| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| GIT-Add-p-path-option-to-restrict-scripts.patch | [PATCH 2/3] Add `-p path` option to restrict scripts If the purpose of fcgiwrap is to wrap cgit, then I want to be sure that no other program can be executed under the privileges of the fcgiwrap user. When the option `-p path` is given, only the programs specified by `path` are allowed to execute (multiple occurrences of `-p` are merged to form a list of allowed programs). Note that this value will be matched literally, no attempt is done to canonicalize the path. This also implies that glob patterns or directories will never match. |
Peter Wu <lekensteyn@gmail.com> | no | 2013-04-13 | ||
| fix_systemd.patch | Modify default user/group and socket path to match sysvinit. | Sergio Talens-Oliag <sto@debian.org> | no | |||
| systemd_socket_requires.patch | Require fcgiwrap.socket in fcgiwrap.service. To ensure the socket is created on installation, make fcgiwrap.service Require fcgiwrap.socket. =================================================================== |
Jordi Mallach <jordi@debian.org> | no | debian | ||
| libsystemd.patch | Transition to libsystemd. diff --git a/configure.ac b/configure.ac index bb3674e..2b02ef4 100644 |
Michael Biebl <biebl@debian.org> | no | |||
| systemd_use_defaults.patch | use DAEMON_OPTS from "defaults" file. | Dmitry Smirnov <onlyjob@member.fsf.org> | no | 2015-07-18 | ||
| declare_cgi_error_noreturn.patch | Declare cgi_error noreturn This declares the function cgi_error with the attribute __noreturn__ to hint to GCC/Clang that the function exits the program and to prevent implicit-fallthrough warnings in the function handle_fcgi_request. |
Peter Colberg <peter@colberg.org> | yes | debian | 2017-08-05 | |
| propagate-CC-from-configure-to-make-to-fix-cross-building.patch | Propagate CC from configure to make to fix cross-building | Helmut Grohne <helmut@subdivi.de> | yes | debian | 2018-12-08 | |
| add-environment-variable-NO_BUFFERING-to-disable-output-buffering.patch | Add environment variable NO_BUFFERING to disable output buffering | Peter Colberg <peter@colberg.org> | yes | debian upstream | https://github.com/notr1ch/fcgiwrap/commit/84c8b63fef6e400894ccc3c67f350ef868ab2e14.patch | 2018-12-08 |
| systemd_socket_permissions.patch | [PATCH] Tighten permissions and ownership of fcgiwrap socket. This was previously mode 0666, thus writable by any user, which could lead to trivial privilege escalation to www-data. |
Jordi Mallach <jordi@debian.org> | no | 2022-11-21 |