debian/0000755000000000000000000000000012251665053007173 5ustar debian/rules0000755000000000000000000000046412251665053010257 0ustar #!/usr/bin/make -f PACKAGE = $(shell dh_listpackages) TMP = $(CURDIR)/debian/$(PACKAGE) %: dh $@ override_dh_installexamples: dh_installexamples sed -i '1s|^#!/usr/local/bin/perl|#!/usr/bin/perl|' \ $(TMP)/usr/share/doc/$(PACKAGE)/examples/*.cgi \ $(TMP)/usr/share/doc/$(PACKAGE)/examples/*.pl debian/control0000644000000000000000000000265412251665053010605 0ustar Source: libcgi-pm-perl Maintainer: Debian Perl Group Uploaders: AGOSTINI Yves , Damyan Ivanov , Ansgar Burchardt , gregor herrmann , Jonathan Yu , Nicholas Bamber Section: perl Priority: optional Build-Depends: debhelper (>= 8) Build-Depends-Indep: perl, libfcgi-perl, perl (>= 5.13.11) | libtest-simple-perl (>= 0.98) Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libcgi-pm-perl.git Vcs-Git: git://anonscm.debian.org/pkg-perl/packages/libcgi-pm-perl.git Homepage: https://metacpan.org/release/CGI.pm/ Package: libcgi-pm-perl Architecture: all Depends: ${perl:Depends}, ${misc:Depends} Recommends: libfcgi-perl Breaks: libcgi-fast-perl (<< 5.10.1-9) Replaces: libcgi-fast-perl (<< 5.10.1-9) Description: module for Common Gateway Interface applications CGI.pm is a Perl module that provides classes useful for creating Web forms and for parsing their contents. It defines CGI objects, entities that contain the values of the current query string and other state variables. . This module is already included as part of Perl's core distribution, so this package is only beneficial when newer features or bug fixes are required. debian/source/0000755000000000000000000000000012251665053010473 5ustar debian/source/format0000644000000000000000000000001412251665053011701 0ustar 3.0 (quilt) debian/changelog0000644000000000000000000002141012251665053011043 0ustar libcgi-pm-perl (3.64-1) unstable; urgency=medium * New upstream release. * Refresh patch man-cgi-fast.patch (offset). * Drop pod.patch, fixed upstream. * Declare compliance with Debian Policy 3.9.5. -- gregor herrmann Tue, 10 Dec 2013 20:23:00 +0100 libcgi-pm-perl (3.63-1) unstable; urgency=low [ Salvatore Bonaccorso ] * Change Vcs-Git to canonical URI (git://anonscm.debian.org) * Change search.cpan.org based URIs to metacpan.org based URIs [ gregor herrmann ] * New upstream release. Fixes "FTBFS with perl 5.18: test failures" (Closes: #711432) * Drop patch 0001-CR-escaping-for-P3P-and-Set-Cookie-headers.patch (applied upstream). * Update years of packaging copyright. * Add patch to fix POD errors. -- gregor herrmann Fri, 07 Jun 2013 23:02:14 +0200 libcgi-pm-perl (3.61-2) unstable; urgency=low * Team upload. * Add 0001-CR-escaping-for-P3P-and-Set-Cookie-headers.patch [SECURITY] CVE-2012-5526: Newline injection due to improper CRLF escaping in Set-Cookie and P3P headers. Thanks to Niko Tyni (Closes: #693421) -- Salvatore Bonaccorso Sat, 24 Nov 2012 07:54:36 +0100 libcgi-pm-perl (3.61-1) unstable; urgency=low * New upstream release * Bump Standards-Version to 3.9.4 (no changes needed) -- Alessandro Ghedini Wed, 07 Nov 2012 19:02:45 +0100 libcgi-pm-perl (3.60-1) unstable; urgency=low * New upstream release * Email change: Alessandro Ghedini -> ghedo@debian.org * Do not repack upstream tarball * Update copyright to Copyright-Format 1.0 * Bump Standards-Version to 3.9.3 (no changes needed) -- Alessandro Ghedini Thu, 16 Aug 2012 12:11:52 +0200 libcgi-pm-perl (3.59+dfsg-1) unstable; urgency=low * New upstream release * Drop do-not-use-shellwords.patch and spelling.patch (merged upstream) * Update debian/NEWS with behaviour change -- Alessandro Ghedini Fri, 30 Dec 2011 19:32:53 +0100 libcgi-pm-perl (3.58+dfsg-1) unstable; urgency=low [ Ansgar Burchardt ] * debian/control: Convert Vcs-* fields to Git. [ Salvatore Bonaccorso ] * debian/copyright: Replace DEP5 Format-Specification URL from svn.debian.org to anonscm.debian.org URL. [ Nicholas Bamber ] * New upstream release [ Alessandro Ghedini ] * Drop bad-url-test.patch (merged upstream) * Add do-not-use-shellwords.patch (fixes perl-module-uses-perl4-libs-without-dep) * Refresh patches * Remove *.gif images from upstream tarball (not in preferred form of modification) [ gregor herrmann ] * Add build dependency on Test::More 0.98. -- Alessandro Ghedini Sun, 13 Nov 2011 14:19:28 +0100 libcgi-pm-perl (3.55-1) unstable; urgency=low [ Nicholas Bamber ] * New upstream release 3.54 [ Alessandro Ghedini ] * New upstream release * Bump debhelper compat level to 8 * Add myself to Uploaders * Add debian/NEWS to report incompatible changes * Refresh patches * Add bad-url-test patch -- Alessandro Ghedini Sun, 12 Jun 2011 16:09:02 +0200 libcgi-pm-perl (3.53-1) unstable; urgency=low [ Nicholas Bamber ] * Removed watch file hack as it no longers seems to be necessary * New upstream release * Raised standards version to 3.9.2 * Reviewed spelling.patch * Email change: Ansgar Burchardt -> ansgar@debian.org * Refreshed copyright [ Salvatore Bonaccorso ] * debian/copyright: Re-add Niko Tyni to copyright for debian/* packaging. -- Nicholas Bamber Tue, 26 Apr 2011 17:54:46 +0100 libcgi-pm-perl (3.52-1) unstable; urgency=low * New upstream release * Refreshed patches as required -- Nicholas Bamber Tue, 25 Jan 2011 22:24:13 +0000 libcgi-pm-perl (3.51-1) unstable; urgency=low [ Niko Tyni ] * New upstream release. + [SECURITY] CVE-2010-4411: fixes a double CR/LF injection vulnerability, the last missing bit for the CVE-2010-2761 + CVE-2010-4410 issues that were fixed in 3.50. (Closes: #606370) + fixes writeability checks of the temporary directory for file uploads, and documents supported ways to override the builtin directories. (Closes: #367711) * debian/patches/fix-pod-spelling.patch: removed, included upstream [ gregor herrmann ] * debian/watch: add URL for the unoffical 3.51 release in order to make it uscan-able. * debian/copyright: update list for debian/* and update formatting. * Add patch spelling.patch to fix a spelling mistake in various files. -- gregor herrmann Thu, 13 Jan 2011 22:10:07 +0100 libcgi-pm-perl (3.50-1) unstable; urgency=low [ Ansgar Burchardt ] * Update my email address. [ Nicholas Bamber ] * Added myself to Uploaders * Upped standards version * Removed quilt cruft * Updated format of watch file to handle upstream change * New upstream release * Added debian/source/format * Refreshed copyright * Updated spelling patch with patch available on CPAN * Changed 'Conflicts' to 'Breaks' and added similar Replaces clause -- Nicholas Bamber Sun, 21 Nov 2010 15:55:52 +0000 libcgi-pm-perl (3.49-1) unstable; urgency=low [ Jonathan Yu ] * New upstream release * Standards-Version 3.8.4 (no changes) * Rewrite long description * Add myself to Uploaders and Copyright * Refresh man-cgi-fast.patch * Update to new DEP5 copyright format * Change shebang override to improve readability * Add patch to fix POD spelling * No longer install HTML docs, they look to be outdated and unmaintained [ gregor herrmann ] * debian/control: s/perl-modules/perl/ in long description. * Install CGI::Fast again; conflict on older libcgi-fast-perl instead of depending on it (closes: #565551). * Add libfcgi-perl to Recommends (needed by CGI::Fast). -- Jonathan Yu Sun, 07 Feb 2010 21:54:03 -0500 libcgi-pm-perl (3.48-1) unstable; urgency=low * New upstream release -- Ansgar Burchardt Sat, 26 Sep 2009 12:05:32 +0200 libcgi-pm-perl (3.47-1) unstable; urgency=low * New upstream release + Refresh patch. * Correct path to interpreter in an additional example. -- Ansgar Burchardt Sat, 19 Sep 2009 11:28:42 +0200 libcgi-pm-perl (3.45-1) unstable; urgency=low * New upstream release + update file names in man-cgi-fast.patch * debian/control: Make build-dep on perl unversioned * Bump Standards-Version to 3.8.3 -- Ansgar Burchardt Tue, 18 Aug 2009 20:18:54 +0200 libcgi-pm-perl (3.44-1) unstable; urgency=low [ Nathan Handler ] * debian/watch: Update to ignore development releases. [ Ansgar Burchardt ] * New upstream release * Bump Standards-Version to 3.8.2 (no changes). * Use shorter debian/rules. [ gregor herrmann ] * Install HTML documentation. -- Ansgar Burchardt Fri, 31 Jul 2009 12:36:47 +0200 libcgi-pm-perl (3.43-1) unstable; urgency=low [ gregor herrmann ] * debian/control: Changed: Switched Vcs-Browser field to ViewSVN (source stanza). [ Ansgar Burchardt ] * New upstream release. * Bump Standards Version to 3.8.1 (no changes). * Add Build-Dep on libfcgi-perl to enable additional tests. * Add description to man-cgi-fast.patch -- Ansgar Burchardt Sun, 12 Apr 2009 11:57:51 +0200 libcgi-pm-perl (3.42-1) unstable; urgency=low * New upstream release. * Install examples; fix hashbang in example scripts from debian/rules. * Add /me to Uploaders. * Make debian/README.source more verbose. -- gregor herrmann Tue, 09 Sep 2008 17:36:20 +0200 libcgi-pm-perl (3.41-1) unstable; urgency=low [ Ansgar Burchardt ] * New upstream release. * lintian override no longer needed [ gregor herrmann ] * debian/rules: use make's $(RM) instead of plain rm. -- Ansgar Burchardt Thu, 28 Aug 2008 13:55:12 +0200 libcgi-pm-perl (3.40-1) unstable; urgency=low * New upstream release + Update debian/patches/man-cgi-fast.patch * Refresh rules for debhelper 7 * debian/copyright: Update to current format, don't list Debian Perl Group as copyright holder * Add myself to Uploaders -- Ansgar Burchardt Thu, 07 Aug 2008 14:07:31 +0200 libcgi-pm-perl (3.38-2) unstable; urgency=medium * Do not ship CGI/Fast.pm, avoiding conflict with libcgi-fast-perl. Instead, Depend on that. Closes: #489928. Thanks to Ralf Treinen for reporting. * add myself to Uploaders -- Damyan Ivanov Tue, 08 Jul 2008 22:59:58 +0300 libcgi-pm-perl (3.38-1) unstable; urgency=low * Initial Release. (Closes: #486943) * CGI.pm is in perl-modules, libcgi-pm-perl is only for special updates -- AGOSTINI Yves Thu, 26 Jun 2008 10:10:35 +0200 debian/NEWS0000644000000000000000000000200112251665053007663 0ustar libcgi-pm-perl (3.59+dfsg-1) unstable; urgency=low [BUG FIXES] We no longer read from STDIN when the Content-Length is not set, preventing requests with no Content-Length from freezing in some cases. This is consistent with the CGI RFC 3875, and is also consistent with CGI::Simple. However, the old behavior may have been expected by some command-line uses of CGI.pm. -- Alessandro Ghedini Fri, 30 Dec 2011 19:25:56 +0100 libcgi-pm-perl (3.55-1) unstable; urgency=low [THINGS THAT MAY BREAK YOUR CODE] url() was fixed to return "PATH_INFO" when it is explicitly requested with either the path=>1 or path_info=>1 flag. If your code is running under mod_rewrite (or compatible) and you are calling self_url() or you are calling url() and passing path_info=>1, these methods will actually be returning PATH_INFO now, as you have explicitly requested, or has self_url() has requested on your behalf. -- Alessandro Ghedini Sun, 12 Jun 2011 16:09:14 +0200 debian/compat0000644000000000000000000000000212251665053010371 0ustar 8 debian/patches/0000755000000000000000000000000012251665053010622 5ustar debian/patches/man-cgi-fast.patch0000644000000000000000000000242012251665053014107 0ustar Description: fix paths to FastCGI scripts Author: AGOSTINI Yves Reviewed-by: Nicholas Bamber Origin: vendor Forwarded: not-needed Last-Update: 2013-12-10 --- a/lib/CGI/Fast.pm +++ b/lib/CGI/Fast.pm @@ -149,7 +149,7 @@ FastCGI scripts must end in the extension .fcgi. For each script you install, you must add something like the following to srm.conf: - FastCgiServer /usr/etc/httpd/fcgi-bin/file_upload.fcgi -processes 2 + FastCgiServer /usr/lib/cgi-bin/file_upload.fcgi -processes 2 This instructs Apache to launch two copies of file_upload.fcgi at startup time. @@ -167,7 +167,7 @@ webserver to connect to an external FastCGI server, you would add the following to your srm.conf: - FastCgiExternalServer /usr/etc/httpd/fcgi-bin/file_upload.fcgi -host sputnik:8888 + FastCgiExternalServer /usr/lib/cgi-bin/file_upload.fcgi -host sputnik:8888 Two environment variables affect how the C object is created, allowing C to be used as an external FastCGI server. (See C @@ -188,7 +188,7 @@ For example: - #!/usr/local/bin/perl # must be a FastCGI version of perl! + #!/usr/bin/perl use CGI::Fast; &do_some_initialization(); $ENV{FCGI_SOCKET_PATH} = "sputnik:8888"; debian/patches/series0000644000000000000000000000002312251665053012032 0ustar man-cgi-fast.patch debian/copyright0000644000000000000000000002501212251665053011126 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: CGI.pm Upstream-Contact: Mark Stosberg Source: https://metacpan.org/release/CGI.pm/ Files: * Copyright: 1995-2007, Lincoln D. Stein License: Artistic-2.0 or GPL-1+ Files: CGI/Pretty.pm Copyright: 1999, Brian Paulsen License: Artistic or GPL-1+ Files: debian/* Copyright: 2008-2009, Ansgar Burchardt 2008-2013, gregor herrmann 2008, AGOSTINI Yves 2008, Damyan Ivanov 2010-2011, Nicholas Bamber 2010, Jonathan Yu 2011, Niko Tyni License: Artistic-2.0 or Artistic or GPL-1+ License: Artistic This program is free software; you can redistribute it and/or modify it under the terms of the Artistic License, which comes with Perl. . On Debian systems, the complete text of the Artistic License can be found in `/usr/share/common-licenses/Artistic'. License: Artistic-2.0 Copyright (c) 2000-2006, The Perl Foundation. . Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. . Preamble . This license establishes the terms under which a given free software Package may be copied, modified, distributed, and/or redistributed. The intent is that the Copyright Holder maintains some artistic control over the development of that Package while still keeping the Package available as open source and free software. . You are always permitted to make arrangements wholly outside of this license directly with the Copyright Holder of a given Package. If the terms of this license do not permit the full use that you propose to make of the Package, you should contact the Copyright Holder and seek a different licensing arrangement. . Definitions . "Copyright Holder" means the individual(s) or organization(s) named in the copyright notice for the entire Package. . "Contributor" means any party that has contributed code or other material to the Package, in accordance with the Copyright Holder's procedures. . "You" and "your" means any person who would like to copy, distribute, or modify the Package. . "Package" means the collection of files distributed by the Copyright Holder, and derivatives of that collection and/or of those files. A given Package may consist of either the Standard Version, or a Modified Version. . "Distribute" means providing a copy of the Package or making it accessible to anyone else, or in the case of a company or organization, to others outside of your company or organization. . "Distributor Fee" means any fee that you charge for Distributing this Package or providing support for this Package to another party. It does not mean licensing fees. . "Standard Version" refers to the Package if it has not been modified, or has been modified only in ways explicitly requested by the Copyright Holder. . "Modified Version" means the Package, if it has been changed, and such changes were not explicitly requested by the Copyright Holder. . "Original License" means this Artistic License as Distributed with the Standard Version of the Package, in its current version or as it may be modified by The Perl Foundation in the future. . "Source" form means the source code, documentation source, and configuration files for the Package. . "Compiled" form means the compiled bytecode, object code, binary, or any other form resulting from mechanical transformation or translation of the Source form. . Permission for Use and Modification Without Distribution . (1) You are permitted to use the Standard Version and create and use Modified Versions for any purpose without restriction, provided that you do not Distribute the Modified Version. . Permissions for Redistribution of the Standard Version . (2) You may Distribute verbatim copies of the Source form of the Standard Version of this Package in any medium without restriction, either gratis or for a Distributor Fee, provided that you duplicate all of the original copyright notices and associated disclaimers. At your discretion, such verbatim copies may or may not include a Compiled form of the Package. . (3) You may apply any bug fixes, portability changes, and other modifications made available from the Copyright Holder. The resulting Package will still be considered the Standard Version, and as such will be subject to the Original License. . Distribution of Modified Versions of the Package as Source . (4) You may Distribute your Modified Version as Source (either gratis or for a Distributor Fee, and with or without a Compiled form of the Modified Version) provided that you clearly document how it differs from the Standard Version, including, but not limited to, documenting any non-standard features, executables, or modules, and provided that you do at least ONE of the following: . (a) make the Modified Version available to the Copyright Holder of the Standard Version, under the Original License, so that the Copyright Holder may include your modifications in the Standard Version. (b) ensure that installation of your Modified Version does not prevent the user installing or running the Standard Version. In addition, the Modified Version must bear a name that is