--- apache2-2.2.16.orig/debian/apache2-doc.dirs
+++ apache2-2.2.16/debian/apache2-doc.dirs
@@ -0,0 +1,2 @@
+etc/apache2/conf.d
+usr/share/doc/apache2-doc
--- apache2-2.2.16.orig/debian/apache2-dbg.links
+++ apache2-2.2.16/debian/apache2-dbg.links
@@ -0,0 +1,4 @@
+usr/lib/debug/usr/lib/apache2/mpm-itk/apache2-mpm-itk usr/lib/debug/usr/sbin/apache2-mpm-itk
+usr/lib/debug/usr/lib/apache2/mpm-prefork/apache2-mpm-prefork usr/lib/debug/usr/sbin/apache2-mpm-prefork
+usr/lib/debug/usr/lib/apache2/mpm-worker/apache2-mpm-worker usr/lib/debug/usr/sbin/apache2-mpm-worker
+usr/lib/debug/usr/lib/apache2/mpm-event/apache2-mpm-event usr/lib/debug/usr/sbin/apache2-mpm-event
--- apache2-2.2.16.orig/debian/apache2.dirs
+++ apache2-2.2.16/debian/apache2.dirs
@@ -0,0 +1 @@
+usr/share/bug/apache2
--- apache2-2.2.16.orig/debian/apache2.2-common.apache2.init
+++ apache2-2.2.16/debian/apache2.2-common.apache2.init
@@ -0,0 +1,276 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: apache2
+# Required-Start: $local_fs $remote_fs $network $syslog
+# Required-Stop: $local_fs $remote_fs $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Start/stop apache2 web server
+### END INIT INFO
+
+set -e
+
+if [ -n "$APACHE_CONFDIR" ] ; then
+ if [ "${APACHE_CONFDIR##/etc/apache2-}" != "$APACHE_CONFDIR}" ] ; then
+ DIR_SUFFIX="${APACHE_CONFDIR##/etc/apache2-}"
+ else
+ DIR_SUFFIX=
+ fi
+elif [ "${0##*/apache2-}" != "$0" ] ; then
+ DIR_SUFFIX="-${0##*/apache2-}"
+ APACHE_CONFDIR=/etc/apache2$DIR_SUFFIX
+else
+ DIR_SUFFIX=
+ APACHE_CONFDIR=/etc/apache2
+fi
+if [ -z "$APACHE_ENVVARS" ] ; then
+ APACHE_ENVVARS=$APACHE_CONFDIR/envvars
+fi
+export APACHE_CONFDIR APACHE_ENVVARS
+
+ENV="env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin"
+if [ "$APACHE_CONFDIR" != /etc/apache2 ] ; then
+ ENV="$ENV APACHE_CONFDIR=$APACHE_CONFDIR"
+fi
+if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then
+ ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS"
+fi
+
+
+#edit /etc/default/apache2 to change this.
+HTCACHECLEAN_RUN=auto
+HTCACHECLEAN_MODE=daemon
+HTCACHECLEAN_SIZE=300M
+HTCACHECLEAN_DAEMON_INTERVAL=120
+HTCACHECLEAN_PATH=/var/cache/apache2$DIR_SUFFIX/mod_disk_cache
+HTCACHECLEAN_OPTIONS=""
+
+APACHE_HTTPD=$(. $APACHE_ENVVARS && echo $APACHE_HTTPD)
+if [ -z "$APACHE_HTTPD" ] ; then
+ APACHE_HTTPD=/usr/sbin/apache2
+fi
+if [ ! -x $APACHE_HTTPD ] ; then
+ echo "No apache MPM package installed"
+ exit 0
+fi
+
+. /lib/lsb/init-functions
+
+test -f /etc/default/rcS && . /etc/default/rcS
+
+if [ -f /etc/default/apache2$DIR_SUFFIX ] ; then
+ . /etc/default/apache2$DIR_SUFFIX
+elif [ -f /etc/default/apache2 ] ; then
+ . /etc/default/apache2
+fi
+
+APACHE2CTL="$ENV /usr/sbin/apache2ctl"
+HTCACHECLEAN="$ENV /usr/sbin/htcacheclean"
+
+PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE)
+if [ -z "$PIDFILE" ] ; then
+ echo ERROR: APACHE_PID_FILE needs to be defined in $APACHE_ENVVARS >&2
+ exit 2
+fi
+
+
+check_htcacheclean() {
+ [ "$HTCACHECLEAN_MODE" = "daemon" ] || return 1
+
+ [ "$HTCACHECLEAN_RUN" = "yes" ] && return 0
+
+ MODSDIR=$(. $APACHE_ENVVARS && echo $APACHE_MODS_ENABLED)
+ [ "$HTCACHECLEAN_RUN" = "auto" \
+ -a -e ${MODSDIR:-$APACHE_CONFDIR/mods-enabled}/disk_cache.load ] && \
+ return 0
+
+ return 1
+}
+
+start_htcacheclean() {
+ if [ ! -d "$HTCACHECLEAN_PATH" ] ; then
+ echo "... directory $HTCACHECLEAN_PATH does not exist!" >&2
+ return 1
+ fi
+ $HTCACHECLEAN $HTCACHECLEAN_OPTIONS -d$HTCACHECLEAN_DAEMON_INTERVAL \
+ -i -p$HTCACHECLEAN_PATH -l$HTCACHECLEAN_SIZE
+}
+
+stop_htcacheclean() {
+ pkill -P 1 -f "htcacheclean.* -p$HTCACHECLEAN_PATH " 2> /dev/null || echo ...not running
+}
+
+pidof_apache() {
+ # if there is actually an apache2 process whose pid is in PIDFILE,
+ # print it and return 0.
+ if [ -e "$PIDFILE" ]; then
+ if pidof apache2 | tr ' ' '\n' | grep -w $(cat $PIDFILE); then
+ return 0
+ fi
+ fi
+ return 1
+}
+
+apache_stop() {
+ if $APACHE2CTL configtest > /dev/null 2>&1; then
+ # if the config is ok than we just stop normaly
+ $APACHE2CTL stop 2>&1 | grep -v 'not running' >&2 || true
+ else
+ # if we are here something is broken and we need to try
+ # to exit as nice and clean as possible
+ PID=$(pidof_apache) || true
+
+ if [ "${PID}" ]; then
+ # in this case it is everything nice and dandy and we kill apache2
+ echo
+ log_warning_msg "The apache2$DIR_SUFFIX configtest failed, so we are trying to kill it manually. This is almost certainly suboptimal, so please make sure your system is working as you'd expect now!"
+ kill $PID
+ elif [ "$(pidof apache2)" ]; then
+ if [ "$VERBOSE" != no ]; then
+ echo " ... failed!"
+ echo "You may still have some apache2 processes running. There are"
+ echo "processes named 'apache2' which do not match your pid file,"
+ echo "and in the name of safety, we've left them alone. Please review"
+ echo "the situation by hand."
+ fi
+ return 1
+ fi
+ fi
+}
+
+apache_wait_stop() {
+ # running ?
+ PIDTMP=$(pidof_apache) || true
+ if kill -0 "${PIDTMP:-}" 2> /dev/null; then
+ PID=$PIDTMP
+ fi
+
+ apache_stop
+
+ # wait until really stopped
+ if [ -n "${PID:-}" ]; then
+ i=0
+ while kill -0 "${PID:-}" 2> /dev/null; do
+ if [ $i = '60' ]; then
+ break;
+ else
+ if [ $i = '0' ]; then
+ echo -n " ... waiting "
+ else
+ echo -n "."
+ fi
+ i=$(($i+1))
+ sleep 1
+ fi
+ done
+ fi
+}
+
+case $1 in
+ start)
+ log_daemon_msg "Starting web server" "apache2"
+ if $APACHE2CTL start; then
+ if check_htcacheclean ; then
+ log_progress_msg htcacheclean
+ start_htcacheclean || log_end_msg 1
+ fi
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ stop)
+ if check_htcacheclean ; then
+ log_daemon_msg "Stopping web server" "htcacheclean"
+ stop_htcacheclean
+ log_progress_msg "apache2"
+ else
+ log_daemon_msg "Stopping web server" "apache2"
+ fi
+ if apache_wait_stop; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ graceful-stop)
+ if check_htcacheclean ; then
+ log_daemon_msg "Stopping web server" "htcacheclean"
+ stop_htcacheclean
+ log_progress_msg "apache2"
+ else
+ log_daemon_msg "Stopping web server" "apache2"
+ fi
+ if $APACHE2CTL graceful-stop; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ graceful | reload | force-reload)
+ if ! $APACHE2CTL configtest > /dev/null 2>&1; then
+ $APACHE2CTL configtest || true
+ log_end_msg 1
+ exit 1
+ fi
+ log_daemon_msg "Reloading web server config" "apache2"
+ if pidof_apache > /dev/null ; then
+ if $APACHE2CTL graceful $2 ; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ fi
+ ;;
+ restart)
+ if ! $APACHE2CTL configtest > /dev/null 2>&1; then
+ $APACHE2CTL configtest || true
+ log_end_msg 1
+ exit 1
+ fi
+ if check_htcacheclean ; then
+ log_daemon_msg "Restarting web server" "htcacheclean"
+ stop_htcacheclean
+ log_progress_msg apache2
+ else
+ log_daemon_msg "Restarting web server" "apache2"
+ fi
+ PID=$(pidof_apache) || true
+ if ! apache_wait_stop; then
+ log_end_msg 1 || true
+ fi
+ if $APACHE2CTL start; then
+ if check_htcacheclean ; then
+ start_htcacheclean || log_end_msg 1
+ fi
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ start-htcacheclean)
+ log_daemon_msg "Starting htcacheclean"
+ start_htcacheclean || log_end_msg 1
+ log_end_msg 0
+ ;;
+ stop-htcacheclean)
+ log_daemon_msg "Stopping htcacheclean"
+ stop_htcacheclean
+ log_end_msg 0
+ ;;
+ status)
+ PID=$(pidof_apache) || true
+ if [ -n "$PID" ]; then
+ echo "Apache2$DIR_SUFFIX is running (pid $PID)."
+ exit 0
+ else
+ echo "Apache2$DIR_SUFFIX is NOT running."
