Change log for apache2 package in Ubuntu
| 301 → 375 of 421 results | First • Previous • Next • Last |
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
apache2 (2.2.14-5ubuntu8.2) lucid-security; urgency=low
* debian/patches/211-sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <email address hidden> Wed, 18 Aug 2010 16:37:47 -0400
Available diffs
- diff from 2.2.14-5ubuntu8.1 to 2.2.14-5ubuntu8.2 (434 bytes)
| Superseded in dapper-updates |
| Superseded in dapper-security |
| Deleted in dapper-proposed (Reason: moved to -updates) |
apache2 (2.0.55-4ubuntu2.11) dapper-security; urgency=low
* debian/patches/119_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <email address hidden> Mon, 16 Aug 2010 13:44:28 -0400
Available diffs
| Superseded in hardy-updates |
| Superseded in hardy-security |
| Deleted in hardy-proposed (Reason: moved to -updates) |
apache2 (2.2.8-1ubuntu0.18) hardy-security; urgency=low
* debian/patches/212_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <email address hidden> Mon, 16 Aug 2010 13:39:40 -0400
Available diffs
| Obsolete in jaunty-updates |
| Obsolete in jaunty-security |
| Deleted in jaunty-proposed (Reason: moved to -updates) |
apache2 (2.2.11-2ubuntu2.7) jaunty-security; urgency=low
* debian/patches/909_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <email address hidden> Mon, 16 Aug 2010 13:34:47 -0400
Available diffs
| Superseded in karmic-updates |
| Superseded in karmic-security |
| Deleted in karmic-proposed (Reason: moved to -updates) |
apache2 (2.2.12-1ubuntu2.3) karmic-security; urgency=low
* debian/patches/905_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <email address hidden> Mon, 16 Aug 2010 13:26:28 -0400
Available diffs
| Deleted in lucid-proposed (Reason: trivially FTBFS) |
apache2 (2.2.14-5ubuntu8.1) lucid-proposed; urgency=low
* debian/patches/upstream-fix-for-lp-609290.patch: Backport fix for upstream bug PR 45444.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45444. (LP: #609290, #589611, #595116)
-- Chuck Short <email address hidden> Fri, 06 Aug 2010 12:32:36 -0500
Available diffs
| Superseded in maverick-release |
apache2 (2.2.16-1ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
- debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
Available diffs
- diff from 2.2.15-5ubuntu1 to 2.2.16-1ubuntu1 (383.9 KiB)
| Superseded in maverick-release |
apache2 (2.2.15-5ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
- debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
+ Dropped:
- debian/patches/206-fix-potential-memory-leaks.dpatch: No longer needed.
- debian/patches/206-report-max-client-mpm-worker.dpatch: No longer needed.
- debian/config-dir/apache2.conf: Merged back from debian.
- mod-reqtimeout functionality: Merge back from debian.
- debian/patches/204_CVE-2010-0408.dpatch: No longer needed.
- debian/patches/205_CVE-2010-0434.dpatch: No longer needed.
- debian/patches/203_fix-ab-segfault.dpatch: No longer needed.
Available diffs
- diff from 2.2.14-5ubuntu8 to 2.2.15-5ubuntu1 (618.8 KiB)
apache2 (2.2.8-1ubuntu0.17) hardy-proposed; urgency=low
* debian/apache2.2-common.postinst: When dpkg-statoverride is used, the cut
delimiter has now been set to use ' ', as it was causing upgrades to fail.
(LP: #583698)
-- Dave Walker (Daviey) <email address hidden> Fri, 21 May 2010 13:50:34 +0100
Available diffs
- diff from 2.2.8-1ubuntu0.16 to 2.2.8-1ubuntu0.17 (545 bytes)
apache2 (2.2.8-1ubuntu0.16) hardy-proposed; urgency=low
* debian/patches/211_fix_mod_proxy_nocanon.dpatch: Fix duplicated query string
when using nocanon option to mod_proxy. Patch courtesy of James Troup, based
on upstream cherry pick. (LP: #455873)
-- Dave Walker (Daviey) <email address hidden> Mon, 17 May 2010 18:06:59 +0100
Available diffs
apache2 (2.2.14-5ubuntu8) lucid; urgency=low
* debian/patches/210-backport-mod-reqtimeout-ftbfs.dpatch: Add missing mod_reqtime.so
(LP: #562370)
-- Chuck Short <email address hidden> Tue, 13 Apr 2010 15:09:57 -0400
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu7) lucid; urgency=low
* debian/patches/206-fix-potential-memory-leaks.dpatch: Fix potential memory
leaks by making sure to not destroy bucket brigades that have been created
by earlier filters. Backported from 2.2.15.
