[ubuntu/zesty-proposed] apache2 2.4.23-7ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Nov 16 15:34:21 UTC 2016
apache2 (2.4.23-7ubuntu1) zesty; urgency=medium
* Merge from Debian unstable. Remaining changes:
- debian/{control, apache2.install, apache2-utils.ufw.profile,
apache2.dirs}: Add ufw profiles.
- debian/apache2.py, debian/apache2-bin.install: Add apport hook.
- debian/rules: Fix cross-building by passing
DEB_{HOST,BUILD}_GNU_TYPE to configure.
- debian/patches/086_svn_cross_compiles: Backport several cross
fixes from upstream
- d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
Debian with Ubuntu on default page.
- Don't build experimental http2 module for LTS:
+ debian/control: removed libnghttp2-dev Build-Depends (in universe).
+ debian/config-dir/mods-available/http2.load: removed.
+ debian/rules: removed proxy_http2 from configure.
- Correct systemd-sysv-generator behavior by customizing some
parameters:
+ d/apache2-systemd.conf: add a drop-in file to specify some
parameters for the systemd unit (type=Forking and
RemainsAfterExit=no), this allow a correct state synchronisation
between systemctl status and actual state of apache2 daemon.
+ d/apache2.install: place the apache2-systemd.conf file in the
correct location.
apache2 (2.4.23-7) unstable; urgency=medium
* Make apache2-dev depend on openssl 1.0, too. Closes: #844160
* Move DefaultRuntimeDir and pid file for multi-instances to
/var/run/apache2-xxx. Thanks to Horst Platz for the debugging.
Closes: #838932 LP: #1627339
* Fix systemd unit naming for multi-instances.
* Tweak embedded .tar.gz some more to build reproducibly.
apache2 (2.4.23-6) unstable; urgency=medium
* One more tweak for reproducible build. Thanks to Daniel Shahaf for the
patch. Closes: #839977
* Avoid building with openssl 1.1 for now. See #828236
apache2 (2.4.23-5) unstable; urgency=low
* Team upload.
[ Stefan Fritsch ]
* Tweak creation of .tar.gz embedded in preinst to get reproducible
build.
[ Raphaël Hertzog ]
* Add systemd unit files. Closes: #798430
* Improve a2enmod to enable apache-htcacheclean with systemctl and let
it enable 'apache-htcacheclean at instance.service' for multi-instance
support.
* Improve setup-instance to rely on the systemd apache2 at instance.service for
multi-instance support.
* Drop /lib/systemd/system/apache2.service.d/forking.conf now that we have
proper native systemd support.
* Modify handling of /etc/init.d/apache-htcacheclean to have a usual
Default-Start value but instead we disable it manually in the postinst.
That way "systemctl enable apache-htcacheclean" works.
* Add some lintian overrides for non-problems (two update-rc.d calls in
postinst, and a .js file with a very long line).
apache2 (2.4.23-4) unstable; urgency=medium
* Fix pre-inst script for new installations. Closes: #834169
apache2 (2.4.23-3) unstable; urgency=low
* Fix conffiles that may have got the wrong content during upgrade from
wheezy to early jessie versions. Closes: #794933
* Also restore re-introduced *.load files for mod_ident, mod_imagemap, and
mod_cern_meta. These may have gone missing due to dpkg thinking they still
belong to apache2.2-common. Reported by Markus Waldeck.
* apache2-maintscript-helper: Make apache2_switch_mpm do nothing if the
local admin has disabled the requested mpm manually.
Closes: #827446, #799630
* Make mod_proxy_html depend on mod_xml2enc.
* dh_apache2: Make versioned recommends on apache2 less strict. There is
no advantage in recommending the current version. Closes: #784290
apache2 (2.4.23-2) unstable; urgency=high
* CVE-2016-5387: Sets environmental variable based on user supplied Proxy
request header.
Don't pass through HTTP_PROXY in server/util_script.c
apache2 (2.4.23-1) unstable; urgency=high
* New upstream release
- Security: CVE-2016-4979: Fix bypass of TLS client certificate
verification in mod_http2.
- new modules mod_proxy_http2 (experimental) and mod_proxy_hcheck
* Re-introduce mod_imagemap and mod_cern_meta. Closes: #786657
* Set SHELL=/bin/bash during configure to get reproducible builds regardless
of where /bin/sh points to.
* Use 'Require method' instead of Limit/LimitExcept in userdir.conf.
apache2 (2.4.20-2) unstable; urgency=medium
* Fix crash in ap_get_useragent_host() triggered by mod_perl test.
Closes: #820824
* Fix race condition and logical error in init script. Thanks to Thomas
Stangner for the patch. Closes: #822144
* Remove links to manpages.debian.org in default index.html to avoid
broken robots doing a DoS on the site. Closes: #821313
* Fix a2enmod to run on perl 5.14 to simplify backports. Closes: #821956
* Bump Standards-Version (no changes necessary).
