** Description changed: - Scheduled-For: Never (this is a dummy test bug) - Upstream: 2.4.59 - Debian: 2.4.59-2 - Ubuntu: 2.4.58-1ubuntu8 - - Debian does new releases regularly, so it's likely there will be newer - versions available before FF that we can pick up if this merge is done - later in the cycle. - - If it turns out this needs a sync rather than a merge, please change the - tag 'needs-merge' to 'needs-sync', and (optionally) update the title as - desired. - - If this merge pulls in a new upstream version, also consider adding an - entry to the Oracular Release Notes: - https://discourse.ubuntu.com/c/release/38 - - ### New Debian Changes ### - - apache2 (2.4.59-2) unstable; urgency=medium - - * Breaks against fossil due to CVE-2024-24795 follows up - - -- Bastien Roucariès <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000 - - apache2 (2.4.59-1) unstable; urgency=medium - - [ Stefan Fritsch ] - * Remove old transitional packages libapache2-mod-md and - libapache2-mod-proxy-uwsgi. Closes: #1032628 - - [ Yadd ] - * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564) - * Refresh patches - * New upstream version 2.4.59 - (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709) - * Refresh patches - * Update patches - * Update test framework - - -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 +0400 - - apache2 (2.4.58-1) unstable; urgency=medium - - [ Bas Couwenberg ] - * Provide dh-sequence-apache2 (Closes: #1050870) - - [ Yadd ] - * Drop dependency to obsolete lsb-base - * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622, - CVE-2023-45802) - * Refresh patches - - -- Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400 - - apache2 (2.4.57-3) unstable; urgency=medium - - * Update a2enmod to drop given/when (Closes: #1050458) - * Restore changes not included in Bookworm (set -e in apache2ctl) - - -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 +0400 - - apache2 (2.4.57-2) unstable; urgency=medium - - * Revert debian/* changes (Bookworm freeze) - - -- Yadd <y...@debian.org> Thu, 13 Apr 2023 07:26:51 +0400 - - apache2 (2.4.57-1) unstable; urgency=medium - - * New upstream version 2.4.57 - * Drop 2.4.56-regression patches - - -- Yadd <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400 - - apache2 (2.4.56-2) unstable; urgency=medium - - * Fix regression in mod_rewrite introduced in version 2.4.56 - (Closes: #1033284) - * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408) - - -- Yadd <y...@debian.org> Sun, 02 Apr 2023 06:54:25 +0400 - - apache2 (2.4.56-1) unstable; urgency=medium - - * New upstream version (Closes: #1032476, CVE-2023-27522, - CVE-2023-25690) - - -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 +0400 - - apache2 (2.4.55-1) unstable; urgency=medium - - [ Hendrik Jäger ] - * disable ssl session tickets - * redundant example as already enabled in the default config - * logrotate indentation - * Update example how to prevent access to VCS directories - - [ lintian-brush ] - * Update lintian override info to new format: - + debian/source/lintian-overrides: line 2, 4-5, 8 - + debian/apache2-data.lintian-overrides: line 2-5 - + debian/apache2-bin.lintian-overrides: line 3 - + debian/apache2-doc.lintian-overrides: line 2 - + debian/apache2.lintian-overrides: line 6 - * Set upstream metadata fields: Repository-Browse. - * Update standards version to 4.6.2, no changes needed. - - [ Yadd ] - * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, - CVE-2022-37436) - - -- Yadd <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400 - - apache2 (2.4.54-5) unstable; urgency=medium - - [ Hendrik Jäger ] - * fix: one oom-killed thread should not take down the whole service - * fix: remove modelines - * fix: update clickjacking protection example - - ### Old Ubuntu Delta ### - - apache2 (2.4.58-1ubuntu8) noble; urgency=medium - - * No-change rebuild against libapr1t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 07 Apr 2024 07:02:29 - +0000 - - apache2 (2.4.58-1ubuntu7) noble; urgency=medium - - * No-change rebuild for CVE-2024-3094 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 - +0000 - - apache2 (2.4.58-1ubuntu6) noble; urgency=medium - - * d/debhelper/apache2-maintscript-helper: Allow execution when called from a - postinst script through a trigger (i.e., postinst triggered). - Thanks to Roel van Meer. (LP: #2038912) (Closes: #1060450) - - -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar 2024 - 09:35:36 -0300 - - apache2 (2.4.58-1ubuntu5) noble; urgency=medium - - * No-change rebuild against libcurl4t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 - +0000 - - apache2 (2.4.58-1ubuntu4) noble; urgency=medium - - * No-change rebuild against libaprutil1t64 - - -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 23:05:43 - -0700 - - apache2 (2.4.58-1ubuntu3) noble; urgency=medium - - * No-change rebuild against libssl3t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 - +0000 - - apache2 (2.4.58-1ubuntu2) noble; urgency=medium - - * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add - dolphin and Konqueror/5 careful redirection so that directories can be - deleted via webdav. - (LP: #1927742) - - -- Bryce Harrington <br...@canonical.com> Wed, 24 Jan 2024 14:00:03 - -0800 - - apache2 (2.4.58-1ubuntu1) noble; urgency=medium - - * Merge with Debian unstable (LP: #2040357). Remaining changes: - - - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm, - d/source/include-binaries, d/t/check-ubuntu-branding: Replace - Debian with Ubuntu on default homepage. - (LP #1966004, LP #1947459) - - d/apache2.py, d/apache2-bin.install: Add apport hook - (LP #609177) - - d/control, d/apache2.install, d/apache2-utils.ufw.profile, - d/apache2.dirs: Add ufw profiles - (LP #261198) - - d/control: Upgrade lua build dependency to 5.4 - - -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 23:52:39 - -0800 + New Description
** Description changed: - New Description + Scheduled-For: Never (this is a dummy test bug) + Upstream: 2.4.59 + Debian: 2.4.59-2 + Ubuntu: 2.4.58-1ubuntu8 + + Debian does new releases regularly, so it's likely there will be newer + versions available before FF that we can pick up if this merge is done + later in the cycle. + + If it turns out this needs a sync rather than a merge, please change the + tag 'needs-merge' to 'needs-sync', and (optionally) update the title as + desired. + + If this merge pulls in a new upstream version, also consider adding an + entry to the Oracular Release Notes: + https://discourse.ubuntu.com/c/release/38 + + ### New Debian Changes ### + + apache2 (2.4.59-2) unstable; urgency=medium + + * Breaks against fossil due to CVE-2024-24795 follows up + + -- Bastien Roucariès <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000 + + apache2 (2.4.59-1) unstable; urgency=medium + + [ Stefan Fritsch ] + * Remove old transitional packages libapache2-mod-md and + libapache2-mod-proxy-uwsgi. Closes: #1032628 + + [ Yadd ] + * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564) + * Refresh patches + * New upstream version 2.4.59 + (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709) + * Refresh patches + * Update patches + * Update test framework + + -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 +0400 + + apache2 (2.4.58-1) unstable; urgency=medium + + [ Bas Couwenberg ] + * Provide dh-sequence-apache2 (Closes: #1050870) + + [ Yadd ] + * Drop dependency to obsolete lsb-base + * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622, + CVE-2023-45802) + * Refresh patches + + -- Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400 + + apache2 (2.4.57-3) unstable; urgency=medium + + * Update a2enmod to drop given/when (Closes: #1050458) + * Restore changes not included in Bookworm (set -e in apache2ctl) + + -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 +0400 + + apache2 (2.4.57-2) unstable; urgency=medium + + * Revert debian/* changes (Bookworm freeze) + + -- Yadd <y...@debian.org> Thu, 13 Apr 2023 07:26:51 +0400 + + apache2 (2.4.57-1) unstable; urgency=medium + + * New upstream version 2.4.57 + * Drop 2.4.56-regression patches + + -- Yadd <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400 + + apache2 (2.4.56-2) unstable; urgency=medium + + * Fix regression in mod_rewrite introduced in version 2.4.56 + (Closes: #1033284) + * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408) + + -- Yadd <y...@debian.org> Sun, 02 Apr 2023 06:54:25 +0400 + + apache2 (2.4.56-1) unstable; urgency=medium + + * New upstream version (Closes: #1032476, CVE-2023-27522, + CVE-2023-25690) + + -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 +0400 + + apache2 (2.4.55-1) unstable; urgency=medium + + [ Hendrik Jäger ] + * disable ssl session tickets + * redundant example as already enabled in the default config + * logrotate indentation + * Update example how to prevent access to VCS directories + + [ lintian-brush ] + * Update lintian override info to new format: + + debian/source/lintian-overrides: line 2, 4-5, 8 + + debian/apache2-data.lintian-overrides: line 2-5 + + debian/apache2-bin.lintian-overrides: line 3 + + debian/apache2-doc.lintian-overrides: line 2 + + debian/apache2.lintian-overrides: line 6 + * Set upstream metadata fields: Repository-Browse. + * Update standards version to 4.6.2, no changes needed. + + [ Yadd ] + * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, + CVE-2022-37436) + + -- Yadd <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400 + + apache2 (2.4.54-5) unstable; urgency=medium + + [ Hendrik Jäger ] + * fix: one oom-killed thread should not take down the whole service + * fix: remove modelines + * fix: update clickjacking protection example + + ### Old Ubuntu Delta ### + + apache2 (2.4.58-1ubuntu8) noble; urgency=medium + + * No-change rebuild against libapr1t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 07 Apr 2024 07:02:29 + +0000 + + apache2 (2.4.58-1ubuntu7) noble; urgency=medium + + * No-change rebuild for CVE-2024-3094 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 + +0000 + + apache2 (2.4.58-1ubuntu6) noble; urgency=medium + + * d/debhelper/apache2-maintscript-helper: Allow execution when called from a + postinst script through a trigger (i.e., postinst triggered). + Thanks to Roel van Meer. (LP: #2038912) (Closes: #1060450) + + -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar 2024 + 09:35:36 -0300 + + apache2 (2.4.58-1ubuntu5) noble; urgency=medium + + * No-change rebuild against libcurl4t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 + +0000 + + apache2 (2.4.58-1ubuntu4) noble; urgency=medium + + * No-change rebuild against libaprutil1t64 + + -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 23:05:43 + -0700 + + apache2 (2.4.58-1ubuntu3) noble; urgency=medium + + * No-change rebuild against libssl3t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 + +0000 + + apache2 (2.4.58-1ubuntu2) noble; urgency=medium + + * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add + dolphin and Konqueror/5 careful redirection so that directories can be + deleted via webdav. + (LP: #1927742) + + -- Bryce Harrington <br...@canonical.com> Wed, 24 Jan 2024 14:00:03 + -0800 + + apache2 (2.4.58-1ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2040357). Remaining changes: + + - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm, + d/source/include-binaries, d/t/check-ubuntu-branding: Replace + Debian with Ubuntu on default homepage. + (LP #1966004, LP #1947459) + - d/apache2.py, d/apache2-bin.install: Add apport hook + (LP #609177) + - d/control, d/apache2.install, d/apache2-utils.ufw.profile, + d/apache2.dirs: Add ufw profiles + (LP #261198) + - d/control: Upgrade lua build dependency to 5.4 + + -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 23:52:39 + -0800 ** Description changed: - Scheduled-For: Never (this is a dummy test bug) - Upstream: 2.4.59 - Debian: 2.4.59-2 - Ubuntu: 2.4.58-1ubuntu8 - - Debian does new releases regularly, so it's likely there will be newer - versions available before FF that we can pick up if this merge is done - later in the cycle. - - If it turns out this needs a sync rather than a merge, please change the - tag 'needs-merge' to 'needs-sync', and (optionally) update the title as - desired. - - If this merge pulls in a new upstream version, also consider adding an - entry to the Oracular Release Notes: - https://discourse.ubuntu.com/c/release/38 - - ### New Debian Changes ### - - apache2 (2.4.59-2) unstable; urgency=medium - - * Breaks against fossil due to CVE-2024-24795 follows up - - -- Bastien Roucariès <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000 - - apache2 (2.4.59-1) unstable; urgency=medium - - [ Stefan Fritsch ] - * Remove old transitional packages libapache2-mod-md and - libapache2-mod-proxy-uwsgi. Closes: #1032628 - - [ Yadd ] - * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564) - * Refresh patches - * New upstream version 2.4.59 - (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709) - * Refresh patches - * Update patches - * Update test framework - - -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 +0400 - - apache2 (2.4.58-1) unstable; urgency=medium - - [ Bas Couwenberg ] - * Provide dh-sequence-apache2 (Closes: #1050870) - - [ Yadd ] - * Drop dependency to obsolete lsb-base - * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622, - CVE-2023-45802) - * Refresh patches - - -- Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400 - - apache2 (2.4.57-3) unstable; urgency=medium - - * Update a2enmod to drop given/when (Closes: #1050458) - * Restore changes not included in Bookworm (set -e in apache2ctl) - - -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 +0400 - - apache2 (2.4.57-2) unstable; urgency=medium - - * Revert debian/* changes (Bookworm freeze) - - -- Yadd <y...@debian.org> Thu, 13 Apr 2023 07:26:51 +0400 - - apache2 (2.4.57-1) unstable; urgency=medium - - * New upstream version 2.4.57 - * Drop 2.4.56-regression patches - - -- Yadd <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400 - - apache2 (2.4.56-2) unstable; urgency=medium - - * Fix regression in mod_rewrite introduced in version 2.4.56 - (Closes: #1033284) - * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408) - - -- Yadd <y...@debian.org> Sun, 02 Apr 2023 06:54:25 +0400 - - apache2 (2.4.56-1) unstable; urgency=medium - - * New upstream version (Closes: #1032476, CVE-2023-27522, - CVE-2023-25690) - - -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 +0400 - - apache2 (2.4.55-1) unstable; urgency=medium - - [ Hendrik Jäger ] - * disable ssl session tickets - * redundant example as already enabled in the default config - * logrotate indentation - * Update example how to prevent access to VCS directories - - [ lintian-brush ] - * Update lintian override info to new format: - + debian/source/lintian-overrides: line 2, 4-5, 8 - + debian/apache2-data.lintian-overrides: line 2-5 - + debian/apache2-bin.lintian-overrides: line 3 - + debian/apache2-doc.lintian-overrides: line 2 - + debian/apache2.lintian-overrides: line 6 - * Set upstream metadata fields: Repository-Browse. - * Update standards version to 4.6.2, no changes needed. - - [ Yadd ] - * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, - CVE-2022-37436) - - -- Yadd <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400 - - apache2 (2.4.54-5) unstable; urgency=medium - - [ Hendrik Jäger ] - * fix: one oom-killed thread should not take down the whole service - * fix: remove modelines - * fix: update clickjacking protection example - - ### Old Ubuntu Delta ### - - apache2 (2.4.58-1ubuntu8) noble; urgency=medium - - * No-change rebuild against libapr1t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 07 Apr 2024 07:02:29 - +0000 - - apache2 (2.4.58-1ubuntu7) noble; urgency=medium - - * No-change rebuild for CVE-2024-3094 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 - +0000 - - apache2 (2.4.58-1ubuntu6) noble; urgency=medium - - * d/debhelper/apache2-maintscript-helper: Allow execution when called from a - postinst script through a trigger (i.e., postinst triggered). - Thanks to Roel van Meer. (LP: #2038912) (Closes: #1060450) - - -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar 2024 - 09:35:36 -0300 - - apache2 (2.4.58-1ubuntu5) noble; urgency=medium - - * No-change rebuild against libcurl4t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 - +0000 - - apache2 (2.4.58-1ubuntu4) noble; urgency=medium - - * No-change rebuild against libaprutil1t64 - - -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 23:05:43 - -0700 - - apache2 (2.4.58-1ubuntu3) noble; urgency=medium - - * No-change rebuild against libssl3t64 - - -- Steve Langasek <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 - +0000 - - apache2 (2.4.58-1ubuntu2) noble; urgency=medium - - * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add - dolphin and Konqueror/5 careful redirection so that directories can be - deleted via webdav. - (LP: #1927742) - - -- Bryce Harrington <br...@canonical.com> Wed, 24 Jan 2024 14:00:03 - -0800 - - apache2 (2.4.58-1ubuntu1) noble; urgency=medium - - * Merge with Debian unstable (LP: #2040357). Remaining changes: - - - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm, - d/source/include-binaries, d/t/check-ubuntu-branding: Replace - Debian with Ubuntu on default homepage. - (LP #1966004, LP #1947459) - - d/apache2.py, d/apache2-bin.install: Add apport hook - (LP #609177) - - d/control, d/apache2.install, d/apache2-utils.ufw.profile, - d/apache2.dirs: Add ufw profiles - (LP #261198) - - d/control: Upgrade lua build dependency to 5.4 - - -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 23:52:39 - -0800 + Scheduled-For: Never (this is a dummy test bug)Upstream: 2.4.59Debian: + 2.4.59-2Ubuntu: 2.4.58-1ubuntu8Debian does new releases regularly, so + it's likely there will be newer versions available before FF that we can + pick up if this merge is done later in the cycle.If it turns out this + needs a sync rather than a merge, please change the tag 'needs-merge' to + 'needs-sync', and (optionally) update the title as desired.If this merge + pulls in a new upstream version, also consider adding an entry to the + Oracular Release Notes: https://discourse.ubuntu.com/c/release/38### New + Debian Changes ###apache2 (2.4.59-2) unstable; urgency=medium * Breaks + against fossil due to CVE-2024-24795 follows up -- Bastien Roucariès + <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000apache2 (2.4.59-1) + unstable; urgency=medium [ Stefan Fritsch ] * Remove old transitional + packages libapache2-mod-md and libapache2-mod-proxy-uwsgi. Closes: + #1032628 [ Yadd ] * mod_proxy_connect: disable AllowCONNECT by default + (Closes: #1054564) * Refresh patches * New upstream version + 2.4.59 (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 + CVE-2023-38709) * Refresh patches * Update patches * Update test + framework -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 + +0400apache2 (2.4.58-1) unstable; urgency=medium [ Bas Couwenberg ] * + Provide dh-sequence-apache2 (Closes: #1050870) [ Yadd ] * Drop + dependency to obsolete lsb-base * New upstream version 2.4.58 (Closes: + CVE-2023-31122, CVE-2023-43622, CVE-2023-45802) * Refresh patches -- + Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400apache2 (2.4.57-3) + unstable; urgency=medium * Update a2enmod to drop given/when (Closes: + #1050458) * Restore changes not included in Bookworm (set -e in + apache2ctl) -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 + +0400apache2 (2.4.57-2) unstable; urgency=medium * Revert debian/* + changes (Bookworm freeze) -- Yadd <y...@debian.org> Thu, 13 Apr 2023 + 07:26:51 +0400apache2 (2.4.57-1) unstable; urgency=medium * New + upstream version 2.4.57 * Drop 2.4.56-regression patches -- Yadd + <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400apache2 (2.4.56-2) + unstable; urgency=medium * Fix regression in mod_rewrite introduced in + version 2.4.56 (Closes: #1033284) * Fix regression in http2 + introduced by 2.4.56 (Closes: #1033408) -- Yadd <y...@debian.org> Sun, + 02 Apr 2023 06:54:25 +0400apache2 (2.4.56-1) unstable; urgency=medium * + New upstream version (Closes: #1032476, CVE-2023-27522, + CVE-2023-25690) -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 + +0400apache2 (2.4.55-1) unstable; urgency=medium [ Hendrik Jäger ] * + disable ssl session tickets * redundant example as already enabled in + the default config * logrotate indentation * Update example how to + prevent access to VCS directories [ lintian-brush ] * Update lintian + override info to new format: + debian/source/lintian-overrides: line + 2, 4-5, 8 + debian/apache2-data.lintian-overrides: line 2-5 + + debian/apache2-bin.lintian-overrides: line 3 + + debian/apache2-doc.lintian-overrides: line 2 + + debian/apache2.lintian-overrides: line 6 * Set upstream metadata + fields: Repository-Browse. * Update standards version to 4.6.2, no + changes needed. [ Yadd ] * New upstream version (Closes: + CVE-2006-20001, CVE-2022-36760, CVE-2022-37436) -- Yadd + <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400apache2 (2.4.54-5) + unstable; urgency=medium [ Hendrik Jäger ] * fix: one oom-killed + thread should not take down the whole service * fix: remove + modelines * fix: update clickjacking protection example### Old Ubuntu + Delta ###apache2 (2.4.58-1ubuntu8) noble; urgency=medium * No-change + rebuild against libapr1t64 -- Steve Langasek <steve.langa...@ubuntu.com> + Sun, 07 Apr 2024 07:02:29 +0000apache2 (2.4.58-1ubuntu7) noble; + urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek + <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 +0000apache2 + (2.4.58-1ubuntu6) noble; urgency=medium * + d/debhelper/apache2-maintscript-helper: Allow execution when called from + a postinst script through a trigger (i.e., postinst + triggered). Thanks to Roel van Meer. (LP: #2038912) (Closes: + #1060450) -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar + 2024 09:35:36 -0300apache2 (2.4.58-1ubuntu5) noble; urgency=medium * + No-change rebuild against libcurl4t64 -- Steve Langasek + <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 +0000apache2 + (2.4.58-1ubuntu4) noble; urgency=medium * No-change rebuild against + libaprutil1t64 -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 + 23:05:43 -0700apache2 (2.4.58-1ubuntu3) noble; urgency=medium * No- + change rebuild against libssl3t64 -- Steve Langasek + <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 +0000apache2 + (2.4.58-1ubuntu2) noble; urgency=medium * d/c/m/setenvif.conf, d/p/fix- + dolphin-to-delete-webdav-dirs.patch: Add dolphin and Konqueror/5 + careful redirection so that directories can be deleted via + webdav. (LP: #1927742) -- Bryce Harrington <br...@canonical.com> Wed, + 24 Jan 2024 14:00:03 -0800apache2 (2.4.58-1ubuntu1) noble; + urgency=medium * Merge with Debian unstable (LP: #2040357). Remaining + changes: - d/index.html, d/icons/ubuntu-logo.png, + d/apache2.postrm, d/source/include-binaries, d/t/check-ubuntu- + branding: Replace Debian with Ubuntu on default homepage. (LP + #1966004, LP #1947459) - d/apache2.py, d/apache2-bin.install: Add + apport hook (LP #609177) - d/control, d/apache2.install, + d/apache2-utils.ufw.profile, d/apache2.dirs: Add ufw + profiles (LP #261198) - d/control: Upgrade lua build dependency + to 5.4 -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 + 23:52:39 -0800[Scheduled-For Backlog] ** Description changed: - Scheduled-For: Never (this is a dummy test bug)Upstream: 2.4.59Debian: - 2.4.59-2Ubuntu: 2.4.58-1ubuntu8Debian does new releases regularly, so - it's likely there will be newer versions available before FF that we can - pick up if this merge is done later in the cycle.If it turns out this - needs a sync rather than a merge, please change the tag 'needs-merge' to - 'needs-sync', and (optionally) update the title as desired.If this merge - pulls in a new upstream version, also consider adding an entry to the - Oracular Release Notes: https://discourse.ubuntu.com/c/release/38### New - Debian Changes ###apache2 (2.4.59-2) unstable; urgency=medium * Breaks - against fossil due to CVE-2024-24795 follows up -- Bastien Roucariès - <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000apache2 (2.4.59-1) - unstable; urgency=medium [ Stefan Fritsch ] * Remove old transitional - packages libapache2-mod-md and libapache2-mod-proxy-uwsgi. Closes: - #1032628 [ Yadd ] * mod_proxy_connect: disable AllowCONNECT by default - (Closes: #1054564) * Refresh patches * New upstream version - 2.4.59 (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 - CVE-2023-38709) * Refresh patches * Update patches * Update test - framework -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 - +0400apache2 (2.4.58-1) unstable; urgency=medium [ Bas Couwenberg ] * - Provide dh-sequence-apache2 (Closes: #1050870) [ Yadd ] * Drop - dependency to obsolete lsb-base * New upstream version 2.4.58 (Closes: - CVE-2023-31122, CVE-2023-43622, CVE-2023-45802) * Refresh patches -- - Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400apache2 (2.4.57-3) - unstable; urgency=medium * Update a2enmod to drop given/when (Closes: - #1050458) * Restore changes not included in Bookworm (set -e in - apache2ctl) -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 - +0400apache2 (2.4.57-2) unstable; urgency=medium * Revert debian/* - changes (Bookworm freeze) -- Yadd <y...@debian.org> Thu, 13 Apr 2023 - 07:26:51 +0400apache2 (2.4.57-1) unstable; urgency=medium * New - upstream version 2.4.57 * Drop 2.4.56-regression patches -- Yadd - <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400apache2 (2.4.56-2) - unstable; urgency=medium * Fix regression in mod_rewrite introduced in - version 2.4.56 (Closes: #1033284) * Fix regression in http2 - introduced by 2.4.56 (Closes: #1033408) -- Yadd <y...