* debian/patches/206-report-max-client-mpm-worker.dpatch: Don't report server
has reached MaxClients until it has. Backported from 2.2.15
* debian/config-dir/apache2.conf: Make the Files ~ "^\.ht" block in apache2.conf
more secure by adding Satisfy all. (Debian bug: #572075)
* debian/rules, debian/patches/209-backport-mod-reqtimeout.dpatch,
debian/config2-dir/mods-available/reqtimeout.load,
debian/config2-dir/mods-available/reqtimeout.conf debian/NEWS : Backport the
mod-reqtimeout module from 2.2.15, this will mitigate apache slowloris
bug in apache. Enable it by default. (LP: #392759)
-- Chuck Short <email address hidden> Mon, 05 Apr 2010 09:53:35 -0400
Available diffs
- diff from 2.2.14-5ubuntu6 to 2.2.14-5ubuntu7 (12.0 KiB)
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu6) lucid; urgency=low * debian/apache2.2-common.apache2.init: Fix thinko. (LP: #551681) -- Chuck Short <email address hidden> Tue, 30 Mar 2010 09:41:11 -0400
Available diffs
- diff from 2.2.14-5ubuntu5 to 2.2.14-5ubuntu6 (466 bytes)
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu5) lucid; urgency=low * Revert 99-fix-mod-dav-permissions.dpatch -- Chuck Short <email address hidden> Tue, 30 Mar 2010 07:55:46 -0400
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu4) lucid; urgency=low
* debian/patches/99-fix-mod-dav-permissions.dpatch: Fix permisisons when
downloading files from webdav (LP: #540747)
* debian/apache2.2-common.apache2.init: Add graceful restart (LP: #456381)
-- Chuck Short <email address hidden> Mon, 29 Mar 2010 13:37:39 -0400
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu3) lucid; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/204_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/205_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Wed, 10 Mar 2010 14:48:48 -0500
Available diffs
apache2 (2.2.12-1ubuntu2.2) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/903_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/904_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Mon, 08 Mar 2010 10:25:00 -0500
Available diffs
apache2 (2.2.11-2ubuntu2.6) jaunty-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/907_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/908_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Mon, 08 Mar 2010 11:26:48 -0500
Available diffs
apache2 (2.2.9-7ubuntu3.6) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/907_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/908_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Mon, 08 Mar 2010 11:29:11 -0500
Available diffs
apache2 (2.2.8-1ubuntu0.15) hardy-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/209_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/210_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Mon, 08 Mar 2010 11:56:13 -0500
Available diffs
apache2 (2.0.55-4ubuntu2.10) dapper-security; urgency=low
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/118_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
-- Marc Deslauriers <email address hidden> Mon, 08 Mar 2010 14:33:49 -0500
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu2) lucid; urgency=low
* debian/patches/203_fix-ab-segfault.dpatch: Fix segfaulting ab when using really
wacky options. (LP: #450501)
-- Chuck Short <email address hidden> Mon, 08 Mar 2010 14:53:17 -0500
Available diffs
- diff from 2.2.14-5ubuntu1 to 2.2.14-5ubuntu2 (834 bytes)
| Superseded in lucid-release |
apache2 (2.2.14-5ubuntu1) lucid; urgency=low * Merge from debian testing. Remaining changes: LP: #506862 - debian/{control, rules}: Enable PIE hardening. - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles. - debian/control: Add bzr tag and point it to our tree.