* Fix segfault with logresolve -c. Closes: #823259
apache2 (2.4.20-1) unstable; urgency=medium
* New upstream release
- mostly bugfixes and HTTP/2 improvements
* Build against lua 5.2 instead of 5.1. Closes: #820243
* Correct systemd-sysv-generator behavior by customizing some parameters.
This fixes 'systemctl status' returning incorrect results. Thanks to
Pierre-André MOREY for the patch. LP: #1488962
* On Linux, use pthread mutexes. On kfreebsd/hurd, continue using fctnl
because they lack robust pthred mutexes. LP: #1565744, #1527044
Date: Wed, 16 Nov 2016 09:17:24 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apache2/2.4.23-7ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 16 Nov 2016 09:17:24 -0500
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source
Version: 2.4.23-7ubuntu1
Distribution: zesty
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
apache2 - Apache HTTP Server
apache2-bin - Apache HTTP Server (modules and other binary files)
apache2-data - Apache HTTP Server (common files)
apache2-dbg - Apache debugging symbols
apache2-dev - Apache HTTP Server (development headers)
apache2-doc - Apache HTTP Server (on-site documentation)
apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 784290 786657 794933 798430 799630 820243 820824 821313 821956 822144 823259 827446 834169 838932 839977 844160
Launchpad-Bugs-Fixed: 1488962 1527044 1565744 1627339
Changes:
apache2 (2.4.23-7ubuntu1) zesty; urgency=medium
.
* Merge from Debian unstable. Remaining changes:
- debian/{control, apache2.install, apache2-utils.ufw.profile,
apache2.dirs}: Add ufw profiles.
- debian/apache2.py, debian/apache2-bin.install: Add apport hook.
- debian/rules: Fix cross-building by passing
DEB_{HOST,BUILD}_GNU_TYPE to configure.
- debian/patches/086_svn_cross_compiles: Backport several cross
fixes from upstream
- d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
Debian with Ubuntu on default page.
- Don't build experimental http2 module for LTS:
+ debian/control: removed libnghttp2-dev Build-Depends (in universe).
+ debian/config-dir/mods-available/http2.load: removed.
+ debian/rules: removed proxy_http2 from configure.
- Correct systemd-sysv-generator behavior by customizing some
parameters:
+ d/apache2-systemd.conf: add a drop-in file to specify some
parameters for the systemd unit (type=Forking and
RemainsAfterExit=no), this allow a correct state synchronisation
between systemctl status and actual state of apache2 daemon.
+ d/apache2.install: place the apache2-systemd.conf file in the
correct location.
.
apache2 (2.4.23-7) unstable; urgency=medium
.
* Make apache2-dev depend on openssl 1.0, too. Closes: #844160
* Move DefaultRuntimeDir and pid file for multi-instances to
/var/run/apache2-xxx. Thanks to Horst Platz for the debugging.
Closes: #838932 LP: #1627339
* Fix systemd unit naming for multi-instances.
* Tweak embedded .tar.gz some more to build reproducibly.
.
apache2 (2.4.23-6) unstable; urgency=medium
.
* One more tweak for reproducible build. Thanks to Daniel Shahaf for the
patch. Closes: #839977
* Avoid building with openssl 1.1 for now. See #828236
.
apache2 (2.4.23-5) unstable; urgency=low
.
* Team upload.
.
[ Stefan Fritsch ]
* Tweak creation of .tar.gz embedded in preinst to get reproducible
build.
.
[ Raphaël Hertzog ]
* Add systemd unit files. Closes: #798430
* Improve a2enmod to enable apache-htcacheclean with systemctl and let
it enable 'apache-htcacheclean at instance.service' for multi-instance
support.
* Improve setup-instance to rely on the systemd apache2 at instance.service for
multi-instance support.
* Drop /lib/systemd/system/apache2.service.d/forking.conf now that we have
proper native systemd support.
* Modify handling of /etc/init.d/apache-htcacheclean to have a usual
Default-Start value but instead we disable it manually in the postinst.
That way "systemctl enable apache-htcacheclean" works.
* Add some lintian overrides for non-problems (two update-rc.d calls in
postinst, and a .js file with a very long line).
.
apache2 (2.4.23-4) unstable; urgency=medium
.
* Fix pre-inst script for new installations. Closes: #834169
.
apache2 (2.4.23-3) unstable; urgency=low
.
* Fix conffiles that may have got the wrong content during upgrade from
wheezy to early jessie versions. Closes: #794933
* Also restore re-introduced *.load files for mod_ident, mod_imagemap, and
mod_cern_meta. These may have gone missing due to dpkg thinking they still
belong to apache2.2-common. Reported by Markus Waldeck.
* apache2-maintscript-helper: Make apache2_switch_mpm do nothing if the
local admin has disabled the requested mpm manually.
Closes: #827446, #799630
* Make mod_proxy_html depend on mod_xml2enc.
* dh_apache2: Make versioned recommends on apache2 less strict. There is
no advantage in recommending the current version. Closes: #784290
.
apache2 (2.4.23-2) unstable; urgency=high
.
