cpp-httplib - Debian Package Tracker

general

source: cpp-httplib (main)
version: 0.16.3+ds-2
maintainer: Andrea Pappacoda (DMD) (LowNMU) (DM)
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 0.11.4+ds-1+deb12u1
testing: 0.16.3+ds-2
unstable: 0.16.3+ds-2
exp: 0.18.0+ds-1

versioned links

0.11.4+ds-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.16.3+ds-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.18.0+ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcpp-httplib-dev
libcpp-httplib0.16

action needed

A new upstream version is available: 0.18.5 high

A new upstream version 0.18.5 is available, you should consider packaging it.

Created: 2024-09-03 Last update: 2025-02-07 17:01

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2025-0825: cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

Created: 2025-02-07 Last update: 2025-02-07 10:00

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-0825: cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

Created: 2025-02-07 Last update: 2025-02-07 10:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2025-0825: cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

Created: 2025-02-07 Last update: 2025-02-07 10:00

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-02-07 18:00

141 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit f8702fa6013fa3c7657fed6efeee95e2880df5d1
Merge: 6e947f6 ebac2a3
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:36:00 2024 +0200

    Declare fast forward / record previous work
    
    [git-debrebase pseudomerge: quick]

commit 6e947f634baec893653d78a57ac1b0ba96da9123
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 16:00:41 2024 +0200

    test(meson): copy files in www directory
    
    These files were added in commits
    2d01e712866d3ed17d33569b8fa5345f5cade146 and
    b8315278cb4c313e97f9b980d29b09d35f742a97
    
    Forwarded: no
    Last-Update: 2024-09-17

commit b7b71aa74a1a6c98856187531ec3ee85835a3b0e
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 15:08:21 2024 +0200

    test(meson): fix SSLClientServerTest.* tests with OpenSSL 3.2.0
    
    Since OpenSSL commit
    <https://github.com/openssl/openssl/commit/342e3652c791bdb06e08abcc169b4456c83ccd00>,
    the default X.509 certificate format generated with the `openssl req`
    command has been changed to X.509 v3 from X.509 v1.
    
    For some reason, this change breaks cpp-httplib's SSLClientServerTest.*
    tests.
    
    To fix the test failures, this patch passes the '-x509v1' flag instead
    of '-x509' when OpenSSL 3.2.0 or newer is detected. To detect the
    version of a command line utility, Meson 0.62.0 or later is required.
    
    Fixes <https://github.com/yhirose/cpp-httplib/issues/1798>, but only for
    the Meson build system.
    
    Bug: https://github.com/yhirose/cpp-httplib/issues/1798
    Bug-Debian: https://bugs.debian.org/1069357
    Forwarded: https://github.com/yhirose/cpp-httplib/pull/1940
    Last-Update: 2024-09-17

commit 69d758caa698953d45f412548cb3e1fdd58c1bf7
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 15:07:28 2024 +0200

    build(meson): bump minimum version to 0.62.0
    
    This allows making some minor cleanups
    
    Bug: https://github.com/yhirose/cpp-httplib/issues/1798
    Bug-Debian: https://bugs.debian.org/1069357
    Forwarded: https://github.com/yhirose/cpp-httplib/pull/1940
    Last-Update: 2024-09-17

commit f4cb0d3677fa482f6d6982f0319dd27fa8db9ebe
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:35:34 2024 +0200

    Update changelog for 0.18.0+ds-1 release

commit e75736a643064feb635c6cc46993f87f6caa131f
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:19:06 2024 +0200

    d/control: add build dependency on libcurl-dev

commit 07c0e10bd550f7e0250cc4908855269d1612e6fa
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:15:35 2024 +0200

    d/control: bump minimum meson version to 0.62.0
    
    Gbp-Dch: Ignore

commit 638cf3de90e59bb5f6e69213b96a48153d847392
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:13:55 2024 +0200

    d/control: move meson to Build-Depends-Arch
    
    It isn't needed to run the clean target
    
    Gbp-Dch: Ignore

commit 1a0b56e3d99a6adb39483d1d0d8b794c662e1264
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:13:11 2024 +0200

    d/control: libcpp-httplib0.16 -> libcpp-httplib0.18

commit 26053d0e4e2d7f1499d38c198549e1755a94b055
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:10:36 2024 +0200

    d/control: apply X-Style: black

commit 55fd06a9ed82e18650d45fe5d1e563518cad866d
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:06:35 2024 +0200

    Update changelog for new upstream 0.18.0+ds
    
    [git-debrebase changelog: new upstream 0.18.0+ds]

commit 8f0b1c06702832d237825eea3929b94ec61cec6c
Merge: 2220fd3 ad1d5e4
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:06:34 2024 +0200

