* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: it was
already dropped from 00list, so just remove the patch entirely
apache2 (2.2.14-2) unstable; urgency=medium
* Security:
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://'. Closes: #442266
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 16:09:30 -0600
This bug was fixed in the package apache2 - 2.2.14-2ubuntu1
---------------
apache2 (2.2.14-2ubuntu1) lucid; urgency=low
* Merge from debian testing, remaining changes: 2-common. ufw.profile} : Add ufw profiles. patches/ 203_fix_ legacy_ ap_rputs_ segfaults. dpatch: it was
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/
already dropped from 00list, so just remove the patch entirely
apache2 (2.2.14-2) unstable; urgency=medium
* Security: location '. Closes: #442266
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 16:09:30 -0600