apache2 2.4.16-1 source package in Debian


apache2 (2.4.16-1) unstable; urgency=medium

  [ Stefan Fritsch ]
  * New upstream version, fixing the following security issues:
    + CVE-2015-3183: Fix chunk header parsing defect.
    + CVE-2015-3185: ap_some_auth_required() broken in apache 2.4 in an
      unfixable way. Add a new replacement API ap_some_authn_required()
      and ap_force_authn hook.

  [ Jean-Michel Vourgère ]
  * Allow "triggers-awaited" and "triggers-pending" states in addition to
    "installed" when determining whether to defer actions or process
    deferred actions. Thanks Colin Watson. Closes: #787103
  * Allow a2dismod cgi on threaded mpms. Thanks Raul Dias. Closes:
  * Remove pre-Jessie transition scripts, and remaining breaks.
  * Made builds reproducible: d/rules set the date from the changelog in
    CPPFLAGS, new reproducible_builds.diff patch to use it.
  * Moved bash_completion from /etc to /usr/share/bash_completion. Added
    links there for dynamic loading.
  * Upgrade security.conf comments to 2.4 auth format. Thanks Werner
    Detter. Closes: #789788
  * apache2.postinst: Fixed tests on deferred mpm switch. Closes:

 -- Stefan Fritsch <email address hidden>  Sun, 02 Aug 2015 00:44:07 +0200

Upload details

Uploaded by:
Debian Apache Maintainers on 2015-08-02
Uploaded to:
Original maintainer:
Debian Apache Maintainers
any all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section



File Size SHA-256 Checksum
apache2_2.4.16-1.dsc 2.6 KiB effb5633da2b6f3b976b1c371465528a0ecc3318e3f6aae011dae76939f6b3d2
apache2_2.4.16.orig.tar.bz2 4.9 MiB ac660b47aaa7887779a6430404dcb40c0b04f90ea69e7bd49a40552e9ff13743
apache2_2.4.16-1.debian.tar.xz 427.0 KiB 0053ccf0847b26cecdc335ae1d54a03484b5388ab230783f6e4a53f7be4288fa

No changes file available.

Binary packages built by this source