apache2 2.4.10-1ubuntu1 source package in Ubuntu RTM
Changelog
apache2 (2.4.10-1ubuntu1) utopic; urgency=medium
* Merge from Debian unstable. Remaining changes:
- debian/{control, apache2.install, apache2-utils.ufw.profile,
apache2.dirs}: Add ufw profiles.
- debian/apache2.py, debian/apache2-bin.install: Add apport hook.
- d/control, d/config-dir/mods-available/ssl.conf, d/ask-for-passphrase,
d/apache2.install: Plymouth aware passphrase dialog program
ask-for-passphrase.
- Add dep8 tests.
- debian/rules: Fix cross-building by passing DEB_{HOST,BUILD}_GNU_TYPE to
configure.
- debian/patches/086_svn_cross_compiles: Backport several cross fixes from
upstream
- d/index.html: replace Debian with Ubuntu on default page.
- d/p/split-logfile.patch: fix completely broken split-logfile command.
apache2 (2.4.10-1) unstable; urgency=medium
[ Arno Töll ]
* New upstream version
+ Refresh debian/patches/fhs_compliance.patch
+ Security Fixes:
- CVE-2014-0117 mod_proxy: Fix DoS that could cause a crash
- CVE-2014-0226 Fix a race condition resulting in a heap overflow in
scoreboard handling
- CVE-2014-0118 mod_deflate: The DEFLATE input filter now limits the
length and compression ratio of inflated request to mitigate a
possible DoS
- CVE-2014-0231 mod_cgid: Fix a denial of service against CGI scripts
+ Fixes SNI with certificate defined in global scope. (Closes: #751361)
* Warn users if they try to disable modules that we consider essential for
operation of the Apache web server (Closes: #709461)
* Drop libcap from our build-dependencies. That was needed for itk which we
gave source out to it's own package again.
* Provide apache2.2-common package to avoid upgrading problems for people
using --purge (apt) or --purge-unused (aptitude) even though that's
clearly discouraged. This caused disappearing of conffiles because we move
them from apache2.2-common to apache2 during the upgrade. Ugh. This was
not a bug in our packaging, but an unfortunately people blame us
nonetheless even though it's not all our fault. This alternative helps
those people, but at the same time means that incompatible modules aren't
force-removed by dpkg during the upgrade. Hopefully we catch all of them
with the Breaks relation coming along (Closes: #716880, #752922, #711925)
apache2 (2.4.9-2) unstable; urgency=medium
* Fix logic in postinst to detect existing index.* files in both
DocumentRoots, the old /var/www and the new /var/www/html. Also
change the compiled in default DocumentRoot to /var/www/html.
Closes: #743915
* Fix buffer overflows in suexec with very long (unix) usernames. Not
exploitable due to FORTIFY_SOURCE. And creating users usually requires
root privileges, anyway. Thanks to Luca Bruno for the report.
* Remove conflicts of mpm modules with mpm_itk, which isn't an mpm
anymore. Fixes a part of: #734865. libapache2-mpm-itk needs a fix, too.
* Remove obsolete warning in a2enmod about mpm-itk.
* Fix lintian warning: Remove image ref to w3.org, which is a privacy
breach.
-- Robie Basak <email address hidden> Thu, 24 Jul 2014 15:13:16 +0000
Upload details
- Uploaded by:
- Robie Basak
- Uploaded to:
- Utopic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| 14.09-factory | release | main | web | |
| 14.09 | release | main | web |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache2_2.4.10.orig.tar.bz2 | 4.8 MiB | 176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a |
| apache2_2.4.10-1ubuntu1.debian.tar.gz | 488.1 KiB | 6c7ef78cfb03b8deeeea2fc649476bbd2d0d5d398ea0cc7f1aaea231ac4dfa02 |
| apache2_2.4.10-1ubuntu1.dsc | 3.1 KiB | f18ca485c84567ef06680deba5568cfeed0e904433e9cef571fab37c0da21e39 |
Available diffs
- diff from 2.4.9-1ubuntu2 to 2.4.10-1ubuntu1 (294.5 KiB)
Binary packages built by this source
- apache2: Apache HTTP Server
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package contains the configuration files, init scripts and support
scripts. It does not install the actual apache2 binaries.
