Commits · 027577686d83786a54e8fb408ddb313a2ea13c73 · dimbor / nx-libs

26 Apr, 2015 6 commits

debian/roll-tarballs.sh: use more quotes. · 02757768

authored Apr 26, 2015

Fixes potential bugs, including one triggered by an unquoted hash within
the command line. BASH accepts this. Other shells do not (i.e., treat
everything following the hash character as a comment.)

Cherry-picked from Arctica GH 3.6.x branch.

Conflicts:
    debian/roll-tarballs.sh

02757768

nxcompshad: Prevent underlinking by linking to libNX_Xext. · 9525d073
Mike Gabriel authored Apr 27, 2015
```
Adds:
    - 0650_nxcompshad_link-to-NX_Xext.full.patch
```
9525d073
nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes). · ef24d649
Mike Gabriel authored Apr 27, 2015
```
Adds:
    - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch
```
ef24d649

CVE patches were previously not included in release tarballs. · 96efadac

authored Apr 26, 2015

Rename:
    - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch =>
      1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch
    - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch =>
      1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch
    - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch =>
      1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch
    - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch =>
      1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch
    - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch =>
      1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch
    - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch =>
      1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch
    - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch =>
      1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch
    - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch =>
      1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch
    - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch =>
      1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch
    - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch =>
      1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch
    - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch =>
      1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
    - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch =>
      1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch
    - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch =>
      1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch
    - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch =>
      1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
    - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch =>
      1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
    - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch =>
      1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
    - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch =>
      1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch
    - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch =>
      1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch
    - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch =>
      1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch
    - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch =>
      1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch
    - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch =>
      1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch
    - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch =>
      1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch
    - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch =>
      1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch
    - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch =>
      1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch
    - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch =>
      1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch
    - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch =>
      1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch
    - 1027-render-check-request-size-before-reading-it-CVE-2014.patch =>
      1027-render-check-request-size-before-reading-it-CVE.full.patch
    - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch =>
      1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch
    - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch =>
      1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch
    - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch =>
      1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch
    - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch =>
      1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch
    - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch =>
      1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch
    - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch =>
      1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch
    - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch =>
      1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch
    - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch =>
      1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch
    - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch =>
      1036-glx-Integer-overflow-protection-for-non-generat.full.patch
    - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch =>
      1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch
    - 1038-glx-Length-checking-for-non-generated-single-request.patch =>
      1038-glx-Length-checking-for-non-generated-single-re.full.patch
    - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch =>
      1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch
    - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch =>
      1040-glx-Pass-remaining-request-length-into-varsize-.full.patch
    - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch =>
      1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch
    - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch =>
      1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch
    - 1101-Coverity-844-845-846-Fix-memory-leaks.patch =>
      1101-Coverity-844-845-846-Fix-memory-leaks.full.patch
    - 1102-include-introduce-byte-counting-functions.patch =>
      1102-include-introduce-byte-counting-functions.full.patch
    - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch =>
      1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch
    - 1104-xkb-Check-strings-length-against-request-size.patch =>
      1104-xkb-Check-strings-length-against-request-size.full.patch

96efadac

Security fixes: X.Org CVE-2013-7439: · 79a4ed92

authored Apr 26, 2015

v2: backport to 3.5.0.x branch. (Mihai Moldovan)

Adds:
  - 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch

79a4ed92

nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853. · ca361757
Bernard Cafarelli authored Apr 26, 2015
```
v2: generally link to libdl in all of nx-X11. (Mike Gabriel)

Adds:
  - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch
```
ca361757

29 Mar, 2015 3 commits
- nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c. · 952e320c
  Mihai Moldovan authored Mar 29, 2015
```
Affects:
  - 0990_fix-DEBUG-and-TEST-builds.full.patch
```
  952e320c
- nx-X11: fix typo in previous patch. · da6bb07a
  Mihai Moldovan authored Mar 29, 2015
```
Affects:
  - 0017_nx-X11_fix-SetPictureFilter.full.patch
```
  da6bb07a
- nx-X11: handle source pictures (those without a Drawable surface) gracefully. · 52224aa8
  Mihai Moldovan authored Mar 29, 2015
```
Adds:
  - 0017_nx-X11_fix-SetPictureFilter.full.patch
```
  52224aa8
25 Mar, 2015 1 commit

Only use the first three numbers in the full version for current_version on OS… · a88fc716

authored Mar 26, 2015

Only use the first three numbers in the full version for current_version on OS X. ld(1) on 10.6 fails otherwise.

