[Bug 75590] Please sync apache2 (main) from unstable (main)
Martin Pitt
martin.pitt at ubuntu.com
Wed Dec 13 11:16:42 GMT 2006
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects distros/ubuntu/apache2
status confirmed
subscribe ubuntu-archive
Please sync apache2 (main) from Debian unstable (main).
Changelog since current feisty version 2.0.55-4ubuntu4:
apache2 (2.2.3-3.2) unstable; urgency=high
* Non-maintainer upload.
* 043_ajp_connection_reuse: Patch from upstream Bugzilla, fixing a critical
issue with regard to connection reuse in mod_proxy_ajp.
Closes: #396265
-- Andreas Barth <aba at not.so.argh.org> Sat, 9 Dec 2006 21:05:45 +0000
apache2 (2.2.3-3.1) unstable; urgency=low
* Non-maintainer upload.
* Enable authz_user by default, fix silent authentication breakage.
Closes: #397310
* Add default modules if coming from earlier than this version.
Closes: #392349, #392352, #392701, #393913, #396678, #395976
* Re-Enable modules cern_meta, dumpio and ext_filter. Closes: #391393
-- Andreas Barth <aba at not.so.argh.org> Fri, 10 Nov 2006 15:44:33 +0100
apache2 (2.2.3-3) unstable; urgency=medium
[ Peter Samuelson ]
* a2dismod: exit 0 if a module exists but is already disabled.
* Ship a2enmod.8 and a2dismod.8 again, and expand them a bit.
(Closes: #270551)
[ Tollef Fog Heen ]
* Build apache2-src package.
* Do not AddDefaultCharset if we are proxying. Closes: #277526
* Do not forcefully link against libdb4.3 and other libs.
* Enable the same list of modules as we had in 2.0 (by default) and do
that for all older versions than 2.2.3-3 to fix upgrade issues people
have had. Closes: #392349
* Set default IndexWidth to *.
* Clean up CPPFLAGS and CFLAGS, including making all of CFLAGS a
superset of CPPFLAGS. Also make sure to include -I switches with
absolute paths so the apache headers are useful.
* Warn when not starting HTTPD due to missing apache binary.
Closes: #384128
* Provide sample disk and memory cache configurations. Closes: #278564
* Provide dir.conf. Closes: #392356
* Add alternate dependency from apache to apache2-mpm-event
* On reload, make the init script exit 1 with an error message if the
configuration is broken. Closes: #316858
* Add default deflate.conf compressing text/html, text/plain and
text/xml. Closes: #349016
* Add { and } around the usage format in the init script to make the
init script bash completion happier. Closes: #350606
[ Adam Conrad ]
* Update our php4 and php5 conflicts, to reflect the reality that each
were uploaded and built again while apache2.2 was in the new queue.
Closes: #392189
* Migrate kill symlinks from K91 to K09 (closes: #376503)
* Make apache2 depend on the current version of the MPMs, as it used
to in the 2.0.x series (and make it binNMU-safe) (closes: #394658)
* Make sure that the RedirectMatch in sites-available/default continues
to be commented out for Ubuntu, while having it uncommented for Debian.
[ Thom May ]
* Fix permissions on suexec (Closes: #391918)
* This is Debian, not Ubuntu (Closes: #393277)
-- Adam Conrad <adconrad at 0c3.net> Sat, 7 Oct 2006 17:57:04 +1000
apache2 (2.2.3-2) unstable; urgency=low
* Make sure to ship /var/log/apache2 in the apache2.2-common package.
Closes: #390786
* Install suexec.8 as suexec2.8. Closes: #390774
* Make sure that we never ship .svn directories in any binary packages.
Closes: #390785
* Not only chmod -x /usr/sbin/apache2 in apache2.2-common.preinst, chmod
+x it in same's postinst too. Closes: #390794
* We now ship htcacheclean in apache2-utils. Closes: #376680
* Try to stop old apaches in preinst of the mpms. Closes: #390893
* Make apache2-mpm-{worker,prefork} conflict with apache2-mpm-event and
apache2-common.
* rm -f /var/lib/dpkg/info/apache2-common.postrm. So apache2-common can
be purged. Yes, we're on crack. Closes: #390823
* Make apache2-utils's Replaces on apache2-common be unversioned.
Closes: #391018
* Stop shipping cern_meta.load, dumpio.load and ext_filter.load. Thanks
to Stephane Chazelas for noticing. Closes: #391393
-- Tollef Fog Heen <tfheen at debian.org> Tue, 3 Oct 2006 10:03:48 +0200
apache2 (2.2.3-1) unstable; urgency=low
* Remove mention of AddDefaultCharset from apache2.conf as this is now
in /etc/apache2/conf.d/charset.
* Rename apache2-common to apache2.2-common. Conflict and replace old
version. This is to force modules to be uninstalled until versions
compiled against 2.2 are provided.