    Update to upstream 0.18.0+ds
    
    [git-debrebase anchor: new upstream 0.18.0+ds, merge]

commit 2220fd369e33fd60bbef8c680034b32451155266
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:05:59 2024 +0200

    d/copyright: exclude benchmark/

commit a4c431420b070e3d5f8133e8b98765f8ec19f54b
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 16:59:40 2024 +0200

    d/gbp.conf: automatically import new upstream with debrebase
    
    Gbp-Dch: Ignore

commit ad1d5e49bab6b2241a8c44945fdd7878be14e990
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:06:33 2024 +0200

    New upstream version 0.18.0+ds

commit ebac2a3ddd01c63189b4937e99c2f255bcaa8b20
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 17:05:59 2024 +0200

    d/copyright: exclude benchmark/

commit 47bc0626e38660a2171ca2a2a266213fd6ca280a
Author: Andrea Pappacoda <andrea@pappacoda.it>
Date:   Tue Sep 17 16:59:40 2024 +0200

    d/gbp.conf: automatically import new upstream with debrebase
    
    Gbp-Dch: Ignore

Created: 2024-09-17 Last update: 2025-01-30 16:02

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2021-11-27 Last update: 2022-02-24 19:31

testing migrations

This package will soon be part of the auto-cpp-httplib transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2024-10-06] Accepted cpp-httplib 0.18.0+ds-1 (source arm64) into experimental (Debian FTP Masters) (signed by: Christian Hofstaedtler)
[2024-09-20] cpp-httplib 0.16.3+ds-2 MIGRATED to testing (Debian testing watch)
[2024-09-17] Accepted cpp-httplib 0.16.3+ds-2 (source) into unstable (Andrea Pappacoda)
[2024-08-21] cpp-httplib 0.16.3+ds-1 MIGRATED to testing (Debian testing watch)
[2024-08-18] Accepted cpp-httplib 0.16.3+ds-1 (source) into unstable (Andrea Pappacoda)
[2024-08-03] Accepted cpp-httplib 0.16.0+ds-1 (source amd64) into experimental (Debian FTP Masters) (signed by: bage@debian.org)
[2024-07-10] cpp-httplib 0.15.3+ds-3 MIGRATED to testing (Debian testing watch)
[2024-07-07] Accepted cpp-httplib 0.15.3+ds-3 (source) into unstable (Andrea Pappacoda)
[2024-06-26] cpp-httplib 0.15.3+ds-2 MIGRATED to testing (Debian testing watch)
[2024-06-23] Accepted cpp-httplib 0.15.3+ds-2 (source) into unstable (Andrea Pappacoda)
[2024-06-23] Accepted cpp-httplib 0.15.3+ds-1 (source amd64) into experimental (Debian FTP Masters) (signed by: bage@debian.org)
[2024-05-03] cpp-httplib 0.14.3+ds-1.1 MIGRATED to testing (Debian testing watch)
[2024-02-28] Accepted cpp-httplib 0.14.3+ds-1.1 (source) into unstable (Steve Langasek)
[2024-01-30] Accepted cpp-httplib 0.14.3+ds-1.1~exp1 (source amd64) into experimental (Michael Hudson-Doyle)
[2023-12-27] cpp-httplib 0.14.3+ds-1 MIGRATED to testing (Debian testing watch)
[2023-12-24] Accepted cpp-httplib 0.14.3+ds-1 (source) into unstable (Andrea Pappacoda)
[2023-12-14] cpp-httplib 0.14.2+ds-1 MIGRATED to testing (Debian testing watch)
[2023-12-11] Accepted cpp-httplib 0.14.2+ds-1 (source) into unstable (Andrea Pappacoda)
[2023-12-04] cpp-httplib 0.14.1+ds-2 MIGRATED to testing (Debian testing watch)
[2023-11-30] Accepted cpp-httplib 0.14.1+ds-2 (source) into unstable (Andrea Pappacoda)
[2023-10-23] cpp-httplib 0.14.1+ds-1 MIGRATED to testing (Debian testing watch)
[2023-10-20] Accepted cpp-httplib 0.14.1+ds-1 (source) into unstable (Andrea Pappacoda)
[2023-09-17] Accepted cpp-httplib 0.14.0+ds-1 (source amd64) into experimental (Debian FTP Masters) (signed by: bage@debian.org)
[2023-09-03] cpp-httplib 0.13.1+ds-1 MIGRATED to testing (Debian testing watch)
[2023-07-16] Accepted cpp-httplib 0.11.4+ds-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Andrea Pappacoda)
[2023-07-15] Accepted cpp-httplib 0.13.1+ds-1 (source amd64) into unstable (Debian FTP Masters) (signed by: bage@debian.org)
[2023-07-15] cpp-httplib 0.11.4+ds-3 MIGRATED to testing (Debian testing watch)
[2023-07-13] Accepted cpp-httplib 0.11.4+ds-3 (source) into unstable (Andrea Pappacoda)
[2023-07-13] Accepted cpp-httplib 0.11.4+ds-2 (source) into unstable (Andrea Pappacoda)
[2023-01-16] cpp-httplib 0.11.4+ds-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 3
RC: 0
I&N: 2
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian
buildd: logs, exp, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.16.3+ds-2