Available diffs
- diff from 2.2.14-4ubuntu1 to 2.2.14-5ubuntu1 (10.9 KiB)
| Superseded in lucid-release |
apache2 (2.2.14-4ubuntu1) lucid; urgency=low
* Resynchronzie with Debian, remaining changes are:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
-- Chuck Short <email address hidden> Wed, 23 Dec 2009 14:44:51 -0500
Available diffs
- diff from 2.2.14-2ubuntu1 to 2.2.14-4ubuntu1 (10.0 KiB)
apache2 (2.2.11-2ubuntu2.5) jaunty-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/904_CVE-2009-3555.dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/905-CVE-2009-3094.dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/906-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 12:46:19 -0600
Available diffs
apache2 (2.2.9-7ubuntu3.5) intrepid-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/904_CVE-2009-3555.dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/905-CVE-2009-3094.dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/906-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 14:02:27 -0600
Available diffs
apache2 (2.2.8-1ubuntu0.14) hardy-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/206_CVE-2009-3555.dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/207-CVE-2009-3094.dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/208-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 14:15:40 -0600
Available diffs
apache2 (2.0.55-4ubuntu2.9) dapper-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/115_CVE-2009-3555.patch: disable all client
renegotiations
- based on http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2.patch
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/116-CVE-2009-3094.patch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- based on http://svn.apache.org/viewvc?revision=814652&view=revision
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/117-CVE-2009-3095.patch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- based on http://svn.apache.org/viewvc?revision=814045&view=revision
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 15:45:14 -0600
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-2ubuntu1) lucid; urgency=low
* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: it was
already dropped from 00list, so just remove the patch entirely
Available diffs
apache2 (2.2.12-1ubuntu2.1) karmic-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/900_CVE-2009-3555.dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/901-CVE-2009-3094.dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/902-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 12:12:56 -0600
Available diffs
| Superseded in lucid-release |
apache2 (2.2.14-1ubuntu1) lucid; urgency=low
* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- Dropped debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch:
Already applied upstream.
Available diffs
- diff from 2.2.12-1ubuntu2 to 2.2.14-1ubuntu1 (524.1 KiB)
| Deleted in hardy-proposed (Reason: moved to -updates) |
apache2 (2.2.8-1ubuntu0.12) hardy-proposed; urgency=low
* debian/patches/999_fix_mod_proxy_nocanon.dpatch: Make all proxy modules
nocanon aware and do not add the query string again in this case.
Thanks to James Troup. (LP: #455873)
-- Chuck Short <email address hidden> Mon, 02 Nov 2009 11:25:38 -0500
Available diffs
apache2 (2.2.11-2ubuntu2.3) jaunty-security; urgency=low
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/903_CVE-2009-1891.dpatch: update patch to fix
regression that caused segfaults under certain circumstances.
(LP: #409987)
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Mon, 17 Aug 2009 14:55:23 -0400
Available diffs
apache2 (2.2.9-7ubuntu3.3) intrepid-security; urgency=low
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/903_CVE-2009-1891.dpatch: update patch to fix
regression that caused segfaults under certain circumstances.
(LP: #409987)
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Mon, 17 Aug 2009 14:37:17 -0400
Available diffs
apache2 (2.2.8-1ubuntu0.11) hardy-security; urgency=low
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/205_CVE-2009-1891.dpatch: update patch to fix
regression that caused segfaults under certain circumstances.
(LP: #409987)
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Mon, 17 Aug 2009 08:00:35 -0400
Available diffs
apache2 (2.0.55-4ubuntu2.8) dapper-security; urgency=low
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/113_CVE-2009-1891.patch: update patch to fix
regression that caused segfaults under certain circumstances.
(LP: #409987)
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Mon, 17 Aug 2009 13:34:03 -0400
Available diffs
apache2 (2.2.12-1ubuntu2) karmic; urgency=low
* debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch:
- Fix potential segfaults with the use of the legacy ap_rputs() etc
interfaces, in cases where an output filter fails. This happens
frequently after CVE-2009-1891 got fixed. (LP: #409987)
-- Marc Deslauriers <email address hidden> Mon, 17 Aug 2009 15:38:47 -0400
Available diffs
apache2 (2.0.55-4ubuntu2.7) dapper-security; urgency=low
* SECURITY UPDATE: fix integer overflow in libapr
- debian/patches/114_CVE-2009-2412.patch: adjust allocator_alloc() and
apr_palloc() in apr_pools.c to check for overflow after aligning size
- http://www.apache.org/dist/apr/patches/apr-0.9-CVE-2009-2412.patch
- CVE-2009-2412
* SECURITY UPDATE: fix integer overflow in libaprutil
- debian/patches/114_CVE-2009-2412b.patch: adjust apr_rmm_malloc,
apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
size
- http://www.apache.org/dist/apr/patches/apr-util-0.9-CVE-2009-2412.patch
- CVE-2009-2412
-- Jamie Strandboge <email address hidden> Fri, 07 Aug 2009 11:30:44 -0500
Available diffs
| Superseded in karmic-release |
apache2 (2.2.12-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- debian/{control,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
- Dropped debian/patches/203_fix-ssl-timeftm-ignored.dpatch.