+ exit 1
+ fi
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/apache2$DIR_SUFFIX {start|stop|graceful-stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean|status}"
+ exit 1
+ ;;
+esac
--- apache2-2.2.16.orig/debian/apache2-prefork-dev.install
+++ apache2-2.2.16/debian/apache2-prefork-dev.install
@@ -0,0 +1 @@
+usr/share/man/man8/apxs2.8
--- apache2-2.2.16.orig/debian/apache2-prefork-dev.dirs
+++ apache2-2.2.16/debian/apache2-prefork-dev.dirs
@@ -0,0 +1,4 @@
+usr/include/apache2
+usr/bin
+usr/share/apache2/build
+usr/share/man/man8
--- apache2-2.2.16.orig/debian/apache2-utils.dirs
+++ apache2-2.2.16/debian/apache2-utils.dirs
@@ -0,0 +1,4 @@
+usr/bin
+usr/sbin
+usr/share/man/man1
+usr/share/man/man8
--- apache2-2.2.16.orig/debian/suexec.8
+++ apache2-2.2.16/debian/suexec.8
@@ -0,0 +1,67 @@
+.TH suexec 8 "April 2008"
+.\" Copyright 1999-2004 The Apache Software Foundation
+.\" Copyright 2008 Stefan Fritsch
+.\"
+.\" Licensed under the Apache License, Version 2.0 (the "License");
+.\" you may not use this file except in compliance with the License.
+.\" You may obtain a copy of the License at
+.\"
+.\" http://www.apache.org/licenses/LICENSE-2.0
+.\"
+.\" Unless required by applicable law or agreed to in writing, software
+.\" distributed under the License is distributed on an "AS IS" BASIS,
+.\" WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+.\" See the License for the specific language governing permissions and
+.\" limitations under the License.
+.\"
+.SH NAME
+suexec \- Switch User For Exec
+.SH SYNOPSIS
+.B suexec -V
+.PP
+This is a customized version that can be configured with
+config files in /etc/apache2/suexec.
+.PP
+No other synopsis for usage, because this program
+is otherwise only used internally by the Apache HTTP server.
+.PP
+.SH DESCRIPTION
+.B suexec
+is the "wrapper" support program for the suexec behaviour for the
+Apache HTTP server. It is run from within the server automatically
+to switch the user when an external program has to be run under a
+different user. For more information about suexec in general, see the online
+document `Apache suexec Support' on the HTTP server project's
+Web site at http://httpd.apache.org/docs/suexec.html .
+.PP
+This version of suexec reads a config file on every execution. Therefore
+it is a bit slower than the standard suexec version from the apache2-suexec
+package.
+.SH CONFIGURATION
+If suexec is called by a user with name 'username', it will look into
+/etc/apache2/suexec/username for configuration. If the file does not exist,
+suexec will abort. By creating several config files, you can allow several
+different apache run users to use suexec.
+.PP
+The first line in the file is used as the document root (/var/www in the
+standard suexec) and the second line in the file is used as the suffix that is
+appended to users' home directories (public_html in standard suexec).
+.PP
+If any of the lines is commented out (with #), suexec will refuse the
+corresponding type of request. It is recommended to comment out the
+userdir suffix if you don't need it.
+.SH SECURITY
+Do not set the document root to a path that includes users' home directories
+(like /home or /var) or directories where users can mount removable media.
+Doing so would create local security issues. Suexec does not allow to set the
+document root to the root directory / .
+.SH OPTIONS
+.IP -V
+Display the list of compile-time settings used when \fBsuexec\fP
+was built. No other action is taken.
+.PD
+.SH FILES
+.BR /etc/apache2/suexec/www-data
+.SH SEE ALSO
+.BR apache2(8) ,
+.BR /usr/share/doc/apache2.2-common/README.Debian.gz
--- apache2-2.2.16.orig/debian/default-index.html
+++ apache2-2.2.16/debian/default-index.html
@@ -0,0 +1,4 @@
+
It works!
+This is the default web page for this server.
+The web server software is running but no content has been added, yet.
+
--- apache2-2.2.16.orig/debian/apache2.2-bin.dirs
+++ apache2-2.2.16/debian/apache2.2-bin.dirs
@@ -0,0 +1,4 @@
+usr/lib/apache2/mpm-worker
+usr/lib/apache2/mpm-prefork
+usr/lib/apache2/mpm-event
+usr/lib/apache2/mpm-itk
--- apache2-2.2.16.orig/debian/apache2.2-common.ufw.profile
+++ apache2-2.2.16/debian/apache2.2-common.ufw.profile
@@ -0,0 +1,14 @@
+[Apache]
+title=Web Server
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=80/tcp
+
+[Apache Secure]
+title=Web Server (HTTPS)
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=443/tcp
+
+[Apache Full]
+title=Web Server (HTTP,HTTPS)
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=80,443/tcp
--- apache2-2.2.16.orig/debian/apache2.2-common.dirs
+++ apache2-2.2.16/debian/apache2.2-common.dirs
@@ -0,0 +1,15 @@
+etc/apache2/mods-enabled
+etc/apache2/sites-enabled
+etc/apache2/conf.d
+etc/bash_completion.d
+etc/logrotate.d
+usr/lib/cgi-bin
+usr/share/apache2/build
+usr/share/apache2/default-site
+usr/share/bug/apache2.2-common
+usr/share/lintian/overrides
+var/cache/apache2
+var/cache/apache2/mod_disk_cache
+var/log/apache2
+var/www
+etc/ufw/applications.d
--- apache2-2.2.16.orig/debian/apache2-utils.manpages
+++ apache2-2.2.16/debian/apache2-utils.manpages
@@ -0,0 +1,3 @@
+debian/check_forensic.8
+debian/checkgid.8
+debian/split-logfile.8
--- apache2-2.2.16.orig/debian/apache2.2-common.postinst
+++ apache2-2.2.16/debian/apache2.2-common.postinst
@@ -0,0 +1,97 @@
+#!/bin/sh -e
+
+if [ "$1" != "configure" ]; then
+ exit 0
+fi
+
+mod_is_enabled() {
+ test -L /etc/apache2/mods-enabled/$1.load
+}
+
+#set up default site and dummy error and access logs
+if [ -z "$2" ]; then
+ if [ ! -L /etc/apache2/sites-enabled/000-default -a \
+ ! -f /etc/apache2/sites-enabled/000-default ]; then
+ a2ensite -q default
+ fi
+ touch /var/log/apache2/error.log /var/log/apache2/access.log
+ chown root:adm /var/log/apache2/error.log /var/log/apache2/access.log
+ chmod 0640 /var/log/apache2/error.log /var/log/apache2/access.log
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.3-3.1; then
+ a2enmod -q alias
+ a2enmod -q autoindex
+ a2enmod -q dir
+ a2enmod -q env
+ a2enmod -q mime
+ a2enmod -q negotiation
+ a2enmod -q setenvif
+ a2enmod -q status
+ a2enmod -q auth_basic
+ a2enmod -q deflate
+
+ # Those come from mod_auth:
+ a2enmod -q authz_default
+ a2enmod -q authz_user
+ a2enmod -q authz_groupfile
+ a2enmod -q authn_file
+
+ # This comes from mod_access:
+ a2enmod -q authz_host
+
+fi
+
+if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.2.15-4~ ; then
+ echo activating new config files ...
+ for a in ldap proxy_balancer proxy_ftp ; do
+ if mod_is_enabled $a && [ ! -e /etc/apache2/mods-enabled/$a.conf ] ; then
+ a2enmod -q $a
+ fi
+ done
+ echo " done."
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.7-1~0; then
+ if [ ! -e /var/www/index.html -a \
+ ! -h /var/www/index.html -a \
+ ! -e /var/www/index.cgi -a \
+ ! -e /var/www/index.pl -a \
+ ! -e /var/www/index.php -a \
+ ! -e /var/www/index.xhtml -a \
+ ! -e /var/www/index.htm ] ; then
+ cp /usr/share/apache2/default-site/index.html /var/www/index.html
+ fi
+fi
+
+# DavLockDB format change
+if dpkg --compare-versions "$2" lt 2.2.14-3~; then
+ rm -f /var/lock/apache2/DAVLock.dir /var/lock/apache2/DAVLock.pag
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.15-1~0; then
+ a2enmod -q reqtimeout
+fi
+
+# The definition of other_vhost_access.log has been moved.
+# Disable the new definition if the admin has changed the old
+# one (as determined by preinst).
+if [ -e /etc/apache2/disable-other-vhost-access-log.dpkg-apache2.2-common ] ; then
+ echo "Disabling /etc/apache2/conf.d/other-vhosts-access-log"
+ perl -p -i -e 's/^(CustomLog.*)$/#$1/' /etc/apache2/conf.d/other-vhosts-access-log
+ rm /etc/apache2/disable-other-vhost-access-log.dpkg-apache2.2-common
+fi
+
+rm -f /etc/apache2/ports.conf.dpkg-apache2.2-common.old
+rm -f /etc/default/apache2.dpkg-apache2.2-common.old
+rm -f /etc/apache2/conf.d/charset.dpkg-apache2.2-common.old
+
+[ -f /etc/apache2/httpd.conf ] || touch /etc/apache2/httpd.conf
+
+#DEBHELPER#
+
+exit 0
+
--- apache2-2.2.16.orig/debian/a2enmod
+++ apache2-2.2.16/debian/a2enmod
@@ -0,0 +1,341 @@
+#!/usr/bin/perl -w
+#
+# a2enmod by Stefan Fritsch
+# Licensed under Apache License 2.0
+
+use strict;
+use Cwd 'realpath';
+use File::Spec;
+use File::Basename;
+use Getopt::Long;
+
+my $quiet;
+my $force;
+Getopt::Long::Configure('bundling');
+GetOptions(
+ 'quiet|q' => \$quiet,
+ 'force|f' => \$force
+) or exit 2;
+
+my $basename = basename($0);
+$basename =~ /^a2(en|dis)(mod|site)((?:-.+)?)$/
+ or die "$basename call name unknown\n";
+my $act = $1;
+my $obj = $2;
+my $dir_suffix = $3;
+
+my $env_file = $ENV{APACHE_ENVVARS}
+ || (
+ $ENV{APACHE_CONFDIR}
+ ? "$ENV{APACHE_CONFDIR}/envvars"
+ : "/etc/apache2$dir_suffix/envvars"
+ );
+$ENV{LANG}='C';
+read_env_file($env_file);
+
+$act .= 'able';
+my ( $name, $dir, $sffx, $reload );
+if ( $obj eq 'mod' ) {
+ $obj = 'module';
+ $dir = 'mods';
+ $sffx = '.load';
+ $reload = 'restart';
+}
+else {
+ $dir = 'sites';
+ $sffx = '';
+ $reload = 'reload';
+}
+$name = ucfirst($obj);
+
+my $confdir = $ENV{APACHE_CONFDIR} || "/etc/apache2$dir_suffix";
+my $availdir = $ENV{ uc("APACHE_${dir}_AVAILABLE") } || "$confdir/$dir-available";
+my $enabldir = $ENV{ uc("APACHE_${dir}_ENABLED") } || "$confdir/$dir-enabled";
+
+my $choicedir = $act eq 'enable' ? $availdir : $enabldir;
+my $linkdir = File::Spec->abs2rel( $availdir, $enabldir );
+
+my $request_reload = 0;
+
+my $rc = 0;
+
+if ( !scalar @ARGV ) {
+ my @choices = myglob('*');
+ print "Your choices are: @choices\n";
+ print "Which ${obj}(s) do you want to $act (wildcards ok)?\n";
+ my $input = <>;
+ @ARGV = split /\s+/, $input;
+
+}
+
+my @objs;
+foreach my $arg (@ARGV) {
+ my @glob = myglob($arg);
+ if ( !@glob ) {
+ error("No $obj found matching $arg!\n");
+ $rc = 1;
+ }
+ else {
+ push @objs, @glob;
+ }
+}
+
+foreach my $acton (@objs) {
+ doit($acton) or $rc = 1;
+}
+
+info("Run '/etc/init.d/apache2 $reload' to activate new configuration!\n")
+ if $request_reload;
+
+exit($rc);
+
+##############################################################################
+
+sub myglob {
+ my $arg = shift;
+
+ my @glob = map {
+ s{^$choicedir/}{};
+ s{$sffx$}{};
+ s{^000-default$}{default};
+ $_
+ } glob("$choicedir/$arg$sffx");
+
+ # use same rules as apache's Include directive
+ @glob = grep( /^[[:alnum:]][-._[:alnum:]]*$/, @glob );
+ @glob = grep( !/\.dpkg/, @glob );
+
+ return @glob;
+}
+
+sub doit {
+ my $acton = shift;
+
+ my $prio = "";
+ if ( $obj eq 'site' && $acton eq 'default' ) {
+ $prio = '000-';
+ }
+
+ my ( $conftgt, $conflink );
+ if ( $obj eq 'module' ) {
+ if ( $acton eq 'cgi' && threaded() ) {
+ print "Your MPM seems to be threaded. Selecting cgid instead of cgi.\n";
+ $acton = 'cgid';
+ }
+
+ $conftgt = "$availdir/$acton.conf";
+ if ( -e $conftgt ) {
+ $conflink = "$enabldir/$acton.conf";
+ }
+ }
+
+ my $tgt = "$availdir/$acton$sffx";
+ my $link = "$enabldir/$prio$acton$sffx";
+
+ if ( !-e $tgt ) {
+ if ( -l $link && !-e $link ) {
+ if ( $act eq 'disable' ) {
+ info("removing dangling symlink $link\n");
+ unlink($link);
+ return 1;
+ }
+ else {
+ error("$link is a dangling symlink!\n");
+ }
+ }
+
+ error("$name $acton does not exist!\n");
+ return 0;
+ }
+
+ # handle module dependencies
+ if ( $obj eq 'module' ) {
+ if ( $act eq 'enable' ) {
+ my $depends = qx{grep "# Depends:" "$availdir/$acton.load"|cut -f2 -d:};
+ $depends =~ s,^[\s\n]+,,;
+ $depends =~ s,[\s\n]+$,,;
+ do_deps( $acton, split( /[\n\s]+/, $depends ) ) or return 0;
+ }
+ else {
+ my @depends = qx{egrep "# Depends:.*${acton}( |\$)" $enabldir/*.load};
+ @depends = grep {s{^.*?/([^/]*?)\.load:.*}{$1}s} @depends;
+ if ( scalar @depends ) {
+ if ($force) {
+ do_deps( $acton, @depends ) or return 0;
+ }
+ else {
+ error(
+ "The following modules depend on $acton ",
+ "and need to be disabled first: @depends\n"
+ );
+ return 0;
+ }
+ }
+ }
+ }
+
+ if ( $act eq 'enable' ) {
+ my $check = check_link( $tgt, $link );
+ if ( $check eq 'ok' ) {
+ if ($conflink) {
+
+ # handle .conf file
+ my $confcheck = check_link( $conftgt, $conflink );
+ if ( $confcheck eq 'ok' ) {
+ info("$name $acton already enabled\n");
+ return 1;
+ }
+ elsif ( $confcheck eq 'missing' ) {
+ print "Enabling config file $acton.conf.\n";
+ add_link( $conftgt, $conflink ) or return 0;
+ }
+ else {
+ error("Config file $acton.conf not properly enabled: $confcheck\n");
+ return 0;
+ }
+ }
+ else {
+ info("$name $acton already enabled\n");
+ return 1;
+ }
+ }
+ elsif ( $check eq 'missing' ) {
+ if ($conflink) {
+
+ # handle .conf file
+ my $confcheck = check_link( $conftgt, $conflink );
+ if ( $confcheck eq 'missing' ) {
+ add_link( $conftgt, $conflink ) or return 0;
+ }
+ elsif ( $confcheck ne 'ok' ) {
+ error("Config file $acton.conf not properly enabled: $confcheck\n");
+ return 0;
+ }
+ }
+
+ print "Enabling $obj $acton.\n";
+ if ( $acton eq 'ssl' ) {
+ info("See /usr/share/doc/apache2.2-common/README.Debian.gz on " .
+ "how to configure SSL and create self-signed certificates.\n");
+ }
+ return add_link( $tgt, $link );
+ }
+ else {
+ error("$name $acton not properly enabled: $check\n");
+ return 0;
+ }
+ }
+ else {
+ if ( -e $link || -l $link ) {
+ remove_link($link);
+ if ( $conflink && -e $conflink ) {
+ remove_link($conflink);
+ }
+ print "$name $acton disabled.\n";
+ }
+ elsif ( $conflink && -e $conflink ) {
+ print "Disabling stale config file $acton.conf.\n";
+ remove_link($conflink);
+ }
+ else {
+ info("$name $acton already disabled\n");
+ return 1;
+ }
+ }
+
+ return 1;
+}
+
+sub do_deps {
+ my $acton = shift;
+ foreach my $d (@_) {
+ info("Considering dependency $d for $acton:\n");
+ if ( !doit($d) ) {
+ error("Could not $act dependency $d for $acton, aborting\n");
+ return 0;
+ }
+ }
+ return 1;
+}
+
+sub add_link {
+ my ( $tgt, $link ) = @_;
+
+ # create relative link
+ if ( !symlink( File::Spec->abs2rel( $tgt, dirname($link) ), $link ) ) {
+ die("Could not create $link: $!\n");
+ }
+ $request_reload = 1;
+ return 1;
+}
+
+sub check_link {
+ my ( $tgt, $link ) = @_;
+
+ if ( !-e $link ) {
+ if ( -l $link ) {
+
+ # points to nowhere
+ info("Removing dangling link $link");
+ unlink($link) or die "Could not remove $link\n";
+ }
+ return 'missing';
+ }
+
+ if ( -e $link && !-l $link ) {
+ return "$link is a real file, not touching it";
+ }
+ if ( realpath($link) ne realpath($tgt) ) {
+ return "$link exists but does not point to $tgt, not touching it";
+ }
+ return 'ok';
+}
+
+sub remove_link {
+ my ($link) = @_;
+
+ if ( -l $link ) {
+ unlink($link) or die "Could not remove $link: $!\n";
+ }
+ elsif ( -e $link ) {
+ error("$link is not a symbolic link, not deleting\n");
+ return 0;
+ }
+ $request_reload = 1;
+ return 1;
+}
+
+sub threaded {
+ my $result = "";
+ $result = qx{/usr/sbin/apache2 -V | grep 'threaded'} if -x '/usr/sbin/apache2';
+ if ( $result =~ / no/ ) {
+ return 0;
+ }
+ else {
+ return 1;
+ }
+}
+
+sub info {
+ print @_ if !$quiet;
+}
+
+sub error {
+ print STDERR 'ERROR: ', @_;
+}
+
+sub read_env_file {
+ my $file = shift;
+
+ -r $file or return;
+ my @lines = qx{env - sh -c '. $file && env'};
+ if ($?) {
+ die "Could not read $file\n";
+ }
+
+ foreach my $l (@lines) {
+ chomp $l;
+ $l =~ /^(.*)?=(.*)$/ or die "Could not parse $file\n";
+ $ENV{$1} = $2;
+ }
+}
--- apache2-2.2.16.orig/debian/apache2-suexec-custom.manpages
+++ apache2-2.2.16/debian/apache2-suexec-custom.manpages
@@ -0,0 +1 @@
+debian/suexec.8
--- apache2-2.2.16.orig/debian/README.backtrace
+++ apache2-2.2.16/debian/README.backtrace
@@ -0,0 +1,51 @@
+If apache crashes or freezes, it is helpful if you include a backtrace in the
+bug report.
+
+
+
+In case of a crash, do the following:
+
+1) Install the packages apache2-dbg libapr1-dbg libaprutil1-dbg gdb.
+
+2) Add "CoreDumpDirectory /var/cache/apache2" to your apache configuration.
+
+3) Execute as root:
+ /etc/init.d/apache2 stop
+ ulimit -c unlimited
+ /etc/init.d/apache2 start
+
+4) Do whatever it takes to reproduce the crash. There should now be the file
+/var/cache/apache2/core .
+
+5) If you use apache2-mpm-prefork, execute:
+
+ gdb /usr/sbin/apache2 /var/cache/apache2/core
+ (gdb) bt full
+ ...
+ (gdb) quit
+
+If you use a threaded mpm, execute:
+
+ gdb /usr/sbin/apache2 /var/cache/apache2/core
+ (gdb) thread apply all bt full
+ ...
+ (gdb) quit
+
+Include the backtrace in the bug report.
+
+6) Undo the change to your configuration, uninstall the debug packages, remove
+/var/cache/apache2/core
+
+
+
+In case of a hanging process, you don't need a core dump and you can skip steps 2 and 3.
+
+4) Reproduce the problem. Get the pid of a hanging process.
+
+5) Start gdb with
+
+ gdb -p pid
+
+and continue as described above. It may also be helpful to include the output of
+
+ strace -p pid
--- apache2-2.2.16.orig/debian/apache2ctl
+++ apache2-2.2.16/debian/apache2ctl
@@ -0,0 +1,154 @@
+#!/bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# Apache control script designed to allow an easy command line interface
+# to controlling Apache. Written by Marc Slemko, 1997/08/23
+#
+# Heavily modified for Debian by Stefan Fritsch 2007-2010
+#
+# The exit codes returned are:
+# XXX this doc is no longer correct now that the interesting
+# XXX functions are handled by httpd
+# 0 - operation completed successfully
+# 1 -
+# 2 - usage error
+# 3 - httpd could not be started
+# 4 - httpd could not be stopped
+# 5 - httpd could not be started during a restart
+# 6 - httpd could not be restarted during a restart
+# 7 - httpd could not be restarted during a graceful restart
+# 8 - configuration syntax error
+#
+# When multiple arguments are given, only the error from the _last_
+# one is reported. Run "apachectl help" for usage info
+#
+ARGV="$@"
+#
+# |||||||||||||||||||| START CONFIGURATION SECTION ||||||||||||||||||||
+# -------------------- --------------------
+#
+# main configuration directory
+if test -z "$APACHE_CONFDIR" ; then
+ if test "${0##*apache2ctl-}" != "$0" ; then
+ APACHE_CONFDIR="/etc/apache2-${0##*apache2ctl-}"
+ else
+ APACHE_CONFDIR=/etc/apache2
+ fi
+fi
+# the path to the environment variable file
+test -z "$APACHE_ENVVARS" && APACHE_ENVVARS="$APACHE_CONFDIR/envvars"
+# pick up any necessary environment variables
+if test -f $APACHE_ENVVARS; then
+ . $APACHE_ENVVARS
+fi
+
+if test "$APACHE_CONFDIR" != /etc/apache2 ; then
+ APACHE_ARGUMENTS="-d $APACHE_CONFDIR $APACHE_ARGUMENTS"
+fi
+# the following APACHE_* variables should be set in /etc/apache2/envvars
+#
+# the path to your httpd binary, including options if necessary
+HTTPD=${APACHE_HTTPD:-/usr/sbin/apache2}
+#
+# a command that outputs a formatted text version of the HTML at the
+# url given on the command line. Designed for lynx, however other
+# programs may work.
+LYNX="${APACHE_LYNX:-www-browser -dump}"
+#
+# the URL to your server's mod_status status page. If you do not
+# have one, then status and fullstatus will not work.
+STATUSURL="${APACHE_STATUSURL:-http://localhost:80/server-status}"
+#
+# Set this variable to a command that increases the maximum
+# number of file descriptors allowed per child process. This is
+# critical for configurations that use many file descriptors,
+# such as mass vhosting, or a multithreaded server.
+ULIMIT_MAX_FILES="${APACHE_ULIMIT_MAX_FILES:-ulimit -S -n `ulimit -H -n`}"
+# -------------------- --------------------
+# |||||||||||||||||||| END CONFIGURATION SECTION ||||||||||||||||||||
+
+# Set the maximum number of file descriptors allowed per child process.
+if [ "x$ULIMIT_MAX_FILES" != "x" ] ; then
+ $ULIMIT_MAX_FILES
+fi
+
+ERROR=0
+if [ "x$ARGV" = "x" ] || [ "x$ARGV" = "xusage" ] || [ "x$ARGV" = "xhelp" ] || [ "x$ARGV" = "x--help" ]; then
+ echo "Usage: $0 start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus|help" >&2
+ echo " $0 " >&2
+ echo " $0 -h (for help on )" >&2
+ exit 1
+fi
+
+get_status () {
+ if ! $LYNX $STATUSURL ; then
+ echo "'$LYNX $STATUSURL'" failed. >&2
+ echo Maybe you need to install a package providing www-browser or you >&2
+ echo need to adjust the APACHE_LYNX variable in /etc/apache2/envvars >&2
+ exit 1
+ fi
+}
+
+case $ARGV in
+start)
+ mkdir -p ${APACHE_RUN_DIR:-/var/run/apache2}
+ install -d -o ${APACHE_RUN_USER:-www-data} ${APACHE_LOCK_DIR:-/var/lock/apache2}
+ # ssl_scache shouldn't be here if we're just starting up.
+ # (this is bad if there are several apache2 instances running)
+ rm -f ${APACHE_RUN_DIR:-/var/run/apache2}/*ssl_scache*
+ $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
+ ERROR=$?
+ ;;
+stop|graceful-stop)
+ $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
+ ERROR=$?
+ ;;
+restart|graceful)
+ if $HTTPD ${APACHE_ARGUMENTS} -t 2> /dev/null ; then
+ $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
+ else
+ $HTTPD ${APACHE_ARGUMENTS} -t
+ fi
+ ERROR=$?
+ ;;
+startssl|sslstart|start-SSL)
+ echo The startssl option is no longer supported.
+ echo Please edit httpd.conf to include the SSL configuration settings
+ echo and then use "apachectl start".
+ ERROR=2
+ ;;
+configtest)
+ $HTTPD ${APACHE_ARGUMENTS} -t
+ ERROR=$?
+ ;;
+status)
+ get_status | awk ' /process$/ { print; exit } { print } '
+ ;;
+fullstatus)
+ get_status
+ ;;
+*)
+ $HTTPD ${APACHE_ARGUMENTS} $ARGV
+ ERROR=$?
+esac
+
+if [ "$ERROR" != 0 ] ; then
+ echo Action \'"$@"\' failed.
+ echo The Apache error log may have more information.
+fi
+exit $ERROR
--- apache2-2.2.16.orig/debian/rules
+++ apache2-2.2.16/debian/rules
@@ -0,0 +1,338 @@
+#! /usr/bin/make -f
+
+# Code for httpd 2.1, based on apache2 and others.
+# Copyright (C) Canonical Ltd, 2005
+
+export DEB_BUILD_HARDENING=1
+export DEB_BUILD_OPTIONS
+export DH_OPTIONS
+
+SHELL := sh -e
+
+#enable dpatch
+include /usr/share/dpatch/dpatch.make
+
+# These are used for cross-compiling and for saving the configure script
+# # from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+
+LSB_RELEASE := $(shell lsb_release -i -s)
+
+CONFFLAGS += ac_cv_prog_AWK=mawk ac_cv_prog_LYNX_PATH=www-browser
+
+AP2_COMMON_CONFARGS = --enable-layout=Debian --enable-so \
+ --with-program-name=apache2 \
+ --with-ldap=yes --with-ldap-include=/usr/include \
+ --with-ldap-lib=/usr/lib \
+ --with-suexec-caller=www-data \
+ --with-suexec-bin=/usr/lib/apache2/suexec \
+ --with-suexec-docroot=/var/www \
+ --with-suexec-userdir=public_html \
+ --with-suexec-logfile=/var/log/apache2/suexec.log \
+ --with-suexec-uidmin=100 \
+ --enable-suexec=shared \
+ --enable-log-config=static --enable-logio=static \
+ --with-apr=/usr/bin/apr-1-config \
+ --with-apr-util=/usr/bin/apu-1-config \
+ --with-pcre=yes \
+ --enable-pie
+
+AP2_MODS_CONFARGS = --enable-authn-alias=shared --enable-authnz-ldap=shared \
+ --enable-disk-cache=shared --enable-cache=shared \
+ --enable-mem-cache=shared --enable-file-cache=shared \
+ --enable-cern-meta=shared --enable-dumpio=shared --enable-ext-filter=shared \
+ --enable-charset-lite=shared --enable-cgi=shared \
+ --enable-dav-lock=shared --enable-log-forensic=shared \
+ --enable-ldap=shared --enable-proxy=shared \
+ --enable-proxy-connect=shared --enable-proxy-ftp=shared \
+ --enable-proxy-http=shared --enable-proxy-ajp=shared \
+ --enable-proxy-scgi=shared \
+ --enable-proxy-balancer=shared --enable-ssl=shared \
+ --enable-authn-dbm=shared --enable-authn-anon=shared \
+ --enable-authn-dbd=shared --enable-authn-file=shared \
+ --enable-authn-default=shared --enable-authz-host=shared \
+ --enable-authz-groupfile=shared --enable-authz-user=shared \
+ --enable-authz-dbm=shared --enable-authz-owner=shared \
+ --enable-authnz-ldap=shared --enable-authz-default=shared \
+ --enable-auth-basic=shared --enable-auth-digest=shared \
+ --enable-dbd=shared --enable-deflate=shared \
+ --enable-include=shared --enable-filter=shared \
+ --enable-env=shared --enable-mime-magic=shared \
+ --enable-expires=shared --enable-headers=shared \
+ --enable-ident=shared --enable-usertrack=shared \
+ --enable-unique-id=shared --enable-setenvif=shared \
+ --enable-version=shared --enable-status=shared \
+ --enable-autoindex=shared --enable-asis=shared \
+ --enable-info=shared --enable-cgid=shared \
+ --enable-dav=shared --enable-dav-fs=shared \
+ --enable-vhost-alias=shared --enable-negotiation=shared \
+ --enable-dir=shared --enable-imagemap=shared \
+ --enable-actions=shared --enable-speling=shared \
+ --enable-userdir=shared --enable-alias=shared \
+ --enable-rewrite=shared --enable-mime=shared \
+ --enable-substitute=shared --enable-reqtimeout=shared
+
+AP2_CFLAGS = $(CFLAGS) -g -pipe -I/usr/include/xmltok -I/usr/include/openssl -Wall -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
+AP2_LDFLAGS = -Wl,--as-needed -Wl,-z,relro
+
+#support noopt building
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+ AP2_CFLAGS += -O0
+else
+ AP2_CFLAGS += -O2
+endif
+
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+DEB_BUILD_STRIP = yes
+endif
+
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ MAKEFLAGS += -j$(NUMJOBS)
+endif
+
+BUILD=debian/build-tree
+REALCURDIR=$(CURDIR)
+INSTALL=/usr/bin/install
+
+clean: unpatch
+ dh_testdir
+ rm -rf $(BUILD) mpm-worker mpm-prefork mpm-event mpm-itk install
+ rm -rf debian/tmp-worker debian/tmp-prefork
+ dh_clean
+
+build: patch-stamp build-stamp
+build-stamp: patch-stamp mpm-worker mpm-prefork mpm-event mpm-itk
+ for mpm in prefork event itk ; do \
+ if ! diff -u $(BUILD)/$$mpm/mods.list $(BUILD)/worker/mods.list ; then \
+ echo Different modules built into httpd binaries, will not proceed ;\
+ exit 1 ;\
+ fi \
+ done
+ touch $@
+
+
+mpm-worker mpm-prefork mpm-event mpm-itk: mpm-%: patch-stamp mpm-%.scripts-stamp
+ dh_testdir
+ mkdir -p $(BUILD)/$*
+ # we don't want modifications done by itk outside of server/mpm/experimental/itk
+ # to appear in the other mpms. Therefore we copy the whole source tree.
+ set -ex ; \
+ if [ $* = itk ] ; then \
+ cp -a `find . -maxdepth 1 -mindepth 1 -not -name debian` $(BUILD)/$* ; \
+ cd $(BUILD)/$* ; \
+ mkdir server/mpm/experimental/itk/ ; \
+ cp server/mpm/prefork/* server/mpm/experimental/itk/ ; \
+ mv server/mpm/experimental/itk/prefork.c server/mpm/experimental/itk/itk.c ; \
+ \
+ for PATCH in `tail -n +2 ../../mpm-itk/patches/series`; do \
+ echo Applying $$PATCH ... ; \
+ patch -p1 < ../../mpm-itk/patches/$$PATCH ; \
+ echo ; \
+ done ; \
+ \
+ autoheader ; \
+ autoconf ; \
+ CONFIGURE=./configure ; \
+ else \
+ cd $(BUILD)/$* ; \
+ CONFIGURE="$(REALCURDIR)/configure --srcdir=$(REALCURDIR)" ; \
+ fi ; \
+ if [ $* = worker ] ; then \
+ ENABLE_MODULES="$(AP2_MODS_CONFARGS)" ; \
+ else \
+ ENABLE_MODULES=--enable-modules=none ; \
+ fi ; \
+ CFLAGS="$(AP2_CFLAGS)" LDFLAGS="$(AP2_LDFLAGS)" $(CONFFLAGS) $$CONFIGURE \
+ $(AP2_COMMON_CONFARGS) $$ENABLE_MODULES --with-mpm=$* ; \
+ $(MAKE) ; \
+ ./apache2 -l |grep -v $* > mods.list
+ touch $@
+
+mpm-%.scripts-stamp: debian/mpms.postinst debian/mpms.preinst debian/mpms.prerm debian/mpms.lintian-overrides debian/mpms.dirs debian/mpms.links
+ for f in postinst preinst prerm links dirs ; do \
+ perl -p -e "s/MPMXXX/$*/g" < debian/mpms.$$f > debian/apache2-mpm-$*.$$f ;\
+ done
+ perl -p -e "s/^/apache2-mpm-$*: /" < debian/mpms.lintian-overrides > debian/apache2-mpm-$*.lintian-overrides
+ touch $@
+
+install-worker: mpm-worker
+ dh_testdir
+ dh_testroot
+ cd $(BUILD)/worker ;\
+ $(MAKE) DESTDIR=$(REALCURDIR)/debian/tmp install
+ for m in logresolve ab; do d=$(REALCURDIR)/debian/tmp/usr/share/man/ ;\
+ perl -p -e 's/^([.]TH.*?) 8 (.*)/$$1 1 $$2/' < $$d/man8/$$m.8 > $$d/man1/$$m.1 ;\
+ done
+ ln -sf tmp debian/tmp-worker
+
+install-prefork: mpm-prefork
+ dh_testdir
+ dh_testroot
+ cd $(BUILD)/prefork ;\
+ $(MAKE) DESTDIR=$(REALCURDIR)/debian/tmp-prefork install
+
+install-dev: install-worker install-prefork
+ dh_testdir
+ dh_testroot
+ dh_installdirs
+ for i in worker prefork; do \
+ if [ "$$i" = "prefork" ]; then \
+ TARGET=prefork ;\
+ else \
+ TARGET=threaded ;\
+ fi ;\
+ cp debian/tmp-$$i/usr/include/apache2/* debian/apache2-$$TARGET-dev/usr/include/apache2/ ;\
+ cp debian/tmp-$$i/usr/share/apache2/build/* debian/apache2-$$TARGET-dev/usr/share/apache2/build/ ;\
+ cp $(BUILD)/$$i/support/apxs debian/apache2-$$TARGET-dev/usr/bin/apxs2 ;\
+ perl -p -e s/^P=apache2/P=apache2-$${TARGET}-dev/ < debian/apache2.postinst > debian/apache2-$${TARGET}-dev.postinst ;\
+ done
+# Clean up config_vars.mk
+ set -x ; for i in threaded prefork; do \
+ ( cd debian/apache2-$$i-dev/usr/share/apache2/build/ ; \
+ grep -v -E '(^|_)(CPP|C)FLAGS' config_vars.mk > tmp_config_vars.mk ; \
+ printf "CPPFLAGS = %s\n" "`grep -E '(^|_)(CPPFLAGS|INCLUDES)' config_vars.mk | cut -d= -f 2- | tr ' ' '\n' | grep -E '^-([DI]|pthread)' | sort | uniq | tr '\n' ' '`" >> tmp_config_vars.mk ; \
+ printf "CFLAGS = %s\n" "`grep -E '(^|_)(CPPFLAGS|CFLAGS|INCLUDES)' config_vars.mk | cut -d= -f 2- | tr ' ' '\n' | grep -E '^-(D|I/|pthread)' | sort | uniq | tr '\n' ' '`" >> tmp_config_vars.mk ; \
+ printf "NOTEST_CPPFLAGS = \n" >> tmp_config_vars.mk ; \
+ printf "EXTRA_CPPFLAGS = \n" >> tmp_config_vars.mk ; \
+ printf "EXTRA_CFLAGS = \n" >> tmp_config_vars.mk ; \
+ mv tmp_config_vars.mk config_vars.mk ) ; \
+ done
+
+install: build install-dev
+ dh_testroot
+ dh_testdir
+ dh_installdirs
+
+ #cleanup of death
+ rm -rf debian/tmp/etc/apache2/original
+ rm -rf debian/tmp/usr/include
+ rm -rf debian/tmp/usr/share/apache2/build
+ rm -f debian/tmp/usr/share/man/man8/httpd.8 # We install our own
+ rm -f debian/tmp/usr/sbin/apxs debian/tmp/usr/sbin/apache2 debian/tmp/usr/sbin/apachectl
+
+ # DO NOT FALL FOR THE TEMPTATION TO MV INTO PACKAGES OR DOOM
+ # WILL FIND YOU. Use dh_install, this is just because dh_install
+ # can't rename files
+
+ mv debian/tmp/usr/share/man/man8/apxs.8 debian/tmp/usr/share/man/man8/apxs2.8
+ mv debian/tmp/usr/share/man/man8/apachectl.8 debian/tmp/usr/share/man/man8/apache2ctl.8
+ mkdir -p debian/tmp/usr/share/apache2/icons/
+ for i in `ls debian/icons/ | cut -d. -f1,2`; do \
+ uudecode -o debian/tmp/usr/share/apache2/icons/$$i debian/icons/$$i".uue"; \
+ done
+
+ dh_install --list-missing
+
+ cp debian/bash_completion debian/apache2.2-common/etc/bash_completion.d/apache2.2-common
+ install -m644 debian/apache2.2-common.ufw.profile debian/apache2.2-common/etc/ufw/applications.d/apache2.2-common
+
+ # standard suexec
+ chmod 4754 debian/apache2-suexec/usr/lib/apache2/suexec
+ chgrp www-data debian/apache2-suexec/usr/lib/apache2/suexec
+
+ chmod 644 debian/apache2.2-bin/usr/lib/apache2/modules/mod_suexec.so
+
+ # configurable suexec
+ cp debian/build-tree/worker/support/suexec-custom debian/apache2-suexec-custom/usr/lib/apache2/suexec
+ cp debian/suexec-custom.config debian/apache2-suexec-custom/etc/apache2/suexec/www-data
+ chmod 4754 debian/apache2-suexec-custom/usr/lib/apache2/suexec
+ chgrp www-data debian/apache2-suexec-custom/usr/lib/apache2/suexec
+
+ cp debian/apache2-doc.conf debian/apache2-doc/etc/apache2/conf.d/apache2-doc
+ grep -rl apachectl debian/apache2-doc/usr/share/doc/apache2-doc/manual | xargs perl -p -i -e 's/apachectl(?!\.html)/apache2ctl/g'
+ # remove content negotiation
+ mv debian/apache2-doc/usr/share/doc/apache2-doc/manual \
+ debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig
+ perl debian/convert_docs debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig \
+ debian/apache2-doc/usr/share/doc/apache2-doc/manual
+ mv debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig/images \
+ debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig/style \
+ debian/apache2-doc/usr/share/doc/apache2-doc/manual
+ rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/lang
+ rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/xsl/util
+ rmdir debian/apache2-doc/usr/share/doc/apache2-doc/manual/style/xsl
+ rm -r debian/apache2-doc/usr/share/doc/apache2-doc/manual.orig
+
+ cp debian/logrotate debian/apache2.2-common/etc/logrotate.d/apache2
+ cp debian/default-index.html debian/apache2.2-common/usr/share/apache2/default-site/index.html
+
+ for i in worker prefork event itk; do \
+ install -m 755 $(BUILD)/$$i/apache2 debian/apache2.2-bin/usr/lib/apache2/mpm-$$i/apache2 ;\
+ done
+
+ for pkg in `awk '/^Package:/ { print $$2 }' debian/control`; do \
+ find debian/$$pkg/ -name .svn -exec rm -rf {} + ; \
+ done
+
+ dh_installdocs debian/README.backtrace -papache2.2-bin
+ dh_installdocs debian/README.backtrace debian/README.multiple-instances -papache2.2-common
+ dh_installdocs -Napache2.2-common -Napache2.2-bin
+ cp debian/README.Debian debian/apache2-doc/usr/share/doc/apache2-doc/
+ dh_installman
+ dh_bugfiles
+ dh_installinit --no-start -r --name=apache2 -- defaults 91 09
+ dh_installcron --name=apache2
+ dh_installchangelogs CHANGES -Napache2-suexec -Napache2-suexec-custom -Napache2
+ dh_installchangelogs -papache2-suexec -papache2-suexec-custom -papache2
+ dh_lintian
+ rm -f debian/apache2.2-bin/usr/share/doc/apache2.2-bin/NEWS.Debian
+ rm -f debian/apache2-utils/usr/share/doc/apache2-utils/NEWS.Debian
+
+ dh_strip --dbg-package=apache2-dbg -Napache2-dbg -Xusr/lib/apache2/mpm
+ if [ "$(LSB_RELEASE)" != "Ubuntu" ] && [ -n "$(DEB_BUILD_STRIP)" ] ; then \
+ for i in worker prefork event itk; do \
+ MPM=usr/lib/apache2/mpm-$$i/apache2 ;\
+ objcopy --only-keep-debug $(BUILD)/$$i/apache2 \