@debian.org> Sun, - 02 Apr 2023 06:54:25 +0400apache2 (2.4.56-1) unstable; urgency=medium * - New upstream version (Closes: #1032476, CVE-2023-27522, - CVE-2023-25690) -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 - +0400apache2 (2.4.55-1) unstable; urgency=medium [ Hendrik Jäger ] * - disable ssl session tickets * redundant example as already enabled in - the default config * logrotate indentation * Update example how to - prevent access to VCS directories [ lintian-brush ] * Update lintian - override info to new format: + debian/source/lintian-overrides: line - 2, 4-5, 8 + debian/apache2-data.lintian-overrides: line 2-5 + - debian/apache2-bin.lintian-overrides: line 3 + - debian/apache2-doc.lintian-overrides: line 2 + - debian/apache2.lintian-overrides: line 6 * Set upstream metadata - fields: Repository-Browse. * Update standards version to 4.6.2, no - changes needed. [ Yadd ] * New upstream version (Closes: - CVE-2006-20001, CVE-2022-36760, CVE-2022-37436) -- Yadd - <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400apache2 (2.4.54-5) - unstable; urgency=medium [ Hendrik Jäger ] * fix: one oom-killed - thread should not take down the whole service * fix: remove - modelines * fix: update clickjacking protection example### Old Ubuntu - Delta ###apache2 (2.4.58-1ubuntu8) noble; urgency=medium * No-change - rebuild against libapr1t64 -- Steve Langasek <steve.langa...@ubuntu.com> - Sun, 07 Apr 2024 07:02:29 +0000apache2 (2.4.58-1ubuntu7) noble; - urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek - <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 +0000apache2 - (2.4.58-1ubuntu6) noble; urgency=medium * - d/debhelper/apache2-maintscript-helper: Allow execution when called from - a postinst script through a trigger (i.e., postinst - triggered). Thanks to Roel van Meer. (LP: #2038912) (Closes: - #1060450) -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar - 2024 09:35:36 -0300apache2 (2.4.58-1ubuntu5) noble; urgency=medium * - No-change rebuild against libcurl4t64 -- Steve Langasek - <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 +0000apache2 - (2.4.58-1ubuntu4) noble; urgency=medium * No-change rebuild against - libaprutil1t64 -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 - 23:05:43 -0700apache2 (2.4.58-1ubuntu3) noble; urgency=medium * No- - change rebuild against libssl3t64 -- Steve Langasek - <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 +0000apache2 - (2.4.58-1ubuntu2) noble; urgency=medium * d/c/m/setenvif.conf, d/p/fix- - dolphin-to-delete-webdav-dirs.patch: Add dolphin and Konqueror/5 - careful redirection so that directories can be deleted via - webdav. (LP: #1927742) -- Bryce Harrington <br...@canonical.com> Wed, - 24 Jan 2024 14:00:03 -0800apache2 (2.4.58-1ubuntu1) noble; - urgency=medium * Merge with Debian unstable (LP: #2040357). Remaining - changes: - d/index.html, d/icons/ubuntu-logo.png, - d/apache2.postrm, d/source/include-binaries, d/t/check-ubuntu- - branding: Replace Debian with Ubuntu on default homepage. (LP - #1966004, LP #1947459) - d/apache2.py, d/apache2-bin.install: Add - apport hook (LP #609177) - d/control, d/apache2.install, - d/apache2-utils.ufw.profile, d/apache2.dirs: Add ufw - profiles (LP #261198) - d/control: Upgrade lua build dependency - to 5.4 -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 - 23:52:39 -0800[Scheduled-For Backlog] + Scheduled-For: Never + Upstream: 2.4.59 + Debian: 2.4.59-2 + Ubuntu: 2.4.58-1ubuntu8 + + Debian does new releases regularly, so it's likely there will be newer + versions available before FF that we can pick up if this merge is done + later in the cycle. + + If it turns out this needs a sync rather than a merge, please change the + tag 'needs-merge' to 'needs-sync', and (optionally) update the title as + desired. + + If this merge pulls in a new upstream version, also consider adding an + entry to the Oracular Release Notes: + https://discourse.ubuntu.com/c/release/38 + + ### New Debian Changes ### + + apache2 (2.4.59-2) unstable; urgency=medium + + * Breaks against fossil due to CVE-2024-24795 follows up + + -- Bastien Roucariès <ro...@debian.org> Mon, 29 Apr 2024 21:55:28 +0000 + + apache2 (2.4.59-1) unstable; urgency=medium + + [ Stefan Fritsch ] + * Remove old transitional packages libapache2-mod-md and + libapache2-mod-proxy-uwsgi. Closes: #1032628 + + [ Yadd ] + * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564) + * Refresh patches + * New upstream version 2.4.59 + (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709) + * Refresh patches + * Update patches + * Update test framework + + -- Yadd <y...@debian.org> Fri, 05 Apr 2024 08:08:11 +0400 + + apache2 (2.4.58-1) unstable; urgency=medium + + [ Bas Couwenberg ] + * Provide dh-sequence-apache2 (Closes: #1050870) + + [ Yadd ] + * Drop dependency to obsolete lsb-base + * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622, + CVE-2023-45802) + * Refresh patches + + -- Yadd <y...