Available diffs
- diff from 2.2.11-7ubuntu1 to 2.2.12-1ubuntu1 (342.9 KiB)
| Superseded in karmic-release |
apache2 (2.2.11-7ubuntu1) karmic; urgency=low * Merge from debian unstable, remaining changes: LP: #398130 - debian/patches/203_fix-ssl-timeftm-ignored.dpatch: Fix timefmt is ignored when XBitHack is on. (LP: #258914) - debian/{control,rules}: enable PIE hardening. - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
apache2 (2.0.55-4ubuntu2.6) dapper-security; urgency=low
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/113_CVE-2009-1891.patch: fail if the connection has
been aborted in server/core.c
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Fri, 10 Jul 2009 10:39:28 -0400
Available diffs
apache2 (2.2.8-1ubuntu0.10) hardy-security; urgency=low
* SECURITY UPDATE: remote denial of service in the mod_proxy module via
amount of streamed data that exceeds the Content-Length value
- debian/patches/204_CVE-2009-1890.dpatch: make sure Content-Length is
sane and check the length of the data in modules/proxy/mod_proxy_http.c
- CVE-2009-1890
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/205_CVE-2009-1891.dpatch: fail if the connection has
been aborted in server/core_filters.c
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Thu, 09 Jul 2009 14:53:32 -0400
Available diffs
apache2 (2.2.9-7ubuntu3.2) intrepid-security; urgency=low
* SECURITY UPDATE: remote denial of service in the mod_proxy module via
amount of streamed data that exceeds the Content-Length value
- debian/patches/902_CVE-2009-1890.dpatch: make sure Content-Length is
sane and check the length of the data in modules/proxy/mod_proxy_http.c
- CVE-2009-1890
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/903_CVE-2009-1891.dpatch: fail if the connection has
been aborted in server/core_filters.c
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Thu, 09 Jul 2009 14:47:48 -0400
Available diffs
apache2 (2.2.11-2ubuntu2.2) jaunty-security; urgency=low
* SECURITY UPDATE: remote denial of service in the mod_proxy module via
amount of streamed data that exceeds the Content-Length value
- debian/patches/902_CVE-2009-1890.dpatch: make sure Content-Length is
sane and check the length of the data in modules/proxy/mod_proxy_http.c
- CVE-2009-1890
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/903_CVE-2009-1891.dpatch: fail if the connection has
been aborted in server/core_filters.c
- CVE-2009-1891
-- Marc Deslauriers <email address hidden> Thu, 09 Jul 2009 14:35:07 -0400
Available diffs
apache2 (2.2.8-1ubuntu0.9) hardy-proposed; urgency=low
* debian/patches//101_fix-spinning-mod_proxy.dpatch: Fix mod_proxy
with SSL using all the CPU. (LP: #306293)
-- Chuck Short <email address hidden> Fri, 13 Feb 2009 15:43:29 +0000
Available diffs
apache2 (2.2.8-1ubuntu0.8) hardy-security; urgency=low
* SECURITY UPDATE: Includes option could be overridden via .htaccess file
when AllowOverride restrictions do not permit it
- debian/patches/203_CVE-2009-1195.dpatch: adjust server/config.c,
server/core.c, modules/filters/mod_include.c, include/http_core.h to
only enable .htaccess override when permitted.
- CVE-2009-1195
-- Jamie Strandboge <email address hidden> Wed, 10 Jun 2009 17:50:41 -0500
Available diffs
apache2 (2.2.9-7ubuntu3.1) intrepid-security; urgency=low
* SECURITY UPDATE: Includes option could be overridden via .htaccess file
when AllowOverride restrictions do not permit it
- debian/patches/900_CVE-2009-1195.dpatch: adjust server/config.c,
server/core.c, modules/filters/mod_include.c, include/http_core.h to
only enable .htaccess override when permitted.
- CVE-2009-1195
-- Jamie Strandboge <email address hidden> Wed, 10 Jun 2009 17:47:06 -0500
Available diffs
apache2 (2.0.55-4ubuntu2.5) dapper-security; urgency=low
* SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
- debian/patches/110_CVE-2009-0023.dpatch: adjust
srclib/apr-util/strmatch/apr_strmatch.c to properly evaluate strings as
unsigned char rather than int
- CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
- debian/patches/111_CVE-2009-1955.dpatch: adjust
srclib/apr-util/xml/apr_xml.c to disable internal entity expansion
- CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
- debian/patches/112_CVE-2009-1956.dpatch: don't add null terminator to
vd.vbuff.curpos in srclib/apr-util/buckets/apr_brigade.c
- CVE-2009-1956
-- Jamie Strandboge <email address hidden> Wed, 10 Jun 2009 22:01:23 -0500
Available diffs
apache2 (2.2.11-2ubuntu2.1) jaunty-security; urgency=low
* SECURITY UPDATE: response data disclosure in mod_proxy_ajp when a client
request with no request body was sent
- debian/patches/900_CVE-2009-1191.dpatch: adjust
modules/proxy/mod_proxy_ajp.c to not reuse a connection when the client
closes a connection without sending a body
- CVE-2009-1191
* SECURITY UPDATE: Includes option could be overridden via .htaccess file
when AllowOverride restrictions do not permit it
- debian/patches/900_CVE-2009-1195.dpatch: adjust server/config.c,
server/core.c, modules/filters/mod_include.c, include/http_core.h to
only enable .htaccess override when permitted.
- CVE-2009-1195
-- Jamie Strandboge <email address hidden> Wed, 10 Jun 2009 17:15:00 -0500
Available diffs
| Superseded in karmic-release |
apache2 (2.2.11-6ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches/203_fix-ssl-timeftm-ignored.dpatch:
Fix timefmt is ignored when XBitHack is on. (LP: #258914)
- debian/{control,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
| Superseded in karmic-release |
apache2 (2.2.11-5ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
Fix timefmt is ignored when XBitHack is on. (LP: #258914)
- debian/{control,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
-- Andrew Mitchell <email address hidden> Wed, 03 Jun 2009 14:10:54 +1200
Available diffs
- diff from 2.2.11-3ubuntu1 to 2.2.11-5ubuntu1 (13.7 KiB)
| Superseded in hardy-proposed |
apache2 (2.2.8-1ubuntu0.6) hardy-proposed; urgency=low
* debian/patches//101_fix-spinning-mod_proxy.dpatch: Fix mod_proxy
with SSL using all the CPU. (LP: #306293)
-- Chuck Short <email address hidden> Fri, 13 Feb 2009 15:43:29 +0000
Available diffs
| Superseded in karmic-release |
apache2 (2.2.11-3ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
Fix timefmt is ignored when XBitHack is on. (LP: #258914)
- debian/{control,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
-- Andrew Mitchell <email address hidden> Tue, 12 May 2009 16:15:34 +1200
Available diffs
apache2 (2.2.11-2ubuntu2) jaunty; urgency=low
* debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
Fix timefmt is ignored when XBitHack is on. (LP: #258914)
-- Chuck Short <email address hidden> Wed, 01 Apr 2009 11:39:17 -0400
Available diffs
apache2 (2.2.8-1ubuntu0.5) hardy-security; urgency=low [ Emanuele Gentili ] * SECURITY UPDATE: + debian/patches/201_security_CVE-2008-2364.dpatch (LP: #239894) - The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. + References - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2364 [ Marc Deslauriers ] * SECURITY UPDATE: Cross-site request forgery (CSRF) in balancer-manager in mod_proxy_balancer - debian/patches/200_security_CVE-2007-6420.dpatch: generate and validate a nonce in modules/proxy/mod_proxy_balancer.c. - CVE-2007-6420 * SECURITY UPDATE: Denial of service via large number of interim responses in mod_proxy module (LP: #239894) - debian/patches/201_security_CVE-2008-2364.dpatch: updated patch to newer version. - CVE-2008-2364 * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in the mod_proxy_ftp module - debian/patches/202_security_CVE-2008-2939.dpatch: escape the html contained in the wildcard value in modules/proxy/mod_proxy_ftp.c. - CVE-2008-2939 -- Marc Deslauriers <email address hidden> Thu, 05 Mar 2009 17:20:17 -0500
