apache2 (2.2.14-2ubuntu1) lucid; urgency=low
* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: it was
already dropped from 00list, so just remove the patch entirely
apache2 (2.2.14-2) unstable; urgency=medium
* Security:
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://'. Closes: #442266
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
Date: Thu, 12 Nov 2009 16:09:30 -0600
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/apache2/2.2.14-2ubuntu1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 12 Nov 2009 16:09:30 -0600
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork
apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec
apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev
apache2-threaded-dev apache2-dbg
Architecture: source
Version: 2.2.14-2ubuntu1
Distribution: lucid
Urgency: medium
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Closes: 442266 496080 554824
Changes:
apache2 (2.2.14-2ubuntu1) lucid; urgency=low
.
* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: it was
already dropped from 00list, so just remove the patch entirely
.
apache2 (2.2.14-2) unstable; urgency=medium
.
* Security:
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://'. Closes: #442266
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
Checksums-Sha1:
4b685caf660cc04ba323d9ebb8c812cf9f7fa19f 2008 apache2_2.2.14-2ubuntu1.dsc
529b4c4e0737c679430ab0d1b8d04711bc2bf8a4 185939 apache2_2.2.14-2ubuntu1.diff.gz
Checksums-Sha256:
cc366ed1069603e6687af9eacffc218f305a427c6caf09d53ceea1ed5b2765c4 2008
apache2_2.2.14-2ubuntu1.dsc
7dc16d701a7bd3cfc5a2433250d0e6ba50c1c1e9d8f808b234f0582b9027077d 185939
apache2_2.2.14-2ubuntu1.diff.gz
Files:
336777c2e677c623384e8a8c09073163 2008 httpd optional
apache2_2.2.14-2ubuntu1.dsc
e1ec0d0d87ad160f4018f3b25133971f 185939 httpd optional
apache2_2.2.14-2ubuntu1.diff.gz
Launchpad-Bugs-Fixed: 460692
Original-Maintainer: Debian Apache Maintainers <debian-apa...@lists.debian.org>
Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2
Original-Vcs-Svn: svn://svn.debian.org/pkg-apache/trunk/apache2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkr8kAEACgkQW0JvuRdL8BpYFwCgkH9NNL+1UqMxzGqfHXBcg1rP
ObMAoJt2BaaQREaAvlqj65RYpXVsxTR1
=yNsl
-----END PGP SIGNATURE-----
--
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes
