[ubuntu/maverick] apache2 2.2.15-5ubuntu1 (Accepted)
Chuck Short
zulcss at ubuntu.com
Fri Jun 18 18:35:22 BST 2010
apache2 (2.2.15-5ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
- debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
+ Dropped:
- debian/patches/206-fix-potential-memory-leaks.dpatch: No longer needed.
- debian/patches/206-report-max-client-mpm-worker.dpatch: No longer needed.
- debian/config-dir/apache2.conf: Merged back from debian.
- mod-reqtimeout functionality: Merge back from debian.
- debian/patches/204_CVE-2010-0408.dpatch: No longer needed.
- debian/patches/205_CVE-2010-0434.dpatch: No longer needed.
- debian/patches/203_fix-ab-segfault.dpatch: No longer needed.
apache2 (2.2.15-5) unstable; urgency=low
* Conflict with apache package as we now include apachectl. Closes: #579065
* Remove conflicts with old apache 2.0 modules. The conflicts are not
necessary anymore as skipping a stable release is not supported anyway.
* Silence the grep in preinst.
apache2 (2.2.15-4) unstable; urgency=low
* Move definition of other_vhosts_access.log to new config file
/etc/apache2/conf.d/other-vhosts-access-log, but disable it
if it has been disabled by the admin. Closes: #576572. LP: #507616
* Comment out the contents of mods-available/proxy.conf, as it just
is a nuisance for use of apache2 as a reverse proxy, which is much
more common than the use as forward proxy. Extend the comments
in the file.
* Change defaults or add example configs for some modules:
status.conf:
- enable ExtendedStatus by default
- enable ProxyStatus by default
- document SeeRequestTail directive
proxy_ftp.conf:
- set 'ProxyFtpDirCharset UTF-8' by default
ldap.conf:
- enable /ldap-status page, allow it from localhost by default
proxy_balancer.conf:
- add (disabled) example for /balancer-manager page
ssl.conf:
- document SSLStrictSNIVHostCheck directive
* Add symlink from apachectl to apache2ctl to be more compatible with
upstream. Apache httpd 1.3 hasn't been in Debian for some time.
* Simplify logrotate script. Closes: #576105
* Remove empty directory /usr/lib/debug/usr/sbin in mpm packages.
Closes: #576089
* Fix apxs2 to work with perl 5.12rc3. Closes: #577239
* Add source/format file to make lintian happy.
apache2 (2.2.15-3) unstable; urgency=low
* mod_reqtimeout: backport bugfixes from upstream trunk up to r928881,
including a fix for mod_proxy CONNECT requests.
* mod_dav_fs: Use correct permissions when creating new files. LP: #540747
apache2 (2.2.15-2) unstable; urgency=low
* Make the Files ~ "^\.ht" block in apache2.conf more secure by adding
Satisfy all. Closes: #572075
* mod_reqtimeout: Various bug fixes, including:
- Don't mess up timeouts of mod_proxy's backend connections.
Closes: #573163
apache2 (2.2.15-1) unstable; urgency=low
* New upstream version:
- CVE-2010-0408: mod_proxy_ajp: Fixes denial of service vulnerability
- CVE-2009-3555: mod_ssl: Improve the mitigation against SSL/TLS protocol
prefix injection attack.
- CVE-2010-0434: mod_headers: Fix potential information leak with threaded
MPMs.
- mod_reqtimeout: New module limiting the time waiting for receiving
a request from the client. This is a (partial) mitigation against
slowloris-type resource exhaustion attacks. The module is enabled by
default. Closes: #533661
- mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure
renegotiation with clients which do not yet support the secure
renegotiation protocol. As this requires openssl 0.9.8m, bump
build dependency accordingly.
* Fix bash completion for a2ensite if the site name contains 'conf' or
'load'. Closes: #572232
* Do a configcheck in the init script before doing a non-graceful restart.
Closes: #571461
apache2 (2.2.14-7) unstable; urgency=low
* Fix potential memory leaks related to the usage of apr_brigade_destroy().
* Add hints about correct mod_dav_fs configuration to README.Debian.
Closes: #257945
* Fix error in Polish translation of 404 error page. Closes: #570228
* Document ThreadLimit in apache2.conf's comments.
apache2 (2.2.14-6) unstable; urgency=low
* Use environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR, and
APACHE_LOG_DIR in the default configuration. If you have modified
/etc/apache2/envvars, make sure that these variables are set and exported.
* Add support for multiple apache2 instances to initscript and apache2ctl.
See /usr/share/doc/apache2.2-common/README.multiple-instances for details.
Closes: #353450
* Set default compiled-in ServerRoot to /etc/apache2 and make paths in
apache2.conf relative to ServerRoot.
* Move ab and logresolve from /usr/sbin to /usr/bin. Closes: #351450, #564061
* Fix symlinks in apache2-dbg package. Closes: #567076
* Fix mod_cache CacheIgnoreURLSessionIdentifiers handling. Closes: #556383
* Add new init script action graceful-stop (LP: #456381)
* Add more languages to mime.conf. To limit this to useful entries, we only
add those for which a translation of the Debian intaller exists. LP: #217964
* Unset $HOME in /etc/apache2/envvars.
* Change default config of mod_info and mod_status to use IP addresses
instead of hostnames. Otherwise the hostname is sometimes logged even with
'HostnameLookup Off'. Closes: #568409
* Add a hook to apache2.2-common's postrm script that may come in handy
when upgrading to 2.4.
* Make bug script also display php extensions.
* Bump Standards-Version (no changes).
* Remove Adam Conrad from Uploaders. Thanks for your work in the past.
Date: Wed, 05 May 2010 01:28:04 +0100
Changed-By: Chuck Short <zulcss at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chuck Short <chuck.short at canonical.com>
https://launchpad.net/ubuntu/maverick/+source/apache2/2.2.15-5ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 05 May 2010 01:28:04 +0100
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source
Version: 2.2.15-5ubuntu1
Distribution: maverick
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chuck Short <zulcss at ubuntu.com>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Closes: 257945 351450 353450 533661 556383 564061 567076 568409 570228 571461 572075 572232 573163 576089 576105 576572 577239 579065
Launchpad-Bugs-Fixed: 217964 456381 507616 540747
Changes:
apache2 (2.2.15-5ubuntu1) maverick; urgency=low
.
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
- debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
+ Dropped:
- debian/patches/206-fix-potential-memory-leaks.dpatch: No longer needed.
- debian/patches/206-report-max-client-mpm-worker.dpatch: No longer needed.
- debian/config-dir/apache2.conf: Merged back from debian.
- mod-reqtimeout functionality: Merge back from debian.
- debian/patches/204_CVE-2010-0408.dpatch: No longer needed.
- debian/patches/205_CVE-2010-0434.dpatch: No longer needed.
- debian/patches/203_fix-ab-segfault.dpatch: No longer needed.
.
apache2 (2.2.15-5) unstable; urgency=low
.
* Conflict with apache package as we now include apachectl. Closes: #579065
* Remove conflicts with old apache 2.0 modules. The conflicts are not
necessary anymore as skipping a stable release is not supported anyway.
* Silence the grep in preinst.
.
apache2 (2.2.15-4) unstable; urgency=low
.
* Move definition of other_vhosts_access.log to new config file
/etc/apache2/conf.d/other-vhosts-access-log, but disable it
if it has been disabled by the admin. Closes: #576572. LP: #507616
* Comment out the contents of mods-available/proxy.conf, as it just
is a nuisance for use of apache2 as a reverse proxy, which is much
more common than the use as forward proxy. Extend the comments
in the file.
* Change defaults or add example configs for some modules:
status.conf:
- enable ExtendedStatus by default
- enable ProxyStatus by default
- document SeeRequestTail directive
proxy_ftp.conf:
- set 'ProxyFtpDirCharset UTF-8' by default
ldap.conf:
- enable /ldap-status page, allow it from localhost by default
proxy_balancer.conf:
- add (disabled) example for /balancer-manager page
ssl.conf:
- document SSLStrictSNIVHostCheck directive
* Add symlink from apachectl to apache2ctl to be more compatible with
upstream. Apache httpd 1.3 hasn't been in Debian for some time.
* Simplify logrotate script. Closes: #576105
* Remove empty directory /usr/lib/debug/usr/sbin in mpm packages.
Closes: #576089
* Fix apxs2 to work with perl 5.12rc3. Closes: #577239
* Add source/format file to make lintian happy.
.
apache2 (2.2.15-3) unstable; urgency=low
.
* mod_reqtimeout: backport bugfixes from upstream trunk up to r928881,
including a fix for mod_proxy CONNECT requests.
* mod_dav_fs: Use correct permissions when creating new files. LP: #540747
.
apache2 (2.2.15-2) unstable; urgency=low
.
* Make the Files ~ "^\.ht" block in apache2.conf more secure by adding
Satisfy all. Closes: #572075
* mod_reqtimeout: Various bug fixes, including:
- Don't mess up timeouts of mod_proxy's backend connections.
