Bug#752922: obsolete modules / mod_ident
On Monday 15 September 2014 15:57:05, Alex Bligh wrote: This bug has been closed as fixed in 2.4.10-1. However, Utopic 2.4.10-1ubuntu1 which is based on 2.4.10-1 certainly does not include mod_ident in the build. Is this a Debian/Ubuntu difference or was this closed too soon? It was fixed because we believe that the general problem you described in the report has been fixed: When upgrading from jessie, the conf files of the obsolete modules should no longer remain attached to the apache2.2-common package. If you observe that this still doesn't work, please report it to the bug report. If you can confirm that it is fixed, I would be interested, too. Mod_ident has not been re-introduced with 2.4.10-1. But I will do that in the next upload. authn_alias authn_default authz_default cern_meta disk_cache ident imagemap mem_cache version Some of these do no longer exist or have been renamed. Mod_version is now compiled-in statically. Cern_meta, ident, imagemap are the remaining ones and we thought nobody would use these anymore. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2200619.ZPH8Zeuq9s@k
Bug#760901: apache2: On kfreebsd fails to start with default config due to wrong locking mechanism
On Tuesday 09 September 2014 01:09:03, Daniel Dickinson wrote: Apache fails to start due to unimplemented function in the default configuration when run on kfreebsd (at least amd64 but probably all). The solution is to add AcceptMutex fcntl in a file in /etc/apache2 Do you know if this is a regression? Has it worked before? If yes, in which versions of apache2, libapr1, libaprutil1? Cheers, Stefan -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2256807.21Chx2r0aX@k
Processed: unmerging 752922, notfixed 752922 in 2.4.10-1
Processing commands for cont...@bugs.debian.org: unmerge 752922 Bug #752922 {Done: Stefan Fritsch s...@debian.org} [apache2] apache2 upgrade wheezy-jessie breaks certain apache2 modules Bug #711925 {Done: Stefan Fritsch s...@debian.org} [apache2] updates lost Alias modules Bug #717476 {Done: Stefan Fritsch s...@debian.org} [apache2] updates lost Alias modules Disconnected #752922 from all other report(s). notfixed 752922 2.4.10-1 Bug #752922 {Done: Stefan Fritsch s...@debian.org} [apache2] apache2 upgrade wheezy-jessie breaks certain apache2 modules No longer marked as fixed in versions apache2/2.4.10-1. thanks Stopping processing here. Please contact me if you need assistance. -- 711925: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711925 717476: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717476 752922: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752922 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.141132827922690.transcr...@bugs.debian.org
Bug#759382: webalizer log needs
On Friday 29 August 2014 17:34:03, Matt Taggart wrote: For the things that do store data, I think 7 days should be enough to ensure that they have a chance to process the logs before they get rotated. Thanks for the detailed analysis. Somehow 7 days seems awfully short to me when one has to analyse problems. What do you think about 14 days? -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/3559101.DoQ9tP8Ud7@k
Bug#759382: webalizer log needs
Stefan Fritsch writes: On Friday 29 August 2014 17:34:03, Matt Taggart wrote: For the things that do store data, I think 7 days should be enough to ensure that they have a chance to process the logs before they get rotated. Thanks for the detailed analysis. Somehow 7 days seems awfully short to me when one has to analyse problems. What do you think about 14 days? I think that sounds great. If we determine later that it's not needed then it could be turned down further. Thanks, -- Matt Taggart tagg...@debian.org -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140921204517.daf58...@taggart.lackof.org
Bug#752922: obsolete modules / mod_ident
On 21 Sep 2014, at 20:47, Stefan Fritsch s...@sfritsch.de wrote: Mod_ident has not been re-introduced with 2.4.10-1. But I will do that in the next upload. Cern_meta, ident, imagemap are the remaining ones and we thought nobody would use these anymore. Thanks. For what it's worth in my use case the client is not a user at a command line, but a tcp connection running a protocol that it is not possible to change (for instance to add headers, authentication or similar). However, mod_ident is used (with an ident server module) to look up details of the relevant tcp connection. An edge case I know. -- Alex Bligh -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/6ffb2b70-1825-483c-8084-7412b3568...@alex.org.uk
Processing of apache2_2.4.10-2_amd64.changes
apache2_2.4.10-2_amd64.changes uploaded successfully to localhost along with the files: libapache2-mod-proxy-html_2.4.10-2_amd64.deb libapache2-mod-macro_2.4.10-2_amd64.deb apache2_2.4.10-2_amd64.deb apache2-data_2.4.10-2_all.deb apache2-bin_2.4.10-2_amd64.deb apache2-mpm-worker_2.4.10-2_amd64.deb apache2-mpm-prefork_2.4.10-2_amd64.deb apache2-mpm-event_2.4.10-2_amd64.deb apache2-mpm-itk_2.4.10-2_amd64.deb apache2.2-bin_2.4.10-2_amd64.deb apache2.2-common_2.4.10-2_amd64.deb apache2-utils_2.4.10-2_amd64.deb apache2-suexec_2.4.10-2_amd64.deb apache2-suexec-pristine_2.4.10-2_amd64.deb apache2-suexec-custom_2.4.10-2_amd64.deb apache2-doc_2.4.10-2_all.deb apache2-dev_2.4.10-2_amd64.deb apache2-dbg_2.4.10-2_amd64.deb apache2_2.4.10-2.dsc apache2_2.4.10-2.debian.tar.xz Greetings, Your Debian queue daemon (running on host franck.debian.org) -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xvopg-0005px...@franck.debian.org
apache2_2.4.10-2_amd64.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 21 Sep 2014 22:58:33 +0200 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source amd64 all Version: 2.4.10-2 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch s...@debian.org Description: apache2- Apache HTTP Server apache2-bin - Apache HTTP Server (binary files and modules) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache2-suexec - transitional package for apache2-suexec-pristine apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) apache2.2-bin - Transitional package for apache2-bin apache2.2-common - Transitional package for apache2 libapache2-mod-macro - Transitional package for apache2-bin libapache2-mod-proxy-html - Transitional package for apache2-bin Closes: 755976 756361 759382 Changes: apache2 (2.4.10-2) unstable; urgency=medium . * Pull changes from upstream 2.4.x branch up to r1626207 + Security Fix for CVE-2013-5704: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds MergeTrailers directive to restore legacy behavior. . * Switch to apache2 providing the httpd and httpd-cgi virtual packages. The previously providing apache2-bin package lacks the configuration files. Closes: #756361 * Keep fewer logs by default. Instead of 52 weekly logs, keep 14 daily logs. The daily graceful restart also has the advantage of regenerating things like TLS session ticket keys more often. Closes: #759382 * Clarify description of apache2 package. Closes: #755976 * In the maintainer script helper, print out Apache's error message if the config check fails. * Re-add mod_ident. It has still at least one user. LP: #188 Checksums-Sha1: e8fc8c8509fb4e9fd861bccc305d58912ab9d3fc 3218 apache2_2.4.10-2.dsc ebcf1744d65f908ea699a0a7c29e0fffb2bf115c 507480 apache2_2.4.10-2.debian.tar.xz 766be593978c61d7038f64235f81b4824d25456d 1510 libapache2-mod-proxy-html_2.4.10-2_amd64.deb a702e8dd57a589c9645394f2abc91616a6bc11e3 1498 libapache2-mod-macro_2.4.10-2_amd64.deb 11038ddbaa5472a498d8e41f884c841086294871 201662 apache2_2.4.10-2_amd64.deb 4492350f1bb433b27f17c26b642ca7df31865b9a 162450 apache2-data_2.4.10-2_all.deb 26ff954212b37adb2b7eb985e1bdcbe2b77e8b4f 1020154 apache2-bin_2.4.10-2_amd64.deb 989aef74cdcbc7c65dff7e5fa07917cbb64fa2e2 1512 apache2-mpm-worker_2.4.10-2_amd64.deb c079b1a48f81fe31109fd516527bffd2280bc168 1514 apache2-mpm-prefork_2.4.10-2_amd64.deb 98b8e1b3de649ee6ff590703254ca7d59d8a5da8 1514 apache2-mpm-event_2.4.10-2_amd64.deb 75e0b6f6b6cb109324b9d3aa6e2a7018cfaefa7e 1508 apache2-mpm-itk_2.4.10-2_amd64.deb a2f9b24620105d617c95268b45f40c0b75c6b655 1524 apache2.2-bin_2.4.10-2_amd64.deb f2d9b8cca673c010babbf8266542622c0f6c5910 121694 apache2.2-common_2.4.10-2_amd64.deb 69fa92349aef0ca6f70d799afa2f84c233d7a78c 192446 apache2-utils_2.4.10-2_amd64.deb c417f64aa28367bf479919508eb5a02696cbdd72 1488 apache2-suexec_2.4.10-2_amd64.deb 72c9e4f66c5ef99528e70102772041713a3ae987 127376 apache2-suexec-pristine_2.4.10-2_amd64.deb 7dee3662810132d8cac00ae59132555e089791fd 128924 apache2-suexec-custom_2.4.10-2_amd64.deb c6d7d2104805ec81067c8b04789874123d87a415 2723582 apache2-doc_2.4.10-2_all.deb 4167e4490989e34fe4a40b9230f4b4debdae8834 278486 apache2-dev_2.4.10-2_amd64.deb db0049259a986ce895aa3fe88643079de047605d 1691174 apache2-dbg_2.4.10-2_amd64.deb Checksums-Sha256: bb823fa274e974eeff553c4d10937540fb0fab4ff65d04f1b8aefe8d2141b6c7 3218 apache2_2.4.10-2.dsc 87e9f606b368fb1253c283dd0fe39df4b2424b282fb076d753fcbe2a565d6fd5 507480 apache2_2.4.10-2.debian.tar.xz 40c29d77dc75e45477905976072ced7fed78835dcc684e58c2ca78a73c537b66 1510 libapache2-mod-proxy-html_2.4.10-2_amd64.deb 6a65d3bcb3421fefc46e90ea605fdef7a5490fba87845a00f73a17058feb5045 1498 libapache2-mod-macro_2.4.10-2_amd64.deb
Bug#756361: marked as done (The httpd virtual package should be provided by apache2, not apache2-bin)
Your message dated Sun, 21 Sep 2014 21:20:29 + with message-id e1xvoyx-0007lm...@franck.debian.org and subject line Bug#756361: fixed in apache2 2.4.10-2 has caused the Debian Bug report #756361, regarding The httpd virtual package should be provided by apache2, not apache2-bin to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 756361: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756361 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apache2 Version: 2.4.10-1 Severity: important Currently the httpd virtual package is provided by apache2-bin, but apache2-bin does not include the configuration files and init scripts, so it doesn't provide a working web server. The apache2 package has those files and should be the package providing the httpd virtual package. This is also how it is in wheezy, where httpd is provided by the mpm packages which depend on apache2.2-common for the configuration files and init scripts. I set the severity to important because web applications that depend on httpd currently won't work with only apache2-bin installed. See also the following thread on debian-devel about this: https://lists.debian.org/debian-devel/2014/07/msg01065.html -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-32-generic (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.4.10-2 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 756...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch s...@debian.org (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 21 Sep 2014 22:58:33 +0200 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source amd64 all Version: 2.4.10-2 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch s...@debian.org Description: apache2- Apache HTTP Server apache2-bin - Apache HTTP Server (binary files and modules) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache2-suexec - transitional package for apache2-suexec-pristine apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) apache2.2-bin - Transitional package for apache2-bin apache2.2-common - Transitional package for apache2 libapache2-mod-macro - Transitional package for apache2-bin libapache2-mod-proxy-html - Transitional package for apache2-bin Closes: 755976 756361 759382 Changes: apache2 (2.4.10-2) unstable; urgency=medium . * Pull changes from upstream 2.4.x branch up to r1626207 + Security Fix for CVE-2013-5704: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds MergeTrailers directive to restore
Bug#755976: marked as done ([apache2] It does not install the actual apache2 binaries. in extended description)
Your message dated Sun, 21 Sep 2014 21:20:29 + with message-id e1xvoyx-0007lh...@franck.debian.org and subject line Bug#755976: fixed in apache2 2.4.10-2 has caused the Debian Bug report #755976, regarding [apache2] It does not install the actual apache2 binaries. in extended description to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 755976: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755976 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apache2 Version: 2.4.9-2 Severity: minor The extended description reads: The Apache Software Foundation's goal is to build a secure, efficient and extensible HTTP server as standards-compliant open source software. The result has long been the number one web server on the Internet. This package contains the configuration files, init scripts and support scripts. It does not install the actual apache2 binaries. While apache2 does not *contain* Apache binaries, I fail to see an interpretation of the last sentence which is both correct and useful. Apache binaries are in apache2-bin, which apache2 depends on, so apache2 does provide Apache binaries. If apache2 does not install the actual apache2 binaries. doesn't mean that installing apache2 does not install the Apache binaries, the intended meaning needs clarification. -- Filipus Klutiero http://www.philippecloutier.com ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.4.10-2 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 755...