- apache2-bin: Apache HTTP Server (binary files and modules)
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package contains the binaries only and does not set up a working
web-server instance. Install the "apache2" package to get a fully working
instance. Do not install this package unless you want to set-up the Apache
HTTP server entirely on your own.
- apache2-data: Apache HTTP Server (common files)
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package contains architecture-independent common files such as icons,
error pages and static index files.
- apache2-dbg: Apache debugging symbols
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package includes the debugging symbols. It can be used to debug
crashing server instances and modules. See
/usr/share/doc/apache2/ README. backtrace for more information.
- apache2-dev: Apache HTTP Server (development headers)
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package provides development headers and the apxs2 binary for the Apache 2
HTTP server useful to develop and link third party additions to the Debian
Apache HTTP server package.
.
It also provides dh_apache2 and dh sequence addons useful to install various
Debian Apache2 extensions with debhelper. It supports
- Apache 2 module configurations and shared objects
- Site configuration files
- Global configuration files
- apache2-doc: Apache HTTP Server (on-site documentation)
The Apache Software Foundation's goal is to build a secure, efficient and
extensible HTTP server as standards-compliant open source software. The
result has long been the number one web server on the Internet.
.
This package provides the documentation for the Apache 2 HTTP server. The
documentation is shipped in HTML format and can be accessed from a local
running Apache HTTP server instance or by browsing the file system directly.
- apache2-mpm-event: transitional event MPM package for apache2
This is a transitional package to apache2 for users of apache2-mpm-event and
can be safely removed after the installation is complete.
- apache2-mpm-itk: transitional itk MPM package for apache2
This is a transitional package to apache2 for users of apache2-mpm-itk and
can be safely removed after the installation is complete.
- apache2-mpm-prefork: transitional prefork MPM package for apache2
This is a transitional package to apache2 for users of apache2-mpm-prefork and
can be safely removed after the installation is complete.
- apache2-mpm-worker: transitional worker MPM package for apache2
This is a transitional package to apache2 for users of apache2-mpm-worker and
can be safely removed after the installation is complete.
- apache2-suexec: transitional package for apache2-suexec-pristine
This is a transitional package for apache2-
suexec- pristine, and can be safely
removed after the installation is complete.
- apache2-suexec-custom: Apache HTTP Server configurable suexec program for mod_suexec
Provides a customizable version of the suexec helper program for mod_suexec.
This is not the version from upstream, but can be configured with a
configuration file.
.
If you do not need non-standard document root or userdir settings, it is
recommended that you use the standard suexec helper program from the
apache2-suexec- pristine package instead.
- apache2-suexec-pristine: Apache HTTP Server standard suexec program for mod_suexec
Provides the standard suexec helper program for mod_suexec. This version is
compiled with document root /var/www and userdir suffix public_html. If you
need different settings, use the package apache2-suexec- custom.
- apache2-utils: Apache HTTP Server (utility programs for web servers)
Provides some add-on programs useful for any web server. These include:
- ab (Apache benchmark tool)
- fcgistarter (Start a FastCGI program)
- logresolve (Resolve IP addresses to hostname in logfiles)
- htpasswd (Manipulate basic authentication files)
- htdigest (Manipulate digest authentication files)
- htdbm (Manipulate basic authentication files in DBM format, using APR)
- htcacheclean (Clean up the disk cache)
- rotatelogs (Periodically stop writing to a logfile and open a new one)
- split-logfile (Split a single log including multiple vhosts)
- checkgid (Checks whether the caller can setgid to the specified group)
- check_forensic (Extract mod_log_forensic output from Apache log files)
- httxt2dbm (Generate dbm files for use with RewriteMap)
- apache2.2-bin: Transitional package for apache2-bin
This is a transitional package for apache2-bin, and can be safely removed
after the installation is complete.
- apache2.2-common: Transitional package for apache2
This is a transitional package for apache2-bin, and can be safely removed
after the installation is complete.
- libapache2-mod-macro: Transitional package for apache2-bin
This is a transitional package for apache2-bin, and can be safely removed
after the installation is complete.
- libapache2-mod-proxy-html: Transitional package for apache2-bin
This is a transitional package for apache2-bin, and can be safely removed
after the installation is complete.