Affected:
  - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
  - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch
  - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch

a88fc716

17 Mar, 2015 5 commits
- Continue development · 1e0adb71
  X2Go Release Manager authored Mar 17, 2015
  
  1e0adb71
- Mid-release fixup: Rename *nxcomp{ext,shad}*.full+lite* to *nxcomp{ext,shad}*.full*. · 71589a05
  X2Go Release Manager authored Mar 17, 2015
  
  71589a05
- release 3.5.0.31 · 8963b8e7
  X2Go Release Manager authored Mar 17, 2015
  
  8963b8e7
- nx-libs.spec: add overlooked Obsolete: statement to libNX_Xfixes3. · b30a05e3
  Mihai Moldovan authored Mar 17, 2015
  
  b30a05e3
- nx-libs.spec: Versioned libXcomp* should obsolete unversioned libXcomp*, not libNX_Xcomp*. · 605c27e5
  Mihai Moldovan authored Mar 17, 2015
  
  605c27e5
16 Mar, 2015 1 commit

nx{comp{,ext,shad},proxy}: try really hard to find makedepend. Do not fail if it is not available. · 06b51cc3

authored Mar 16, 2015

Also rename to account for dependency changes:
    - 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch =>
      0410_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch
    - 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch =>
      0610_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch
    - 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch =>
      0611_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch
    - 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch =>
      0612_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch
    - 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch =>
      0613_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch
    - 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch =>
      0614_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch
    - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
      =>
      0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
    - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
      =>
      0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch

06b51cc3

15 Mar, 2015 4 commits

nxcomp{,ext,shad}: use the correct library naming scheme on OS X. It differs… · 91f1fed2

authored Mar 15, 2015

nxcomp{,ext,shad}: use the correct library naming scheme on OS X. It differs from other UNIX-based systems.

Adds:
  - 0410_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
  - 0610_nxcompext_use-correct-library-naming-scheme-on-OS-X.full+lite.patch
  - 0611_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full+lite.patch

91f1fed2

nxcomp{,shad}: fix dynamic library linking on OS X. Use -dynamiclib instead of -bundle. · d055e523
Clemens Lang authored Mar 15, 2015
```
Adds:
  - 0074_nxcomp_use-dynamiclib-flag-on-OS-X.full+lite.patch
  - 0075_nxcompshad_use-dynamiclib-flag-on-OS-X.full+lite.patch
```
d055e523

nx{comp{,ext,shad},proxy}: use path discovery for finding makedepend. Remove old cruft. Adds: · 8b45079e

authored Mar 15, 2015

  - 0070_nxcomp_use-MAKEDEPEND-in-path.full+lite.patch
  - 0071_nxcompext_use-MAKEDEPEND-in-path.full+lite.patch
  - 0072_nxcompshad_use-MAKEDEPEND-in-path.full+lite.patch
  - 0073_nxproxy_use-MAKEDEPEND-in-path.full+lite.patch

8b45079e

debian/changelog: merge with 3.6.x development branch. · d8b5ca2b
Mihai Moldovan authored Mar 15, 2015

d8b5ca2b

14 Mar, 2015 2 commits
- Continue development · a90faa17
  X2Go Release Manager authored Mar 15, 2015
  
  a90faa17
- release 3.5.0.30 · 9c9b892f
  Mike Gabriel authored Mar 14, 2015
  
  9c9b892f
13 Mar, 2015 3 commits
- Continue development · 69b82c8f
  X2Go Release Manager authored Mar 13, 2015
  
  69b82c8f
- debian/roll-tarballs.sh: fix tarball creation in lite mode: do not try to fixup… · 12a395aa
  X2Go Release Manager authored Mar 13, 2015
```
debian/roll-tarballs.sh: fix tarball creation in lite mode: do not try to fixup NX-X11 directory (it won't be there.)
```
  12a395aa
- release 3.5.0.29 · 8367380e
  X2Go Release Manager authored Mar 13, 2015
  
  8367380e
18 Feb, 2015 1 commit

X.org CVE-2015-0255 patch and its 3 prereq patches · 2b2a02f9

authored Feb 18, 2015

1101-Coverity-844-845-846-Fix-memory-leaks.patch
1102-include-introduce-byte-counting-functions.patch
1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patc
1104-xkb-Check-strings-length-against-request-size.patch

(The last patch is the CVE-2015-0255 patch.)