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch s...@debian.org (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 21 Sep 2014 22:58:33 +0200 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source amd64 all Version: 2.4.10-2 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch s...@debian.org Description: apache2- Apache HTTP Server apache2-bin - Apache HTTP Server (binary files and modules) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache2-suexec - transitional package for apache2-suexec-pristine apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) apache2.2-bin - Transitional package for apache2-bin apache2.2-common - Transitional package for apache2 libapache2-mod-macro - Transitional package for apache2-bin libapache2-mod-proxy-html - Transitional package for apache2-bin Closes: 755976 756361 759382 Changes: apache2 (2.4.10-2) unstable; urgency=medium . * Pull changes from upstream 2.4.x branch up to r1626207 + Security Fix for CVE-2013-5704: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds MergeTrailers directive to restore legacy behavior. . * Switch to apache2 providing the httpd and httpd-cgi virtual packages. The previously providing apache2-bin package lacks the configuration files. Closes: #756361 * Keep fewer logs by default.
Bug#759382: marked as done (do not keep so much logs)
Your message dated Sun, 21 Sep 2014 21:20:29 + with message-id e1xvoyx-0007ls...@franck.debian.org and subject line Bug#759382: fixed in apache2 2.4.10-2 has caused the Debian Bug report #759382, regarding do not keep so much logs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 759382: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759382 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apache2 Severity: wishlist Apache, at least in Wheezy, seems to be configured by default to keep 52 log files, rotated on a weekly basis, meaning that logs are kept for a year. This is a long time to keep longs. It exposes our users unduly to surveillance and privacy breaches. It also means a lot of data to keep on disk for busy webservers. For any moderately to high traffic webserver, this can actually fill up /var pretty fast. For example, a server with an average of 12 hits per second: http://stats.koumbit.net/koumbit.net/ceres.koumbit.net/apache_accesses.html ... accumulates around 30MB *per day*. That means 11GB per year. I suspect the default partitionning would not allocate enough space for /var at all on most systems to cover for that. I would suggest following the policies set for /var/log/syslog, which are rotate daily and keey 7 days. -- System Information: Debian Release: 7.6 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages apache2 depends on: pn apache2-mpm-worker | apache2-mpm-prefork | apache2-mpm-event | apac none pn apache2.2-common none apache2 recommends no packages. apache2 suggests no packages. ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.4.10-2 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 759...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch s...@debian.org (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 21 Sep 2014 22:58:33 +0200 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source amd64 all Version: 2.4.10-2 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch s...@debian.org Description: apache2- Apache HTTP Server apache2-bin - Apache HTTP Server (binary files and modules) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache2-suexec - transitional package for apache2-suexec-pristine apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) apache2.2-bin - Transitional package for apache2-bin apache2.2-common - Transitional package for apache2 libapache2-mod-macro - Transitional package for apache2-bin libapache2-mod-proxy-html - Transitional package for apache2-bin Closes: 755976 756361 759382 Changes: apache2 (2.4.10-2) unstable; urgency=medium . * Pull changes from upstream 2.4.x branch up to r1626207 + Security Fix for CVE-2013-5704: HTTP trailers could be used to