* Remove Daniel Stone from list of uploaders.
* We no longer ship 035_HEAD_Content-Length_Fix_From_CVS. Closes: #298143
* Don't start the server on reload. Closes: #316321
* Install S91/K09 links, not S91/K91, also only support not starting
through defaults file to cover upgrades from old
installations. Closes: #359977, #349655
* Big cleanup by using dh_install properly rather than loads of hacks in
debian/rules.
* No longer ship compat symlinks for ab, etc. Those are installed as
ab, htpasswd and similar.
* Remove apache2-mpm-{event,worker}-{prerm,preinst,postinst} in clean,
as those are copies of other files.
* Add build-depends for libapr1-dev (>= 1.2.7-6) to make sure we get a
version which ships a useful apr-config --apr-libtool.
* chmod -x /usr/sbin/apache2 on upgrades from before 2.2 to avoid
problems stopping apache due to some dpkg bug.
* Add Conflicts for broken modules which didn't depend on
apache2-common.
-- Tollef Fog Heen <tfheen at debian.org> Thu, 17 Aug 2006 14:02:58 +0200
apache2 (2.2.3-1~exp.r170) experimental; urgency=low
[ Jeroen van Wolffelaar ]
* Staging upload to experimental of subversion revision r170
[ Thom May, Tollef Fog Heen, Fabio M. Di Nitto and Adam Conrad ]
* New Upstream Release. Closes: #344072
http://httpd.apache.org/docs/2.2/new_features_2_2.html has a list of
new features and changes.
- Fixes LFS support. Closes: #341460, #285337, #241223
- Fixes off-by-one error in mod_rewrite ldap schema handling
(CVE-2006-3747)
- Fixes XSS issue in mod_imap/mod_imagemap (CVE-2005-3352).
Closes: #343467.
- mpm_perchild no longer exists, so closing bugs for perchild.
Closes: #236193, #238586
- Fixes PHP POST with SSLVerifyClient. Closes: 353443
* Build-depend on lsb-release and pick up the branding from there.
* Build-depend on apr-util 1.0 which is now in a separate source
package.
* Mangle the Debian layout to be more FHS compatible
* No longer build-conflict with libgdbm-dev
* Use external PCRE
* Make apache2-utils stop providing apache2-utils. Also make it stop
conflicting with itself.
* Rename default site from default-site to just default.
* Try to migrate modules which used to be built-in:, alias, mime,
authz_host, autoindex, dir, env, negotiation, setenvif, status.
* Mod imap has been renamed to imagemap, ditto for auth_ldap =>
authnz_ldap. Cope with that in postinst.
* Stop globbing in apache2.conf.
Closes: #337817, #340955, #348189, #379015, #368497
* Don't install CHANGES into the apache2 package. It's just a
metapackage.
* Add rudimentary rdeps handling to a2dismod. Closes: #273929
* Stop providing apache-utils.
* Cope with /var/run and /var/lock on tmpfs.
* Remove all subdirs in srclib as we are using external libraries for
those anyway. Also remove test/zb.c. Closes: 340538
* Make ssl.conf not block on /dev/random, but rather use /dev/urandom.
* Make apache2-common depend on lsb-base, thanks to Gleb Arshinov
-- Jeroen van Wolffelaar <jeroen at wolffelaar.nl> Tue, 15 Aug 2006
16:17:33 +0200
apache2 (2.0.55-4.1) unstable; urgency=high
* Non-maintainer upload. Urgency set to high due to security fixes.
* Added '052_mod_rewrite_CVE-2006-3747' to fix the off-by-one bug in
mod_rewrite.
[CVE-2006-3747]. (Closes: #380182)
* Added '053_restore_prefix_fix' to allow rebuilding from source.
(Closes: #374160)
* Added '054_apr_sendfile' to allow building for Hurd.
(Closes: #349416)
* Added '055_expect_CVE-2006-3918' to fix XSS attack in Expect headers.
[CVE-2006-3918]. (Closes: #381376)
* Added bash-completion script from Guillaume Rousse.
(Closes: #299855)
-- Steve Kemp <skx at debian.org> Sat, 5 Aug 2006 21:35:53 +0000
apache2 (2.2.0-1) UNRELEASED; urgency=low
* New upstream release.
-- Fabio M. Di Nitto <fabbione at fabbione.net> Thu, 26 Jan 2006 13:46:08
+0100
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFf+EQDecnbV4Fd/IRAjoJAJ9gzgtR9LAqm5eBXQGb4pfo9ip13ACgpspo
iW3AYIBYrefLfl4GGdKi3Ys=
=RvCi
-----END PGP SIGNATURE-----
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: Confirmed
--
Please sync apache2 (main) from unstable (main)
https://launchpad.net/bugs/75590
More information about the ubuntu-archive
mailing list