* CVE-2016-5387: Sets environmental variable based on user supplied Proxy
request header.
Don't pass through HTTP_PROXY in server/util_script.c
.
apache2 (2.4.23-1) unstable; urgency=high
.
* New upstream release
- Security: CVE-2016-4979: Fix bypass of TLS client certificate
verification in mod_http2.
- new modules mod_proxy_http2 (experimental) and mod_proxy_hcheck
* Re-introduce mod_imagemap and mod_cern_meta. Closes: #786657
* Set SHELL=/bin/bash during configure to get reproducible builds regardless
of where /bin/sh points to.
* Use 'Require method' instead of Limit/LimitExcept in userdir.conf.
.
apache2 (2.4.20-2) unstable; urgency=medium
.
* Fix crash in ap_get_useragent_host() triggered by mod_perl test.
Closes: #820824
* Fix race condition and logical error in init script. Thanks to Thomas
Stangner for the patch. Closes: #822144
* Remove links to manpages.debian.org in default index.html to avoid
broken robots doing a DoS on the site. Closes: #821313
* Fix a2enmod to run on perl 5.14 to simplify backports. Closes: #821956
* Bump Standards-Version (no changes necessary).
* Fix segfault with logresolve -c. Closes: #823259
.
apache2 (2.4.20-1) unstable; urgency=medium
.
* New upstream release
- mostly bugfixes and HTTP/2 improvements
* Build against lua 5.2 instead of 5.1. Closes: #820243
* Correct systemd-sysv-generator behavior by customizing some parameters.
This fixes 'systemctl status' returning incorrect results. Thanks to
Pierre-André MOREY for the patch. LP: #1488962
* On Linux, use pthread mutexes. On kfreebsd/hurd, continue using fctnl
because they lack robust pthred mutexes. LP: #1565744, #1527044
Checksums-Sha1:
438268cbefa6ab133c3b172989517a94349e284d 2847 apache2_2.4.23-7ubuntu1.dsc
5101be34ac4a509b245adb70a56690a84fcc4e7f 6351875 apache2_2.4.23.orig.tar.bz2
34d4e58f738ba1da79b8308ea62145beb9cc905d 366616 apache2_2.4.23-7ubuntu1.debian.tar.xz
Checksums-Sha256:
3774decd8b1d4d74ea49ac2b450c3d1d61efe7ca627f714b6b0d1fb51371f524 2847 apache2_2.4.23-7ubuntu1.dsc
0c1694b2aad7765896faf92843452ee2555b9591ae10d4f19b245f2adfe85e58 6351875 apache2_2.4.23.orig.tar.bz2
c3fbcbd7ccff7887be0a99ee4f062c2c7cfe62832f69799274f1ebd277237bee 366616 apache2_2.4.23-7ubuntu1.debian.tar.xz
Files:
27a2e1f708415b3c79483c61d5fbf0b8 2847 httpd optional apache2_2.4.23-7ubuntu1.dsc
04f19c60e810c028f5240a062668a688 6351875 httpd optional apache2_2.4.23.orig.tar.bz2
2cae8b87097d367e48eb3dbf623fcdc1 366616 httpd optional apache2_2.4.23-7ubuntu1.debian.tar.xz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYLHOnAAoJEGVp2FWnRL6TorkP+wWDKB8HwfqQAwqM0QLDrnHE
xEuV//Ap/u92hsykh+yjtdMIRrIl5m5+FDJxzRhjgPyjkRlhNfqg4rE7lB6EyBo2
0ktbcBTy+0KVtFLI7jOrkBeZpNSpg+TVbfrq0CyfLjWCPGynh/iMN+MraSnbZkVH
bH/3xkHrDn0e95wXG1zCvteW0/IbRLLj2iV607PC/uu7MQbGTUSvkEKoG0NyhVTx
A9ZYRKjqF6Bp/GxEUiMKhNgyJ7DzHm1hP2DW/JBVUnKUfs7NBE7CDBAPL2Xhds6x
fTMr4nnH9ekkRWiz3m/Up5jAzs9nNVvSfJChDgoeTySLwRwJpWhdE67LNjPUZSoG
NPIn0oIq+f8sS+WNmjnWI7J6zUcSAz9U5X7tzVjIZDMJO14CVLcf4abt45Gk3FJX
Vbz1ovshdUDUSzZsCTtmDHiI1HN1ctGTxHrG/tFFBFVHgslO+bR2u9SzLYGQ7osq
Vq5VA7W6P+88BHxnVt826CJ1y+2LMBxBk7D/lv+uLTphSBUKdEh7HIBX7xmYpU8n
NPJXcAeZHd+VDUoLyQPHD1okRRu59anzr3YLkUFZrMOwhgAId3XLLrwQ//BaAcS9
XUnGxaibNE7oYmuXpXdE0OBBLH+3Ggi24gQXksulr4TWVMIv9+VOpusw7MFIFvWq
Z3L3pDuPK8KWMO/pxXCZ
=B1Vv
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list