+ debian/apache2-dbg/usr/lib/debug/$$MPM-mpm-$$i ;\
+ chmod 644 debian/apache2-dbg/usr/lib/debug/$$MPM-mpm-$$i ;\
+ strip --remove-section=.comment --remove-section=.note --strip-unneeded \
+ debian/apache2.2-bin/$$MPM ;\
+ objcopy --add-gnu-debuglink=debian/apache2-dbg/usr/lib/debug/$$MPM-mpm-$$i \
+ debian/apache2.2-bin/$$MPM ;\
+ done ;\
+ fi
+
+ cp debian/mpm-itk/README debian/apache2.2-common/usr/share/doc/apache2.2-common/README.mpm-itk
+ cp debian/mpm-itk/CHANGES debian/apache2.2-common/usr/share/doc/apache2.2-common/changelog.mpm-itk
+ cp debian/mpm-itk/debian/changelog debian/apache2.2-common/usr/share/doc/apache2.2-common/changelog.mpm-itk.Debian
+ for p in apache2-prefork-dev apache2-threaded-dev apache2-mpm-prefork apache2-mpm-event \
+ apache2-mpm-worker apache2-mpm-itk apache2; \
+ do \
+ rm -rf debian/$$p/usr/share/doc/$$p ;\
+ ln -s apache2.2-common debian/$$p/usr/share/doc/$$p ;\
+ done
+ rm -rf debian/apache2-dbg/usr/share/doc/apache2-dbg
+ ln -s apache2.2-bin debian/apache2-dbg/usr/share/doc/apache2-dbg
+ dh_link
+ dh_installexamples
+ dh_compress
+ dh_fixperms -Xsuexec
+ chown -R www-data:www-data debian/apache2.2-common/var/cache/apache2
+ chown root:adm debian/apache2.2-common/var/log/apache2
+ chmod o-rx debian/apache2.2-common/var/log/apache2
+
+ touch $@
+
+binary-indep: install
+ dh_installdeb -i
+ dh_gencontrol -i
+ dh_md5sums -i
+ dh_builddeb -i
+
+binary-arch: install
+ dh_makeshlibs -a -V
+ dh_installdeb -a
+ dh_shlibdeps -a
+ dh_gencontrol -a
+ dh_md5sums -a
+ if [ "$(LSB_RELEASE)" = "Ubuntu" ]; then \
+ rm -rf debian/apache2-dbg; \
+ sed -i '/apache2-dbg/d' debian/files; \
+ dh_builddeb -a -Napache2-dbg; \
+ else \
+ dh_builddeb -a; \
+ fi
+
+binary: binary-arch binary-indep
--- apache2-2.2.16.orig/debian/apache2.2-common.examples
+++ apache2-2.2.16/debian/apache2.2-common.examples
@@ -0,0 +1,3 @@
+debian/setup-instance
+debian/secondary-init-script
+debian/apache2.monit
--- apache2-2.2.16.orig/debian/a2enmod.8
+++ apache2-2.2.16/debian/a2enmod.8
@@ -0,0 +1,68 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH A2ENMOD 8 "12 October 2006"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+a2enmod, a2dismod \- enable or disable an apache2 module
+.SH SYNOPSIS
+.B a2enmod
+.RI [ module ]
+.PP
+.B a2dismod
+.RI [ module ]
+.SH DESCRIPTION
+This manual page documents briefly the
+.B a2enmod
+and
+.B a2dismod
+commands.
+.PP
+.B a2enmod
+is a script that enables the specified module within the
+.B apache2
+configuration. It does this by creating symlinks within
+.BR /etc/apache2/mods-enabled .
+Likewise,
+.B a2dismod
+disables a module by removing those symlinks. It is not an error to
+enable a module which is already enabled, or to disable one which is
+already disabled.
+.SH EXAMPLES
+.RS
+.B "a2enmod imagemap"
+.br
+.B "a2dismod mime_magic"
+.RE
+.PP
+Enables the
+.B mod_imagemap
+module, and disables the
+.B mod_mime_magic
+module.
+.SH FILES
+.TP
+.B /etc/apache2/mods-available
+Directory with files giving information on available modules.
+.TP
+.B /etc/apache2/mods-enabled
+Directory with links to the files in
+.B mods-available
+for enabled modules.
+.SH "SEE ALSO"
+.BR apache2ctl (8).
+.SH AUTHOR
+This manual page was written by Daniel Stone for the Debian
+GNU/Linux distribution, as it is a Debian-specific script with the package.
--- apache2-2.2.16.orig/debian/apache2.8
+++ apache2-2.2.16/debian/apache2.8
@@ -0,0 +1,81 @@
+.TH "APACHE2" 8 "2008-04-05" "Apache HTTP Server" "apache2"
+
+.SH NAME
+apache2 \- Apache Hypertext Transfer Protocol Server
+.SH "SYNOPSIS"
+.PP
+\fBapache2\fR [ -\fBd\fR \fIserverroot\fR ] [ -\fBf\fR \fIconfig\fR ] [ -\fBC\fR \fIdirective\fR ] [ -\fBc\fR \fIdirective\fR ] [ -\fBD\fR \fIparameter\fR ] [ -\fBe\fR \fIlevel\fR ] [ -\fBE\fR \fIfile\fR ] [ \fB-k\fR start|restart|graceful|stop|graceful-stop ] [ -\fBR\fR \fIdirectory\fR ] [ -\fBh\fR ] [ -\fBl\fR ] [ -\fBL\fR ] [ -\fBS\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBV\fR ] [ -\fBX\fR ] [ -\fBM\fR ]
+.SH "SUMMARY"
+.PP
+apache2 is the Apache HyperText Transfer Protocol (HTTP) server program\&. It is designed to be run as a standalone daemon process\&. When used like this it will create a pool of child processes or threads to handle requests\&.
+.PP
+In general, apache2 should not be invoked directly, but rather should be
+invoked via /etc/init.d/apache2 or apache2ctl\&. The default Debian
+configuration requires environment variables that are defined in
+/etc/apache2/envvars and are not available if apache2 is started directly.
+However, apache2ctl can be used to pass arbitrary arguments to apache2.
+.SH "DOCUMENTATION"
+.PP
+The full documentation is available in the apache2-doc package or at
+http://httpd.apache.org/docs/2.2/ . Information about Debian specific changes
+and configuration can be found in
+/usr/share/doc/apache2.2-common/README.Debian.gz .
+.SH "OPTIONS"
+.TP
+-d \fIserverroot\fR
+Set the initial value for the ServerRoot directive to \fIserverroot\fR\&. This can be overridden by the ServerRoot directive in the configuration file\&.
+.TP
+-f \fIconfig\fR
+Uses the directives in the file \fIconfig\fR on startup\&. If \fIconfig\fR does not begin with a /, then it is taken to be a path relative to the ServerRoot\&. The default is /etc/apache2/apache2\&.conf\&.
+.TP
+-k start|restart|graceful|stop|graceful-stop
+Signals apache2 to start, restart, or stop\&. See Stopping Apache for more information\&.
+.TP
+-C \fIdirective\fR
+Process the configuration \fIdirective\fR before reading config files\&.
+.TP
+-c \fIdirective\fR
+Process the configuration \fIdirective\fR after reading config files\&.
+.TP
+-D \fIparameter\fR
+Sets a configuration \fIparameter \fRwhich can be used with sections in the configuration files to conditionally skip or process commands at server startup and restart\&.
+.TP
+-e \fIlevel\fR
+Sets the LogLevel to \fIlevel\fR during server startup\&. This is useful for temporarily increasing the verbosity of the error messages to find problems during startup\&.
+.TP
+-E \fIfile\fR
+Send error messages during server startup to \fIfile\fR\&.
+.TP
+-R \fIdirectory\fR
+When the server is compiled using the SHARED_CORE rule, this specifies the \fIdirectory\fR for the shared object files\&.
+.TP
+-h
+Output a short summary of available command line options\&.
+.TP
+-l
+Output a list of modules compiled into the server\&. This will \fBnot\fR list dynamically loaded modules included using the LoadModule directive\&.
+.TP
+-L
+Output a list of directives together with expected arguments and places where the directive is valid\&.
+.TP
+-M
+Dump a list of loaded Static and Shared Modules\&.
+.TP
+-S
+Show the settings as parsed from the config file (currently only shows the virtualhost settings)\&.
+.TP
+-t
+Run syntax tests for configuration files only\&. The program immediately exits after these syntax parsing tests with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error)\&. If -D \fIDUMP\fR_\fIVHOSTS \fRis also set, details of the virtual host configuration will be printed\&. If -D \fIDUMP\fR_\fIMODULES \fR is set, all loaded modules will be printed\&.
+.TP
+-v
+Print the version of apache2, and then exit\&.
+.TP
+-V
+Print the version and build parameters of apache2, and then exit\&.
+.TP
+-X
+Run apache2 in debug mode\&. Only one worker will be started and the server will not detach from the console\&.
