[Bug 75590] Please sync apache2 (main) from unstable (main)

Martin Pitt martin.pitt at ubuntu.com
Wed Dec 13 11:16:42 GMT 2006


Public bug reported:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects distros/ubuntu/apache2
 status confirmed
 subscribe ubuntu-archive

Please sync apache2 (main) from Debian unstable (main).

Changelog since current feisty version 2.0.55-4ubuntu4:

apache2 (2.2.3-3.2) unstable; urgency=high

  * Non-maintainer upload.
  * 043_ajp_connection_reuse: Patch from upstream Bugzilla, fixing a critical
    issue with regard to connection reuse in mod_proxy_ajp.
    Closes: #396265

 -- Andreas Barth <aba at not.so.argh.org>  Sat,  9 Dec 2006 21:05:45 +0000

apache2 (2.2.3-3.1) unstable; urgency=low

  * Non-maintainer upload.
  * Enable authz_user by default, fix silent authentication breakage.
    Closes: #397310
  * Add default modules if coming from earlier than this version.
    Closes: #392349, #392352, #392701, #393913, #396678, #395976
  * Re-Enable modules cern_meta, dumpio and ext_filter. Closes: #391393

 -- Andreas Barth <aba at not.so.argh.org>  Fri, 10 Nov 2006 15:44:33 +0100

apache2 (2.2.3-3) unstable; urgency=medium

  [ Peter Samuelson ]
  * a2dismod: exit 0 if a module exists but is already disabled.
  * Ship a2enmod.8 and a2dismod.8 again, and expand them a bit.
    (Closes: #270551)

  [ Tollef Fog Heen ]
  * Build apache2-src package.
  * Do not AddDefaultCharset if we are proxying.  Closes: #277526
  * Do not forcefully link against libdb4.3 and other libs.
  * Enable the same list of modules as we had in 2.0 (by default) and do
    that for all older versions than 2.2.3-3 to fix upgrade issues people
    have had.  Closes: #392349
  * Set default IndexWidth to *.
  * Clean up CPPFLAGS and CFLAGS, including making all of CFLAGS a
    superset of CPPFLAGS.  Also make sure to include -I switches with
    absolute paths so the apache headers are useful.
  * Warn when not starting HTTPD due to missing apache binary.  
    Closes: #384128
  * Provide sample disk and memory cache configurations.  Closes: #278564
  * Provide dir.conf.   Closes: #392356
  * Add alternate dependency from apache to apache2-mpm-event
  * On reload, make the init script exit 1 with an error message if the
    configuration is broken.  Closes: #316858
  * Add default deflate.conf compressing text/html, text/plain and
    text/xml.  Closes: #349016
  * Add { and } around the usage format in the init script to make the
    init script bash completion happier.  Closes: #350606

  [ Adam Conrad ]
  * Update our php4 and php5 conflicts, to reflect the reality that each
    were uploaded and built again while apache2.2 was in the new queue.
    Closes: #392189
  * Migrate kill symlinks from K91 to K09 (closes: #376503)
  * Make apache2 depend on the current version of the MPMs, as it used
    to in the 2.0.x series (and make it binNMU-safe) (closes: #394658)
  * Make sure that the RedirectMatch in sites-available/default continues
    to be commented out for Ubuntu, while having it uncommented for Debian.

  [ Thom May ]
  * Fix permissions on suexec (Closes: #391918)
  * This is Debian, not Ubuntu (Closes: #393277)

 -- Adam Conrad <adconrad at 0c3.net>  Sat,  7 Oct 2006 17:57:04 +1000

apache2 (2.2.3-2) unstable; urgency=low

  * Make sure to ship /var/log/apache2 in the apache2.2-common package.
    Closes: #390786
  * Install suexec.8 as suexec2.8.  Closes: #390774
  * Make sure that we never ship .svn directories in any binary packages.
    Closes: #390785
  * Not only chmod -x /usr/sbin/apache2 in apache2.2-common.preinst, chmod
    +x it in same's postinst too.  Closes: #390794
  * We now ship htcacheclean in apache2-utils.  Closes: #376680
  * Try to stop old apaches in preinst of the mpms.  Closes:  #390893
  * Make apache2-mpm-{worker,prefork} conflict with apache2-mpm-event and
    apache2-common.
  * rm -f /var/lib/dpkg/info/apache2-common.postrm.  So apache2-common can
    be purged. Yes, we're on crack.  Closes: #390823
  * Make apache2-utils's Replaces on apache2-common be unversioned.
    Closes: #391018
  * Stop shipping cern_meta.load, dumpio.load and ext_filter.load.  Thanks
    to Stephane Chazelas for noticing.  Closes: #391393

