a1c4b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,10 @@ lighttpd (1.4.30-2) UNRELEASED; urgency=low * NOT RELEASED YET + * Be more careful when removing dangling symlinks, as introduced in 1.4.30-1. + Under some configurations the postrm script could fail previously. - -- Arno Töll <debian@toell.net> Tue, 20 Dec 2011 22:48:25 +0100 + -- Arno Töll <debian@toell.net> Sat, 11 Feb 2012 13:31:17 +0100 lighttpd (1.4.30-1) unstable; urgency=medium diff --git a/debian/lighttpd.postrm b/debian/lighttpd.postrm index 8a70b70..2c2d676 100644 --- a/debian/lighttpd.postrm +++ b/debian/lighttpd.postrm @@ -10,8 +10,8 @@ if [ "$1" = "purge" ]; then if [ -d /etc/lighttpd/conf-enabled/ ] ; then # The loop below fixes #642494 (mostly) for link in /etc/lighttpd/conf-enabled/*.conf ; do - target=$(readlink "$link") - if [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then + target=$(readlink "$link") || true + if [ -n "$target" ] && [ ! -e "/etc/lighttpd/conf-enabled/$target" ] ; then echo "removing dangling symlink $link ..." rm -f $link fi |