Public bug reported: Binary package hint: apache2
Apache2 in an LTS release would greatly benefit from some recent changes in the Debian package: In 2.2.14-6: * Add a hook to apache2.2-common's postrm script that may come in handy when upgrading to 2.4. This may allow to do the 2.2 -> 2.4 upgrade in a cleaner way than the hack that was done for 2.0 -> 2.2 (which involved apache2.2-common deleting apache2-common's postrm script). In 2.2.15: - mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure renegotiation with clients which do not yet support the secure renegotiation protocol. As this requires openssl 0.9.8m, bump build dependency accordingly. This allows an admin to configure how to treat clients that are vulnerable to CVE-2009-3555. Also, 2.2.15 has some improved protection for vulnerable clients. In case you want to update to the most recent version despite the sizable changes, you should use 2.2.15-3, which has some important bug fixes over 2.2.15-2. ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- consider a newer version of apache2 for lucid or backport some changes https://bugs.launchpad.net/bugs/551221 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs