Ubuntu
apache2 package

Please sync apache2 2.2.9-7 (main) from Debian unstable (main).

Bug #259827 reported by Kees Cook
2
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Fix Released
Wishlist
Kees Cook

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/apache2
 status confirmed
 importance wishlist
 subscribe ubuntu-archive

Please sync apache2 2.2.9-7 (main) from Debian unstable (main).

Changelog since current intrepid version 2.2.9-3:

apache2 (2.2.9-7) unstable; urgency=low

  * Fix XSS in mod_proxy_ftp (CVE-2008-2939).
  * Fix mod_proxy_http losing the query string with noescape (PR 45247).
  * Make the balancer manager work in Opera and MSIE (PR 45578).
  * Fix mod_headers "edit" removing multiple headers with the same name (PR
    45333).
  * Also describe how to get a backtrace from a running process in
    README.backtrace.

 -- Stefan Fritsch <email address hidden> Fri, 08 Aug 2008 19:27:40 +0200

apache2 (2.2.9-6) unstable; urgency=high

  * Urgency high for RC bug fix.
  * Fix SIGBUS on SPARC by preventing gcc from optimizing some memcpy calls
    away. (Closes: #485525)

 -- Stefan Fritsch <email address hidden> Sun, 20 Jul 2008 10:17:19 +0200

apache2 (2.2.9-5) unstable; urgency=medium

  * Urgency medium to get this into testing before the freeze.
  * Remove IPv6 patch that was necessary for very old kernels but creates
    problems on systems with current kernels and net.ipv6.bindv6only = 1.
    Apache will now always create its sockets with IPV6_V6ONLY set to 0.
    (Closes: #391280)

 -- Stefan Fritsch <email address hidden> Mon, 07 Jul 2008 21:20:48 +0200

apache2 (2.2.9-4) unstable; urgency=low

  * Make postinst more quiet. (Closes: #489153)
  * Add Turkish language support. (Closes: #489224)
  * Remove duplicate comments in sites-available/default-ssl. (Closes: #489383)
  * Describe in NEWS.Debian how to revert to the old NameVirtualHost config.
    (Closes: #489215)
  * Redirect apache2 bug reports to apache2.2-common, to get useful dependency
    information.

 -- Stefan Fritsch <email address hidden> Sun, 06 Jul 2008 10:38:37 +0200

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Kees Cook <email address hidden>

iEYEARECAAYFAkisWvAACgkQH/9LqRcGPm2E9ACfd8YL2q3zbzVHnmf4MSW1srG5
Qf8An1MbrPP5qxIMlg9gCKiKVwr3EwJO
=GMe/
-----END PGP SIGNATURE-----

Revision history for this message
Colin Watson (cjwatson) wrote :

We can't do this any more due to new Ubuntu changes. Please merge instead.

apache2 (2.2.9-3ubuntu2) intrepid; urgency=low

  * add ufw integration (see
    https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages)
    (LP: #261198)
    - debian/control: suggest ufw for apache2.2-common
    - add apache2.2-common.ufw.profile with 3 profiles and install it to
      /etc/ufw/applications.d/apache2.2-common

 -- Didier Roche <email address hidden> Tue, 26 Aug 2008 19:03:42 +0200

apache2 (2.2.9-3ubuntu1) intrepid; urgency=low

  * debian/{control,rules}: enable PIE hardening

 -- Kees Cook <email address hidden> Wed, 20 Aug 2008 15:45:00 -0700

Revision history for this message
Colin Watson (cjwatson) wrote :

(unsubscribing ubuntu-archive)

Revision history for this message
Kees Cook (kees) wrote :

I have merged this now.

Changed in apache2:
assignee: nobody → kees
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.