@debian.org> Thu, 19 Oct 2023 14:56:29 +0400 + + apache2 (2.4.57-3) unstable; urgency=medium + + * Update a2enmod to drop given/when (Closes: #1050458) + * Restore changes not included in Bookworm (set -e in apache2ctl) + + -- Yadd <y...@debian.org> Tue, 29 Aug 2023 11:39:32 +0400 + + apache2 (2.4.57-2) unstable; urgency=medium + + * Revert debian/* changes (Bookworm freeze) + + -- Yadd <y...@debian.org> Thu, 13 Apr 2023 07:26:51 +0400 + + apache2 (2.4.57-1) unstable; urgency=medium + + * New upstream version 2.4.57 + * Drop 2.4.56-regression patches + + -- Yadd <y...@debian.org> Sat, 08 Apr 2023 06:57:16 +0400 + + apache2 (2.4.56-2) unstable; urgency=medium + + * Fix regression in mod_rewrite introduced in version 2.4.56 + (Closes: #1033284) + * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408) + + -- Yadd <y...@debian.org> Sun, 02 Apr 2023 06:54:25 +0400 + + apache2 (2.4.56-1) unstable; urgency=medium + + * New upstream version (Closes: #1032476, CVE-2023-27522, + CVE-2023-25690) + + -- Yadd <y...@debian.org> Wed, 08 Mar 2023 06:44:05 +0400 + + apache2 (2.4.55-1) unstable; urgency=medium + + [ Hendrik Jäger ] + * disable ssl session tickets + * redundant example as already enabled in the default config + * logrotate indentation + * Update example how to prevent access to VCS directories + + [ lintian-brush ] + * Update lintian override info to new format: + + debian/source/lintian-overrides: line 2, 4-5, 8 + + debian/apache2-data.lintian-overrides: line 2-5 + + debian/apache2-bin.lintian-overrides: line 3 + + debian/apache2-doc.lintian-overrides: line 2 + + debian/apache2.lintian-overrides: line 6 + * Set upstream metadata fields: Repository-Browse. + * Update standards version to 4.6.2, no changes needed. + + [ Yadd ] + * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, + CVE-2022-37436) + + -- Yadd <y...@debian.org> Wed, 18 Jan 2023 07:41:55 +0400 + + apache2 (2.4.54-5) unstable; urgency=medium + + [ Hendrik Jäger ] + * fix: one oom-killed thread should not take down the whole service + * fix: remove modelines + * fix: update clickjacking protection example + + ### Old Ubuntu Delta ### + + apache2 (2.4.58-1ubuntu8) noble; urgency=medium + + * No-change rebuild against libapr1t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 07 Apr 2024 07:02:29 + +0000 + + apache2 (2.4.58-1ubuntu7) noble; urgency=medium + + * No-change rebuild for CVE-2024-3094 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 08:37:28 + +0000 + + apache2 (2.4.58-1ubuntu6) noble; urgency=medium + + * d/debhelper/apache2-maintscript-helper: Allow execution when called from a + postinst script through a trigger (i.e., postinst triggered). + Thanks to Roel van Meer. (LP: #2038912) (Closes: #1060450) + + -- Athos Ribeiro <athos.ribe...@canonical.com> Mon, 18 Mar 2024 + 09:35:36 -0300 + + apache2 (2.4.58-1ubuntu5) noble; urgency=medium + + * No-change rebuild against libcurl4t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:05:04 + +0000 + + apache2 (2.4.58-1ubuntu4) noble; urgency=medium + + * No-change rebuild against libaprutil1t64 + + -- Zixing Liu <zixing....@canonical.com> Sat, 09 Mar 2024 23:05:43 + -0700 + + apache2 (2.4.58-1ubuntu3) noble; urgency=medium + + * No-change rebuild against libssl3t64 + + -- Steve Langasek <steve.langa...@ubuntu.com> Mon, 04 Mar 2024 17:21:46 + +0000 + + apache2 (2.4.58-1ubuntu2) noble; urgency=medium + + * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add + dolphin and Konqueror/5 careful redirection so that directories can be + deleted via webdav. + (LP: #1927742) + + -- Bryce Harrington <br...@canonical.com> Wed, 24 Jan 2024 14:00:03 + -0800 + + apache2 (2.4.58-1ubuntu1) noble; urgency=medium + + * Merge with Debian unstable (LP: #2040357). Remaining changes: + + - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm, + d/source/include-binaries, d/t/check-ubuntu-branding: Replace + Debian with Ubuntu on default homepage. + (LP #1966004, LP #1947459) + - d/apache2.py, d/apache2-bin.install: Add apport hook + (LP #609177) + - d/control, d/apache2.install, d/apache2-utils.ufw.profile, + d/apache2.dirs: Add ufw profiles + (LP #261198) + - d/control: Upgrade lua build dependency to 5.4 + + -- Bryce Harrington <br...@canonical.com> Thu, 14 Dec 2023 23:52:39 + -0800 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064377 Title: Merge apache2 from Debian unstable for oracular To manage notifications about this bug go to: https://bugs.launchpad.net/apache2/+bug/2064377/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
