Package: sponsorship-requests Severity: normal Dear mentors,
I am looking for a sponsor for my package "mini-httpd": * Package name : mini-httpd Version : 1.30-10 Upstream contact : Jef Poskanzer j...@mail.acme.com * URL : https://www.acme.com/software/mini_httpd * License : BSD-2-clause * Vcs : https://salsa.debian.org/debian/mini-httpd Section : web The source builds the following binary packages: mini-httpd - Small HTTP server To access further information about this package, please visit the following URL: https://mentors.debian.net/package/mini-httpd/ Alternatively, you can download the package with 'dget' using this command: dget -x https://mentors.debian.net/debian/pool/main/m/mini-httpd/mini-httpd_1.30-10.dsc Changes since the last upload: mini-httpd (1.30-10) unstable; urgency=medium * Added patch improving handling of "charset=%s" in error pages and directory listing. Before, a literal "%s" was output as opposed to the actual charset. Now, the correct charset (UTF-8 for dirs and ISO-8859-1 for err) is output. Thanks again, Alexander Foken ! (Closes: #714549) * Added a SystemD DocumentationKey entry fixing lintian warning. This points to the manpage for now. * Added SystemD hardening features to service. The directives I have provided should have no impact. I've confirmed no impact to basic functionality, vhosting, error pages and CGI. I managed to get the service to a "4.7 - OK" rating by using systemd-analyze security mini-httpd (all the way from 9.6). I have NOT enabled hardening features which have a high change of impacting functionality such as removing CAP_CHROOT which would mean mini_httpd's chroot mode of operation is forbidden. Help is welcome in improving these options (maybe someone with a security background could chip in). Regards, -- Alexandru Mihail mini-httpd maintainer
signature.asc
Description: This is a digitally signed message part