Available diffs
- diff from 2.2.8-1ubuntu0.4 to 2.2.8-1ubuntu0.5 (240 bytes)
| Superseded in hardy-security |
apache2 (2.2.8-1ubuntu0.4) hardy-security; urgency=low [ Emanuele Gentili ] * SECURITY UPDATE: + debian/patches/201_security_CVE-2008-2364.dpatch (LP: #239894) - The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. + References - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2364 [ Marc Deslauriers ] * SECURITY UPDATE: Cross-site request forgery (CSRF) in balancer-manager in mod_proxy_balancer - debian/patches/200_security_CVE-2007-6420.dpatch: generate and validate a nonce in modules/proxy/mod_proxy_balancer.c. - CVE-2007-6420 * SECURITY UPDATE: Denial of service via large number of interim responses in mod_proxy module (LP: #239894) - debian/patches/201_security_CVE-2008-2364.dpatch: updated patch to newer version. - CVE-2008-2364 * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in the mod_proxy_ftp module - debian/patches/202_security_CVE-2008-2939.dpatch: escape the html contained in the wildcard value in modules/proxy/mod_proxy_ftp.c. - CVE-2008-2939 -- Marc Deslauriers <email address hidden> Thu, 05 Mar 2009 17:20:17 -0500
Available diffs
apache2 (2.2.4-3ubuntu0.2) gutsy-security; urgency=low [ Emanuele Gentili ] * SECURITY UPDATE: + debian/patches/111_CVE-2008-2364.dpatch (LP: #239894) - The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. + References - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2364 [ Marc Deslauriers ] * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in "413 Request Entity Too Large" error message - debian/patches/107_CVE-2007-6203.dpatch: properly escape some error messages in modules/http/http_protocol.c. - CVE-2007-6203 * SECURITY UPDATE: Cross-site request forgery (CSRF) in balancer-manager in mod_proxy_balancer - debian/patches/108_CVE-2007-6420.dpatch: generate and validate a nonce in modules/proxy/mod_proxy_balancer.c. - CVE-2007-6420 * SECURITY UPDATE: Denial of service via memory leak in the zlib_stateful_init function (LP: #224945) - debian/patches/109_CVE-2008-1678.dpatch: don't call CRYPTO_cleanup_all_ex_data in modules/ssl/mod_ssl.c. - CVE-2008-1678 * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability via UTF-7 encoded URLs - debian/patches/110_CVE-2008-2168.dpatch: specify a default charset in modules/dav/main/mod_dav.c, modules/generators/mod_info.c and modules/proxy/mod_proxy_balancer.c. - CVE-2008-2168 * SECURITY UPDATE: Denial of service via large number of interim responses in mod_proxy module (LP: #239894) - debian/patches/111_CVE-2008-2364.dpatch: updated patch to newer version. - CVE-2008-2364 * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in the mod_proxy_ftp module - debian/patches/112_CVE-2008-2939.dpatch: escape the html contained in the wildcard value in modules/proxy/mod_proxy_ftp.c. - CVE-2008-2939 -- Marc Deslauriers <email address hidden> Thu, 05 Mar 2009 15:54:32 -0500
Available diffs
apache2 (2.0.55-4ubuntu2.4) dapper-security; urgency=low
* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in "413 Request
Entity Too Large" error message
- debian/patches/106_CVE-2007-6203.patch: properly escape some error
messages in modules/http/http_protocol.c.
- CVE-2007-6203
* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability via UTF-7 encoded
URLs
- debian/patches/107_CVE-2008-2168.patch: specify a default charset in
modules/dav/main/mod_dav.c and modules/generators/mod_info.c.
- CVE-2008-2168
* SECURITY UPDATE: Denial of service via large number of interim responses in
mod_proxy module (LP: #239894)
- debian/patches/108_CVE-2008-2364.patch: limit the number of interim
responses in modules/proxy/proxy_http.c.
- CVE-2008-2364
* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in the
mod_proxy_ftp module
- debian/patches/109_CVE-2008-2939.patch: escape the html contained in the
wildcard value in modules/proxy/proxy_ftp.c.
