[ubuntu/lucid] apache2 2.2.14-5ubuntu1 (Accepted)

Bhavani Shankar right2bhavi at gmail.com
Fri Jan 15 04:45:24 GMT 2010 

apache2 (2.2.14-5ubuntu1) lucid; urgency=low

  * Merge from debian testing.  Remaining changes: LP: #506862
    - debian/{control, rules}: Enable PIE hardening.
    - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
    - debian/control: Add bzr tag and point it to our tree.

apache2 (2.2.14-5) unstable; urgency=low

  * Security: Further mitigation for the TLS renegotation attack
    (CVE-2009-3555): Disable keep-alive if parts of the next request have
    already been received when doing a renegotiation. This defends against
    some request splicing attacks.
  * Print a useful error message if 'apache2ctl status' fails. Add a comment
    to /etc/apache2/envvars on how to change the options for www-browser.
    Closes: #561496, #272069
  * Improve function to detect apache2 pid in init-script (closes: #562583).
  * Add hint README.Debian on how to pass auth info to CGI scripts.
    Closes: #483219
  * Re-introduce objcopy magic to avoid dangling symlinks to the debug info
    in the mpm packages. Closes: #563278
  * Make apxs2 use a2enmod and /etc/apache2/mods-available. Closes: #470178,
    LP: #500703
  * Point to README.backtrace in apache2-dbg's description.
  * Use more debhelper functions to simplify debian/rules.
  * Add misc-depends to various packages to make lintian happy.
  * Change build-dep from libcap2-dev to libcap-dev because of package rename.

Date: Wed, 13 Jan 2010 14:28:41 +0530
Changed-By: Bhavani Shankar <right2bhavi at gmail.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Mathias Gug <mathiaz at ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/apache2/2.2.14-5ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 13 Jan 2010 14:28:41 +0530
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source
Version: 2.2.14-5ubuntu1
Distribution: lucid
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Bhavani Shankar <right2bhavi at gmail.com>
Description: 
 apache2    - Apache HTTP Server metapackage
 apache2-dbg - Apache debugging symbols
 apache2-doc - Apache HTTP Server documentation
 apache2-mpm-event - Apache HTTP Server - event driven model
 apache2-mpm-itk - multiuser MPM for Apache 2.2
 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
 apache2-mpm-worker - Apache HTTP Server - high speed threaded model
 apache2-prefork-dev - Apache development headers - non-threaded MPM
 apache2-suexec - Standard suexec program for Apache 2 mod_suexec
 apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
 apache2-threaded-dev - Apache development headers - threaded MPM
 apache2-utils - utility programs for webservers
 apache2.2-bin - Apache HTTP Server common binary files
 apache2.2-common - Apache HTTP Server common files
Closes: 272069 470178 483219 561496 562583 563278
Changes: 
 apache2 (2.2.14-5ubuntu1) lucid; urgency=low
 .
   * Merge from debian testing.  Remaining changes: LP: #506862
     - debian/{control, rules}: Enable PIE hardening.
     - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
     - debian/control: Add bzr tag and point it to our tree.
 .
 apache2 (2.2.14-5) unstable; urgency=low
 .
   * Security: Further mitigation for the TLS renegotation attack
     (CVE-2009-3555): Disable keep-alive if parts of the next request have
     already been received when doing a renegotiation. This defends against
     some request splicing attacks.
   * Print a useful error message if 'apache2ctl status' fails. Add a comment
     to /etc/apache2/envvars on how to change the options for www-browser.
     Closes: #561496, #272069
   * Improve function to detect apache2 pid in init-script (closes: #562583).
   * Add hint README.Debian on how to pass auth info to CGI scripts.
     Closes: #483219
   * Re-introduce objcopy magic to avoid dangling symlinks to the debug info
     in the mpm packages. Closes: #563278
   * Make apxs2 use a2enmod and /etc/apache2/mods-available. Closes: #470178,
     LP: #500703
   * Point to README.backtrace in apache2-dbg's description.
   * Use more debhelper functions to simplify debian/rules.
   * Add misc-depends to various packages to make lintian happy.
   * Change build-dep from libcap2-dev to libcap-dev because of package rename.
Checksums-Sha1: 
 cccf96d2c0f979dcea24f40292fd16a1d2108fb1 2025 apache2_2.2.14-5ubuntu1.dsc
 def66637abd97ca1030fc90a8fea1f76e3254bb3 195311 apache2_2.2.14-5ubuntu1.diff.gz
Checksums-Sha256: 
 6e2edeb718d2e7ae5f8ee5e9ae0660fb53bf13f837ddb6c9803764df6000c812 2025 apache2_2.2.14-5ubuntu1.dsc
 2bec81056d85689137dee0b524d7037777b2a70a62c4529f3ed6edbdda0e60a3 195311 apache2_2.2.14-5ubuntu1.diff.gz
Files: 
 9b9c3629bd0f25fdceea9b3c52fac85f 2025 httpd optional apache2_2.2.14-5ubuntu1.dsc
 904ea942e9cee8d8bcbe39a78042331c 195311 httpd optional apache2_2.2.14-5ubuntu1.diff.gz
Launchpad-Bugs-Fixed: 500703 506862
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2
Original-Vcs-Svn: svn://svn.debian.org/pkg-apache/trunk/apache2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktP8qEACgkQM0thG+z3pVj5nQCfb8aTaGF5AehkDL4KLZVuiaVy
PI8An2FzUFU2UGY0U5dZvqych1FsqI22
=Ml4y
-----END PGP SIGNATURE-----

More information about the Lucid-changes mailing list