Closes: #573163
.
apache2 (2.2.15-1) unstable; urgency=low
.
* New upstream version:
- CVE-2010-0408: mod_proxy_ajp: Fixes denial of service vulnerability
- CVE-2009-3555: mod_ssl: Improve the mitigation against SSL/TLS protocol
prefix injection attack.
- CVE-2010-0434: mod_headers: Fix potential information leak with threaded
MPMs.
- mod_reqtimeout: New module limiting the time waiting for receiving
a request from the client. This is a (partial) mitigation against
slowloris-type resource exhaustion attacks. The module is enabled by
default. Closes: #533661
- mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure
renegotiation with clients which do not yet support the secure
renegotiation protocol. As this requires openssl 0.9.8m, bump
build dependency accordingly.
* Fix bash completion for a2ensite if the site name contains 'conf' or
'load'. Closes: #572232
* Do a configcheck in the init script before doing a non-graceful restart.
Closes: #571461
.
apache2 (2.2.14-7) unstable; urgency=low
.
* Fix potential memory leaks related to the usage of apr_brigade_destroy().
* Add hints about correct mod_dav_fs configuration to README.Debian.
Closes: #257945
* Fix error in Polish translation of 404 error page. Closes: #570228
* Document ThreadLimit in apache2.conf's comments.
.
apache2 (2.2.14-6) unstable; urgency=low
.
* Use environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR, and
APACHE_LOG_DIR in the default configuration. If you have modified
/etc/apache2/envvars, make sure that these variables are set and exported.
* Add support for multiple apache2 instances to initscript and apache2ctl.
See /usr/share/doc/apache2.2-common/README.multiple-instances for details.
Closes: #353450
* Set default compiled-in ServerRoot to /etc/apache2 and make paths in
apache2.conf relative to ServerRoot.
* Move ab and logresolve from /usr/sbin to /usr/bin. Closes: #351450, #564061
* Fix symlinks in apache2-dbg package. Closes: #567076
* Fix mod_cache CacheIgnoreURLSessionIdentifiers handling. Closes: #556383
* Add new init script action graceful-stop (LP: #456381)
* Add more languages to mime.conf. To limit this to useful entries, we only
add those for which a translation of the Debian intaller exists. LP: #217964
* Unset $HOME in /etc/apache2/envvars.
* Change default config of mod_info and mod_status to use IP addresses
instead of hostnames. Otherwise the hostname is sometimes logged even with
'HostnameLookup Off'. Closes: #568409
* Add a hook to apache2.2-common's postrm script that may come in handy
when upgrading to 2.4.
* Make bug script also display php extensions.
* Bump Standards-Version (no changes).
* Remove Adam Conrad from Uploaders. Thanks for your work in the past.
Checksums-Sha1:
a2fef894fbc2b07ac9ec5b68f1ba680947d9a38a 2038 apache2_2.2.15-5ubuntu1.dsc
1a751aab443ce76ede233b6d3351223e9c9516f2 6593633 apache2_2.2.15.orig.tar.gz
0e8b629f357534cb71e309f1d8da6cb8f478f949 205119 apache2_2.2.15-5ubuntu1.diff.gz
Checksums-Sha256:
2441eebe5a7cb6f9999cf8782e903564170cbd5e7320399df7781ce9e443142c 2038 apache2_2.2.15-5ubuntu1.dsc
4f879251e938e81fafedabc946831a501b71ddc33cb8a9ad4a994fce233f281b 6593633 apache2_2.2.15.orig.tar.gz
ee07b87f7ca2fcfd3b9eb4b33556bcd0c64afd872195fd2e0f418386518320a5 205119 apache2_2.2.15-5ubuntu1.diff.gz
Files:
d1b16ddc51c7b9d2c9ede574c54f65be 2038 httpd optional apache2_2.2.15-5ubuntu1.dsc
31fa022dc3c0908c6eaafe73c81c65df 6593633 httpd optional apache2_2.2.15.orig.tar.gz
3022d3a3a1e2674d44a8b58c5cd2ee44 205119 httpd optional apache2_2.2.15-5ubuntu1.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2
Original-Vcs-Svn: svn://svn.debian.org/pkg-apache/trunk/apache2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwbq9MACgkQIHZ33voUATsSKwCfX/lKgFIBMXD0YdYudBUo//Hm
QiQAoKiXv5vIpXaiQ28Nz33u2zDN/NAj
=mtxf
-----END PGP SIGNATURE-----
More information about the Maverick-changes
mailing list