different from the name of the Standard Version. (c) allow anyone who receives a copy of the Modified Version to make the Source form of the Modified Version available to others under (i) the Original License or (ii) a license that permits the licensee to freely copy, modify and redistribute the Modified Version using the same licensing terms that apply to the copy that the licensee received, and requires that the Source form of the Modified Version, and of any works derived from it, be made freely available in that license fees are prohibited but Distributor Fees are allowed. . Distribution of Compiled Forms of the Standard Version or Modified Versions without the Source . (5) You may Distribute Compiled forms of the Standard Version without the Source, provided that you include complete instructions on how to get the Source of the Standard Version. Such instructions must be valid at the time of your distribution. If these instructions, at any time while you are carrying out such distribution, become invalid, you must provide new instructions on demand or cease further distribution. If you provide valid instructions or cease distribution within thirty days after you become aware that the instructions are invalid, then you do not forfeit any of your rights under this license. . (6) You may Distribute a Modified Version in Compiled form without the Source, provided that you comply with Section 4 with respect to the Source of the Modified Version. . Aggregating or Linking the Package . (7) You may aggregate the Package (either the Standard Version or Modified Version) with other packages and Distribute the resulting aggregation provided that you do not charge a licensing fee for the Package. Distributor Fees are permitted, and licensing fees for other components in the aggregation are permitted. The terms of this license apply to the use and Distribution of the Standard or Modified Versions as included in the aggregation. . (8) You are permitted to link Modified and Standard Versions with other works, to embed the Package in a larger work of your own, or to build stand-alone binary or bytecode versions of applications that include the Package, and Distribute the result without restriction, provided the result does not expose a direct interface to the Package. . Items That are Not Considered Part of a Modified Version . (9) Works (including, but not limited to, modules and scripts) that merely extend or make use of the Package, do not, by themselves, cause the Package to be a Modified Version. In addition, such works are not considered parts of the Package itself, and are not subject to the terms of this license. . General Provisions . (10) Any use, modification, and distribution of the Standard or Modified Versions is governed by this Artistic License. By using, modifying or distributing the Package, you accept this license. Do not use, modify, or distribute the Package, if you do not accept this license. . (11) If your Modified Version has been derived from a Modified Version made by someone other than you, you are nevertheless required to ensure that your Modified Version complies with the requirements of this license. . (12) This license does not grant you the right to use any trademark, service mark, tradename, or logo of the Copyright Holder. . (13) This license includes the non-exclusive, worldwide, free-of-charge patent license to make, have made, use, offer to sell, import and otherwise transfer the Package with respect to any patent claims licensable by the Copyright Holder that are necessarily infringed by the Package. If you institute patent litigation (including a cross-claim or counterclaim) against any party alleging that the Package constitutes direct or contributory patent infringement, then this Artistic License to you shall terminate on the date that such litigation is filed. . (14) Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: GPL-1+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. . On Debian systems, the complete text of version 1 of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-1'. debian/watch0000644000000000000000000000014712251665053010226 0ustar version=3 https://metacpan.org/release/CGI/ .*/CGI.pm-v?(\d[\d.-]+)\.(?:tar(?:\.gz|\.bz2)?|tgz|zip)$ debian/libcgi-pm-perl.examples0000644000000000000000000000001312251665053013530 0ustar examples/*