+.SH SEE ALSO
+.BR apache2ctl (8),
+.BR /usr/share/doc/apache2.2-common/README.Debian.gz
+
--- apache2-2.2.16.orig/debian/split-logfile.8
+++ apache2-2.2.16/debian/split-logfile.8
@@ -0,0 +1,21 @@
+.TH "SPLIT-LOGFILE" 8 "2009-12-06" "Apache HTTP Server" "split-logfile"
+
+.SH NAME
+split-logfile - Split combined virtual hosts access log into one file per virtual host
+
+.SH "SYNOPSIS"
+
+.PP
+\fBsplit-logfile\fR < \fIlogfile\fR
+
+.SH "SUMMARY"
+
+.PP
+This script will take a combined Web server access log file and break its contents into separate files.
+It assumes that the first field of each line is the virtual host identity (put there by "%v"), and that the logfiles should be named that+".log" in the current directory.
+
+The combined log file is read from stdin.
+Records read will be appended to any existing log files.
+
+.SH "EXAMPLES"
+split-logfile < /var/log/apache2/other_vhosts_access.log
--- apache2-2.2.16.orig/debian/httxt2dbm.8
+++ apache2-2.2.16/debian/httxt2dbm.8
@@ -0,0 +1,41 @@
+.TH "HTTXT2DBM" 8 "2007-06-26" "Apache HTTP Server" "httxt2dbm"
+
+.SH NAME
+httxt2dbm - Generate dbm files for use with RewriteMap
+
+.SH "SYNOPSIS"
+
+.PP
+\fBhttxt2dbm\fR [ \fB\-v\fR ] [ \fB\-f\fR \fIDBM_TYPE\fR ] \fB\-i\fR \fISOURCE_TXT\fR \fB\-o\fR \fIOUTPUT_DBM\fR
+
+.SH "SUMMARY"
+
+.PP
+\fBhttxt2dbm\fR is used to generate dbm files from text input, for use in RewriteMap with the dbm map type.
+
+.SH "OPTIONS"
+
+.TP
+\-v
+More verbose output
+.TP
+\-f \fIDBM_TYPE\fR
+Specify the DBM type to be used for the output. If not specified, will use the APR Default. Available types are:
+ GDBM for GDBM files
+ SDBM for SDBM files
+ DB for berkeley DB files
+ NDBM for NDBM files
+ default for the default DBM type
+.TP
+\-i \fISOURCE_TXT\fR
+Input file from which the dbm is to be created. The file should be formated with one record per line, of the form:
+ key value
+See the documentation for RewriteMap for further details of this file's format and meaning.
+.TP
+\-o \fIOUTPUT_DBM\fR
+Name of the output dbm files.
+
+.SH "EXAMPLES"
+httxt2dbm \-i rewritemap.txt \-o rewritemap.dbm
+
+httxt2dbm \-f SDBM \-i rewritemap.txt \-o rewritemap.dbm
--- apache2-2.2.16.orig/debian/check_forensic.8
+++ apache2-2.2.16/debian/check_forensic.8
@@ -0,0 +1,16 @@
+.TH check_forensic 8
+.SH NAME
+check_forensic \- tool to extract mod_log_forensic output from apache log files
+.SH SYNOPSIS
+.B check_forensic
+
+.SH "DESCRIPTION"
+chech_forensic is a simple shell script designed to help apache administrators
+to extract mod_log_forensic output from apache2 log files.
+It checks the forensic log for requests that did not complete
+and outputs the request log for each one.
+.PP
+.SH AUTHOR
+This manual page was written by Fabio M. Di Nitto
+, for the Debian GNU/Linux system
+(but may be used by others).
--- apache2-2.2.16.orig/debian/bash_completion
+++ apache2-2.2.16/debian/bash_completion
@@ -0,0 +1,54 @@
+# bash completion for Debian apache2 configuration tools
+# $Id: apache2,v 1.1 2005/03/16 22:51:19 guillaume Exp $
+
+_apache2_modsites()
+{
+ COMPREPLY=( $( compgen -W '$( command ls /etc/apache2/$1 2>/dev/null \
+ | sed -e 's/[.]load$//' -e 's/[.]conf$//' )' -- $cur ) )
+}
+
+_a2enmod()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_modsites mods-available
+}
+complete -F _a2enmod a2enmod
+
+_a2ensite()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_modsites sites-available
+
+}
+complete -F _a2ensite a2ensite
+
+_a2dismod()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_modsites mods-enabled
+}
+complete -F _a2dismod a2dismod
+
+_a2dissite()
+{
+ local cur
+
+ COMPREPLY=()
+ cur=${COMP_WORDS[COMP_CWORD]}
+
+ _apache2_modsites sites-enabled
+
+}
+complete -F _a2dissite a2dissite
--- apache2-2.2.16.orig/debian/apache2.links
+++ apache2-2.2.16/debian/apache2.links
@@ -0,0 +1 @@
+usr/share/bug/apache2.2-common/script usr/share/bug/apache2/script
--- apache2-2.2.16.orig/debian/copyright
+++ apache2-2.2.16/debian/copyright
@@ -0,0 +1,546 @@
+This package was debianized by Thom May on
+Tues, 8 Feb 2005 16:00:00 +0000.
+
+It was downloaded from http://httpd.apache.org/download.cgi
+
+Upstream Authors:
+ The Apache Software Foundation - http://httpd.apache.org
+ For apache2-mpm-itk:
+ Steinar H. Gunderson
+ Knut Auvor Grythe
+
+Copyright:
+
+Licensed to the Apache Software Foundation (ASF) under one or more contributor
+license agreements. The ASF licenses this work to You under the Apache License,
+Version 2.0 (the "License"); you may not use this work except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+On a Debian system, the license can be found at
+/usr/share/common-licenses/Apache-2.0 .
+
+APACHE2-MPM-ITK:
+
+apache2-mpm-itk is copyright Steinar H. Gunderson
+and Knut Auvor Grythe , and is provided under the same license
+as the Apache web server.
+
+Get the latest version at http://mpm-itk.sesse.net/ .
+
+APACHE HTTP SERVER SUBCOMPONENTS:
+
+The Apache HTTP Server includes a number of subcomponents with
+separate copyright notices and license terms. Your use of the source
+code for the these subcomponents is subject to the terms and
+conditions of the following licenses.
+
+For the mod_mime_magic component:
+
+/*
+ * mod_mime_magic: MIME type lookup via file magic numbers
+ * Copyright (c) 1996-1997 Cisco Systems, Inc.
+ *
+ * This software was submitted by Cisco Systems to the Apache Group in July
+ * 1997. Future revisions and derivatives of this source code must
+ * acknowledge Cisco Systems as the original contributor of this module.
+ * All other licensing and usage conditions are those of the Apache Group.
+ *
+ * Some of this code is derived from the free version of the file command
+ * originally posted to comp.sources.unix. Copyright info for that program
+ * is included below as required.
+ * ---------------------------------------------------------------------------
+ * - Copyright (c) Ian F. Darwin, 1987. Written by Ian F. Darwin.
+ *
+ * This software is not subject to any license of the American Telephone and
+ * Telegraph Company or of the Regents of the University of California.
+ *
+ * Permission is granted to anyone to use this software for any purpose on any
+ * computer system, and to alter it and redistribute it freely, subject to
+ * the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources, credits
+ * must appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users ever read
+ * sources, credits must appear in the documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ * -------------------------------------------------------------------------
+ *
+ */
+
+For the file /etc/apache2/magic (taken from the package file 4.17-5etch3):
+
+Copyright (c) Ian F. Darwin 1986, 1987, 1989, 1990, 1991, 1992, 1994, 1995.
+Software written by Ian F. Darwin and others;
+maintained 1994-2004 Christos Zoulas.
+
+This software is not subject to any export provision of the United States
+Department of Commerce, and may be exported to any country or planet.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+ notice immediately at the beginning of the file, without modification,
+ this list of conditions, and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+
+For the modules\mappers\mod_imap.c component:
+
+ "macmartinized" polygon code copyright 1992 by Eric Haines, erich@eye.com
+
+For the server\util_md5.c component:
+
+/************************************************************************
+ * NCSA HTTPd Server
+ * Software Development Group
+ * National Center for Supercomputing Applications
+ * University of Illinois at Urbana-Champaign
+ * 605 E. Springfield, Champaign, IL 61820
+ * httpd@ncsa.uiuc.edu
+ *
+ * Copyright (C) 1995, Board of Trustees of the University of Illinois
+ *
+ ************************************************************************
+ *
+ * md5.c: NCSA HTTPd code which uses the md5c.c RSA Code
+ *
+ * Original Code Copyright (C) 1994, Jeff Hostetler, Spyglass, Inc.
+ * Portions of Content-MD5 code Copyright (C) 1993, 1994 by Carnegie Mellon
+ * University (see Copyright below).
+ * Portions of Content-MD5 code Copyright (C) 1991 Bell Communications
+ * Research, Inc. (Bellcore) (see Copyright below).
+ * Portions extracted from mpack, John G. Myers - jgm+@cmu.edu
+ * Content-MD5 Code contributed by Martin Hamilton (martin@net.lut.ac.uk)
+ *
+ */
+
+
+/* these portions extracted from mpack, John G. Myers - jgm+@cmu.edu */
+/* (C) Copyright 1993,1994 by Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify, distribute, and sell this software
+ * and its documentation for any purpose is hereby granted without
+ * fee, provided that the above copyright notice appear in all copies
+ * and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of Carnegie
+ * Mellon University not be used in advertising or publicity
+ * pertaining to distribution of the software without specific,
+ * written prior permission. Carnegie Mellon University makes no
+ * representations about the suitability of this software for any
+ * purpose. It is provided "as is" without express or implied
+ * warranty.
+ *
+ * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
+ * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
+ */
+
+/*
+ * Copyright (c) 1991 Bell Communications Research, Inc. (Bellcore)
+ *
+ * Permission to use, copy, modify, and distribute this material
+ * for any purpose and without fee is hereby granted, provided
+ * that the above copyright notice and this permission notice
+ * appear in all copies, and that the name of Bellcore not be
+ * used in advertising or publicity pertaining to this
+ * material without the specific, prior written permission
+ * of an authorized representative of Bellcore. BELLCORE
+ * MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY
+ * OF THIS MATERIAL FOR ANY PURPOSE. IT IS PROVIDED "AS IS",
+ * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.
+ */
+
+For the srclib\apr\include\apr_md5.h component:
+/*
+ * This is work is derived from material Copyright RSA Data Security, Inc.
+ *
+ * The RSA copyright statement and Licence for that original material is
+ * included below. This is followed by the Apache copyright statement and
+ * licence for the modifications made to that material.