- CVE-2008-2939
-- Marc Deslauriers <email address hidden> Wed, 25 Feb 2009 08:59:04 -0500
Available diffs
| Superseded in jaunty-release |
apache2 (2.2.11-2ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- debian/{contro,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
| Superseded in jaunty-release |
apache2 (2.2.11-1ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- debian/{control, rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
- diff from 2.2.9-11ubuntu1 to 2.2.11-1ubuntu1 (499.0 KiB)
| Superseded in jaunty-release |
apache2 (2.2.9-11ubuntu1) jaunty; urgency=low * Merge from debian unstable, remaining changes: (LP: #303375) - debian/{control, rules}: enable PIE hardening. - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
| Superseded in jaunty-release |
apache2 (2.2.9-10ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- debian/{control, rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
apache2 (2.2.9-7ubuntu3) intrepid; urgency=low * Revert logrotate change since it will break it for everyone. -- Chuck Short <email address hidden> Fri, 19 Sep 2008 09:32:01 -0400
Available diffs
- diff from 2.2.9-7ubuntu2 to 2.2.9-7ubuntu3 (469 bytes)
| Superseded in intrepid-release |
apache2 (2.2.9-7ubuntu2) intrepid; urgency=low
* debian/logrotate: Restart rather than reload for busy websites.
(LP: #270899)
-- Chuck Short <email address hidden> Thu, 18 Sep 2008 08:42:22 -0400
Available diffs
- diff from 2.2.9-7ubuntu1 to 2.2.9-7ubuntu2 (482 bytes)
| Superseded in intrepid-release |
apache2 (2.2.9-7ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- debian/{control,rules}: enable PIE hardening.
- debian/{control,rules,apache2.2-common.ufw.profile}: add ufw profiles.
Available diffs
| Superseded in intrepid-release |
apache2 (2.2.9-3ubuntu2) intrepid; urgency=low
* add ufw integration (see
https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages)
(LP: #261198)
- debian/control: suggest ufw for apache2.2-common
- add apache2.2-common.ufw.profile with 3 profiles and install it to
/etc/ufw/applications.d/apache2.2-common
-- Didier Roche <email address hidden> Tue, 26 Aug 2008 19:03:42 +0200
Available diffs
| Superseded in intrepid-release |
apache2 (2.2.9-3ubuntu1) intrepid; urgency=low
* debian/{control,rules}: enable PIE hardening
-- Kees Cook <email address hidden> Wed, 20 Aug 2008 15:45:00 -0700
Available diffs
- diff from 2.2.9-3 to 2.2.9-3ubuntu1 (814 bytes)
apache2 (2.2.9-3) unstable; urgency=low
[ Stefan Fritsch ]
* Move NameVirtualHost directive to ports.conf and switch from "*" to
"*:80". (Closes: #314606, #486286)
* Comment out the CacheEnable line in disk_cache.conf. It would have caused
problems with Etch to Lenny upgrades.
* Change the minimum user id for suexec back to 100, the new value of 1000
was too disruptive for existing configurations. (Closes: #488821)
* Add a default SSL virtual host. (Closes: #267477)
- Use snakeoil certificate by default (if ssl-cert is installed).
(Closes: #293524, #446765)
- Document this in README.Debian.
(Closes: #293469, #293519, #398520, #395823)
- Add MSIE workarounds. (Closes: #421802)
- Add ssl-cert to Recommends.
* Add a new config file /etc/apache2/conf.d/security with some vaguely
security related diectives. (Closes: #260063)
* Adjust mod_userdir accordingly. Also add "AllowOverride Indexes" for the
home directories.
* Disable SSLv2 by default. It is insecure. Also only enable ciphers with
key lengths of at least 128 bit.
* Make the init script complain about a missing $APACHE_PID_FILE during
"start", too, and not only during "stop" or "restart". This makes it more
obvious that /etc/apache2/envvars has to be updated. (Closes: #473982)
* Add hint about the "..., using 127.0.0.1 for ServerName" warning to
README.Debian. (Closes: #457708)
* Add hint about the "could not create rewrite_log_lock" error message to
README.Debian. (Closes: #450831)
* Remove empty dir from apache2-doc to fix Lintian warning.
* Always pass -g to gcc instead of relying on dpkg-buildpackage to set
CFLAGS. We always want the debug info for the apache2-dbg package.