 -- Tollef Fog Heen <tfheen at debian.org>  Tue,  3 Oct 2006 10:03:48 +0200

apache2 (2.2.3-1) unstable; urgency=low

  * Remove mention of AddDefaultCharset from apache2.conf as this is now
    in /etc/apache2/conf.d/charset.
  * Rename apache2-common to apache2.2-common.  Conflict and replace old
    version.  This is to force modules to be uninstalled until versions
    compiled against 2.2 are provided.
  * Remove Daniel Stone from list of uploaders.
  * We no longer ship 035_HEAD_Content-Length_Fix_From_CVS.  Closes: #298143
  * Don't start the server on reload.  Closes: #316321
  * Install S91/K09 links, not S91/K91, also only support not starting
    through defaults file to cover upgrades from old
    installations. Closes: #359977, #349655
  * Big cleanup by using dh_install properly rather than loads of hacks in
    debian/rules.
  * No longer ship compat symlinks for ab, etc.  Those are installed as
    ab, htpasswd and similar.
  * Remove apache2-mpm-{event,worker}-{prerm,preinst,postinst} in clean,
    as those are copies of other files.
  * Add build-depends for libapr1-dev (>= 1.2.7-6) to make sure we get a
    version which ships a useful apr-config --apr-libtool.
  * chmod -x /usr/sbin/apache2 on upgrades from before 2.2 to avoid
    problems stopping apache due to some dpkg bug.
  * Add Conflicts for broken modules which didn't depend on
    apache2-common.

 -- Tollef Fog Heen <tfheen at debian.org>  Thu, 17 Aug 2006 14:02:58 +0200

apache2 (2.2.3-1~exp.r170) experimental; urgency=low

  [ Jeroen van Wolffelaar ]
  * Staging upload to experimental of subversion revision r170

  [ Thom May, Tollef Fog Heen, Fabio M. Di Nitto and Adam Conrad ]
  * New Upstream Release.  Closes: #344072
    http://httpd.apache.org/docs/2.2/new_features_2_2.html has a list of
    new features and changes.
    - Fixes LFS support. Closes: #341460, #285337, #241223
    - Fixes off-by-one error in mod_rewrite ldap schema handling
      (CVE-2006-3747)
    - Fixes XSS issue in mod_imap/mod_imagemap (CVE-2005-3352).  
      Closes: #343467.
    - mpm_perchild no longer exists, so closing bugs for perchild.
      Closes: #236193, #238586
    - Fixes PHP POST with SSLVerifyClient. Closes: 353443
  * Build-depend on lsb-release and pick up the branding from there.
  * Build-depend on apr-util 1.0 which is now in a separate source
    package.
  * Mangle the Debian layout to be more FHS compatible
  * No longer build-conflict with libgdbm-dev
  * Use external PCRE  
  * Make apache2-utils stop providing apache2-utils.  Also make it stop
    conflicting with itself.
  * Rename default site from default-site to just default.
  * Try to migrate modules which used to be built-in:, alias, mime,
    authz_host, autoindex, dir, env, negotiation, setenvif, status.
  * Mod imap has been renamed to imagemap, ditto for auth_ldap =>
    authnz_ldap.  Cope with that in postinst.
  * Stop globbing in apache2.conf.  
    Closes: #337817, #340955, #348189, #379015, #368497
  * Don't install CHANGES into the apache2 package.  It's just a
    metapackage.
  * Add rudimentary rdeps handling to a2dismod.  Closes: #273929
  * Stop providing apache-utils.
  * Cope with /var/run and /var/lock on tmpfs.
  * Remove all subdirs in srclib as we are using external libraries for
    those anyway.  Also remove test/zb.c.  Closes: 340538
  * Make ssl.conf not block on /dev/random, but rather use /dev/urandom.
  * Make apache2-common depend on lsb-base, thanks to Gleb Arshinov

 -- Jeroen van Wolffelaar <jeroen at wolffelaar.nl>  Tue, 15 Aug 2006
16:17:33 +0200

apache2 (2.0.55-4.1) unstable; urgency=high

  * Non-maintainer upload.  Urgency set to high due to security fixes.
  * Added '052_mod_rewrite_CVE-2006-3747' to fix the off-by-one bug in
    mod_rewrite.
    [CVE-2006-3747].  (Closes: #380182)
  * Added '053_restore_prefix_fix' to allow rebuilding from source.
    (Closes: #374160)
  * Added '054_apr_sendfile' to allow building for Hurd.
    (Closes: #349416)
  * Added '055_expect_CVE-2006-3918' to fix XSS attack in Expect headers.
    [CVE-2006-3918].  (Closes: #381376)
  * Added bash-completion script from Guillaume Rousse.
    (Closes: #299855)

 -- Steve Kemp <skx at debian.org>  Sat, 5 Aug 2006 21:35:53 +0000

apache2 (2.2.0-1) UNRELEASED; urgency=low

  * New upstream release.

 -- Fabio M. Di Nitto <fabbione at fabbione.net>  Thu, 26 Jan 2006 13:46:08
+0100


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFf+EQDecnbV4Fd/IRAjoJAJ9gzgtR9LAqm5eBXQGb4pfo9ip13ACgpspo
iW3AYIBYrefLfl4GGdKi3Ys=
=RvCi
-----END PGP SIGNATURE-----

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: Confirmed

-- 
Please sync apache2 (main) from unstable (main)
https://launchpad.net/bugs/75590



More information about the ubuntu-archive mailing list