2b2a02f9

16 Feb, 2015 8 commits

Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Fix… · ac2937e7
Mike Gabriel authored Feb 16, 2015
```
Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Fix broken comment paragraph, whitespace fix.
```
ac2937e7

CVE security review: Add… · 650181c2

authored Feb 16, 2015

CVE security review: Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch & 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.

  - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch.
    Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c).
  - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
    Do proper input validation to fix for CVE-2011-2895.

650181c2

CVE security review [1/2]. · ae898ff1

authored Feb 16, 2015

* CVE security review [1/2]:
  - Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch.
    Use xfree() instead of free() in nx-libs.
  - Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch.
    Apply correctly on nx-libs 3.6.x.
  - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch.
    Human-readable version of "1 MB".

ae898ff1

debian/changelog: fix too-long lines · f74f59d2
Mike Gabriel authored Feb 16, 2015

f74f59d2
Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp uninstallation… · ffb64d2b
Mike Gabriel authored Feb 16, 2015
```
Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp uninstallation has to be in uninstall-lite, not in uninstall-full.
```
ffb64d2b
Make install-lite rule in Makefile.nx-libs more predictable and not rely on nxproxy/Makefile.in. · d2ff2138
Mike Gabriel authored Feb 16, 2015

d2ff2138
Install "%{_libdir}/nx/bin" into nxproxy package. · 0a423ce8
Mike Gabriel authored Feb 14, 2015

0a423ce8
nx-libs.spec: Typo fix in comment. · db328b61
Mike Gabriel authored Feb 14, 2015

db328b61

14 Feb, 2015 6 commits

Fix FTBFS due to the nxproxy executable already existing under /usr/lib/nx/bin/nx · 7b0c8a2a
Mike DePaulo authored Feb 14, 2015

7b0c8a2a

40 patches, fixing several X.Org CVEs in NX. · 45878811

authored Feb 14, 2015

* Security fixes:
  - Rebase loads of X.Org patches (mainly from RHEL-5) against NX. If not
    all patches from a CVE patch series appear here, then it means that
    the affected file/code is not used in NX at build time.
  - X.Org CVE-2011-2895:
      1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
  - X.Org CVE-2011-4028:
      1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch
  - X.Org CVE-2013-4396:
      1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch
  - X.Org CVE-2013-6462:
      1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
  - X.Org CVE-2014-0209:
      1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch
      1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch
  - X.Org CVE-2014-0210:
      1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch
      1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch
      1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch
      1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch
      1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch
      1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
      1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
  - X.Org CVE-2014-0211:
      1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch
      1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch
      1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch
      1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch
  - X.Org CVE-2014-8092:
      1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch
      1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch
      1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch
      1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch
  - X.Org CVE-2014-8097:
      1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch
  - X.Org CVE-2014-8095:
      1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch
  - X.Org CVE-2014-8096:
      1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch
  - X.Org CVE-2014-8099:
      1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch
  - X.Org CVE-2014-8100:
      1027-render-check-request-size-before-reading-it-CVE-2014.patch
      1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch
  - X.Org CVE-2014-8102:
      1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch
  - X.Org CVE-2014-8101:
      1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch
  - X.Org CVE-2014-8093:
      1031-glx-Be-more-paranoid-about-variable-length-requests-.patch
      1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch
      1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch
      1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch
      1036-glx-Integer-overflow-protection-for-non-generated-re.patch
  - X.Org CVE-2014-8098:
      1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch
      1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch
      1038-glx-Length-checking-for-non-generated-single-request.patch
      1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch
      1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch
  - Security fixes with no assigned CVE:
      1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch

45878811

remove item from changelog that got reverted · f46d1179
Mike Gabriel authored Feb 14, 2015

f46d1179
Patch system: Prepend a "0" to every patch file name in debian/patches/. Adapt… · 09d2732b
Mike Gabriel authored Feb 14, 2015
```
Patch system: Prepend a "0" to every patch file name in debian/patches/. Adapt only this changelog stanza to this modification.
```
09d2732b
Use proper quoting on build flag vars (they may contain spaces). · 8c98a401
Mike Gabriel authored Feb 14, 2015
```
Conflicts (resolved by Mike Gabriel after cherry-pick from 3.6.x branch):
	debian/rules
```
8c98a401
Revert "Fix build when LDFLAGS (etc) contains spaces." · 863119ed
Mike Gabriel authored Feb 14, 2015
```
This reverts commit 4436e979.
```
863119ed