[ Ryan Niebur ]
* Upgraded to policy 3.8.0
- added support for noopt in DEB_BUILD_OPTIONS
- added a README.source
- added support for parallel in DEB_BUILD_OPTIONS
* Dropped XS- from the Vcs fields in control
-- Chuck Short <email address hidden> Fri, 04 Jul 2008 09:06:04 +0100
Available diffs
- diff from 2.2.9-2ubuntu1 to 2.2.9-3 (9.9 KiB)
| Superseded in intrepid-release |
apache2 (2.2.9-2ubuntu1) intrepid; urgency=low
* debian/config-dir/mods-available/disk_cache.conf:
Don't enable caching of the root URL by default when disk_cache is
enabled. (LP: #219914).
* debian/control: Update Maintainer field.
-- Mathias Gug <email address hidden> Tue, 24 Jun 2008 15:03:27 -0400
Available diffs
- diff from 2.2.9-2 to 2.2.9-2ubuntu1 (909 bytes)
apache2 (2.2.8-1ubuntu0.3) hardy-proposed; urgency=low
* debian/config-dir/mods-available/disk_cache.conf:
Don't enable caching of the root URL by default when disk_cache is
enabled. (LP: #219914).
disk_cache caches sensitive information without additional tweaks.
Enabling it by default has security implications - it should be
treated as mod_proxy.
* debian/apache2.2-common.postinst:
Only enable disk_cache if the 'EnableCache disk ' directive is used in the
configuration. (LP: #219914).
If we'd enable on every upgrade from 2.0, htcacheclean would be started
even if disk_cache isn't used.
-- Mathias Gug <email address hidden> Tue, 24 Jun 2008 17:45:55 -0400
Available diffs
- diff from 2.2.8-1ubuntu0.2 to 2.2.8-1ubuntu0.3 (967 bytes)
apache2 (2.2.9-2) unstable; urgency=low
* Make the init script use normal 'stop' instead of 'graceful-stop' again:
With graceful-stop, it can take a long time until all child processes have
closed their listening sockets and there is no way for the init script to
know when it is save to start apache again. This could make the restart of
apache fail. (Closes: #486629, #463338)
* Improve package descriptions, thanks to Justin B Rye. (Closes: #486855)
-- Chuck Short <email address hidden> Tue, 24 Jun 2008 00:58:50 +0100
Available diffs
- diff from 2.2.9-1ubuntu1 to 2.2.9-2 (4.2 KiB)
| Superseded in intrepid-release |
apache2 (2.2.9-1ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- Dropped debian/patches/100_mpm_wokers_crash.dpatch. Already included
upstream. (LP: #235294)
- Dropped debian/patches/059_ssl_memleak_fix_PR44975.dpatch. Already included upstream.
- Updated maintainer field according to spec.
Available diffs
| Superseded in intrepid-release |
apache2 (2.2.8-4ubuntu2) intrepid; urgency=low
* debian/apache2-2-common.postinst: Fix for index.html if it is a dangling
symlink when doing an upgrade. (LP: #221932)
-- Chuck Short <email address hidden> Mon, 09 Jun 2008 14:24:17 +0000
Available diffs
- diff from 2.2.8-4ubuntu1 to 2.2.8-4ubuntu2 (499 bytes)
| Superseded in intrepid-release |
apache2 (2.2.8-4ubuntu1) intrepid; urgency=low
* debian/patches/100_mpm_wokers_crash.dpatch
- Fix for segmentation fault with mpm-worker is under load.
Backported from http://svn.apache.org/viewvc?view=rev&revision=631362.
(LP: #235294)
* Modify Maintainer value to match the DebianMaintainerField
specification.
-- Dustin Kirkland <email address hidden> Thu, 05 Jun 2008 15:23:03 -0500
Available diffs
- diff from 2.2.8-4 to 2.2.8-4ubuntu1 (1.3 KiB)
apache2 (2.2.8-1ubuntu0.2) hardy-proposed; urgency=low
* debian/patches/100_mpm_wokers_crash.dpatch
- Fix for segmentation fault with mpm-worker is under load.
Backported from http://svn.apache.org/viewvc?view=rev&revision=631362.
(LP: #235294)
* debian/apache2.2-common.install:
- Fix for index.html if it is a dangling symlink when doing an upgrade
(LP: #221932)
* debian/rules
- Fix for Readme.Debian.gz which was a broken symlink. (LP: #231313)
-- Chuck Short <email address hidden> Tue, 27 May 2008 14:32:13 -0400
| 301 → 375 of 421 results | First • Previous • Next • Last |