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ rights reserved.
+
+ License to copy and use this software is granted provided that it
+ is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+ Algorithm" in all material mentioning or referencing this software
+ or this function.
+
+ License is also granted to make and use derivative works provided
+ that such works are identified as "derived from the RSA Data
+ Security, Inc. MD5 Message-Digest Algorithm" in all material
+ mentioning or referencing the derived work.
+
+ RSA Data Security, Inc. makes no representations concerning either
+ the merchantability of this software or the suitability of this
+ software for any particular purpose. It is provided "as is"
+ without express or implied warranty of any kind.
+
+ These notices must be retained in any copies of any part of this
+ documentation and/or software.
+ */
+
+For the srclib\apr\passwd\apr_md5.c component:
+
+/*
+ * This is work is derived from material Copyright RSA Data Security, Inc.
+ *
+ * The RSA copyright statement and Licence for that original material is
+ * included below. This is followed by the Apache copyright statement and
+ * licence for the modifications made to that material.
+ */
+
+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ rights reserved.
+
+ License to copy and use this software is granted provided that it
+ is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+ Algorithm" in all material mentioning or referencing this software
+ or this function.
+
+ License is also granted to make and use derivative works provided
+ that such works are identified as "derived from the RSA Data
+ Security, Inc. MD5 Message-Digest Algorithm" in all material
+ mentioning or referencing the derived work.
+
+ RSA Data Security, Inc. makes no representations concerning either
+ the merchantability of this software or the suitability of this
+ software for any particular purpose. It is provided "as is"
+ without express or implied warranty of any kind.
+
+ These notices must be retained in any copies of any part of this
+ documentation and/or software.
+ */
+/*
+ * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0
+ * MD5 crypt() function, which is licenced as follows:
+ * ----------------------------------------------------------------------------
+ * "THE BEER-WARE LICENSE" (Revision 42):
+ * wrote this file. As long as you retain this notice you
+ * can do whatever you want with this stuff. If we meet some day, and you think
+ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
+ * ----------------------------------------------------------------------------
+ */
+
+For the srclib\apr-util\crypto\apr_md4.c component:
+
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ * rights reserved.
+ *
+ * License to copy and use this software is granted provided that it
+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ * Algorithm" in all material mentioning or referencing this software
+ * or this function.
+ *
+ * License is also granted to make and use derivative works provided
+ * that such works are identified as "derived from the RSA Data
+ * Security, Inc. MD4 Message-Digest Algorithm" in all material
+ * mentioning or referencing the derived work.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+For the srclib\apr-util\include\apr_md4.h component:
+
+ *
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ * rights reserved.
+ *
+ * License to copy and use this software is granted provided that it
+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ * Algorithm" in all material mentioning or referencing this software
+ * or this function.
+ *
+ * License is also granted to make and use derivative works provided
+ * that such works are identified as "derived from the RSA Data
+ * Security, Inc. MD4 Message-Digest Algorithm" in all material
+ * mentioning or referencing the derived work.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+
+For the srclib\apr-util\test\testdbm.c component:
+
+/* ====================================================================
+ * The Apache Software License, Version 1.1
+ *
+ * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
+ * reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. The end-user documentation included with the redistribution,
+ * if any, must include the following acknowledgment:
+ * "This product includes software developed by the
+ * Apache Software Foundation (http://www.apache.org/)."
+ * Alternately, this acknowledgment may appear in the software itself,
+ * if and wherever such third-party acknowledgments normally appear.
+ *
+ * 4. The names "Apache" and "Apache Software Foundation" must
+ * not be used to endorse or promote products derived from this
+ * software without prior written permission. For written
+ * permission, please contact apache@apache.org.
+ *
+ * 5. Products derived from this software may not be called "Apache",
+ * nor may "Apache" appear in their name, without prior written
+ * permission of the Apache Software Foundation.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ * This file came from the SDBM package (written by oz@nexus.yorku.ca).
+ * That package was under public domain. This file has been ported to
+ * APR, updated to ANSI C and other, newer idioms, and added to the Apache
+ * codebase under the above copyright and license.
+ */
+
+
+For the srclib\apr-util\test\testmd4.c component:
+
+ *
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
+ * rights reserved.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+For the srclib\apr-util\xml\expat\conftools\install-sh component:
+
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission. M.I.T. makes no representations about the
+# suitability of this software for any purpose. It is provided "as is"
+# without express or implied warranty.
+#
+
+For the srclib\pcre\install-sh component:
+
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission. M.I.T. makes no representations about the
+# suitability of this software for any purpose. It is provided "as is"
+# without express or implied warranty.
+
+For the pcre component:
+
+PCRE LICENCE
+------------
+
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel
+
+University of Cambridge Computing Service,
+Cambridge, England. Phone: +44 1223 334714.
+
+Copyright (c) 1997-2001 University of Cambridge
+
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+ explicit claim or by omission. In practice, this means that if you use
+ PCRE in software which you distribute to others, commercially or
+ otherwise, you must put a sentence like this
+
+ Regular expression support is provided by the PCRE library package,
+ which is open source software, written by Philip Hazel, and copyright
+ by the University of Cambridge, England.
+
+ somewhere reasonably visible in your documentation and in any relevant
+ files or online help data or similar. A reference to the ftp site for
+ the source, that is, to
+
+ ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
+
+ should also be given in the documentation.
+
+3. Altered versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+ General Purpose Licence (GPL), or Lesser General Purpose Licence (LGPL),
+ then the terms of that licence shall supersede any condition above with
+ which it is incompatible.
+
+The documentation for PCRE, supplied in the "doc" directory, is distributed
+under the same terms as the software itself.
+
+End PCRE LICENCE
+
+Note: The various versions of the GPL and the LGPL can be found in
+/usr/share/common-licenses/.
+
+For the test\zb.c component:
+
+/* ZeusBench V1.01
+ ===============
+
+This program is Copyright (C) Zeus Technology Limited 1996.
+
+This program may be used and copied freely providing this copyright notice
+is not removed.
+
+This software is provided "as is" and any express or implied waranties,
+including but not limited to, the implied warranties of merchantability and
+fitness for a particular purpose are disclaimed. In no event shall
+Zeus Technology Ltd. be liable for any direct, indirect, incidental, special,
+exemplary, or consequential damaged (including, but not limited to,
+procurement of substitute good or services; loss of use, data, or profits;
+or business interruption) however caused and on theory of liability. Whether
+in contract, strict liability or tort (including negligence or otherwise)
+arising in any way out of the use of this software, even if advised of the
+possibility of such damage.
+
+ Written by Adam Twiss (adam@zeus.co.uk). March 1996
+
+Thanks to the following people for their input:
+ Mike Belshe (mbelshe@netscape.com)
+ Michael Campanella (campanella@stevms.enet.dec.com)
+
+*/
+
+For the expat xml parser component:
+
+Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd
+ and Clark Cooper
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+====================================================================
+
+OpenDocument icons:
+-------------------
+
+These icons are copyright of Pete Harlow and licensed under the Apache
+license. See
+https://bugs.edge.launchpad.net/ubuntu/+source/apache2/+bug/130836
+http://www.catnip.co.uk/opendocument/icons/#apache
--- apache2-2.2.16.orig/debian/apache2-suexec-custom.lintian-overrides
+++ apache2-2.2.16/debian/apache2-suexec-custom.lintian-overrides
@@ -0,0 +1 @@
+setuid-binary usr/lib/apache2/suexec 4754 root/www-data
--- apache2-2.2.16.orig/debian/apache2.2-common.lintian-overrides
+++ apache2-2.2.16/debian/apache2.2-common.lintian-overrides
@@ -0,0 +1,3 @@
+apache2.2-common: setuid-binary usr/lib/apache2/suexec 4754 root/www-data
+apache2.2-common: non-standard-dir-perm var/log/apache2/ 0750 != 0755
+apache2.2-common: package-contains-empty-directory usr/lib/cgi-bin/
--- apache2-2.2.16.orig/debian/apache2.2-common.apache2.cron.daily
+++ apache2-2.2.16/debian/apache2.2-common.apache2.cron.daily
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# run htcacheclean
+
+set -e
+set -u
+
+[ -e /usr/sbin/htcacheclean ] || exit 0
+[ -e /etc/default/apache2 ] || exit 0
+
+
+# edit /etc/default/apache2 to change this
+HTCACHECLEAN_MODE=daemon
+HTCACHECLEAN_RUN=auto
+HTCACHECLEAN_SIZE=300M
+HTCACHECLEAN_PATH=/var/cache/apache2/mod_disk_cache
+HTCACHECLEAN_OPTIONS=""
+
+. /etc/default/apache2
+
+[ "$HTCACHECLEAN_MODE" = "cron" ] || exit 0
+
+[ "$HTCACHECLEAN_RUN" = "yes" ] ||
+( [ "$HTCACHECLEAN_RUN" = "auto" ] && \
+ [ -e /etc/apache2/mods-enabled/disk_cache.load ] ) || exit 0
+
+/usr/sbin/htcacheclean ${HTCACHECLEAN_OPTIONS} \
+ -p${HTCACHECLEAN_PATH} \
+ -l${HTCACHECLEAN_SIZE}
+
--- apache2-2.2.16.orig/debian/apache2.2-common.bug-script
+++ apache2-2.2.16/debian/apache2.2-common.bug-script
@@ -0,0 +1,60 @@
+#!/usr/bin/perl -w
+
+use strict;
+use Text::Wrap;
+$Text::Wrap::columns = 70;
+
+open (my $out, ">&=3") or die "could not open FD 3\n";
+
+my $apache = ". /etc/apache2/envvars && /usr/sbin/apache2";
+my $res = `$apache -t 2>&1`;
+my @modules;
+my $php;
+if ($res !~ "Syntax OK") {
+ # if we are not root, syntax check will fail because ssl private keys
+ # are not readable
+ print $out "Config file syntax check failed.\n" if $> == 0;
+ @modules = sort glob("/etc/apache2/mods-enabled/*.load");
+ map { s{^/etc/apache2/mods-enabled/(.*)\.load$}{$1} } @modules;
+ print $out "List of /etc/apache2/mods-enabled/*.load:\n";
+}
+else {
+ @modules = sort `$apache -M 2>&1`;
+ @modules = map { /^ (.*)_module \(shared\)/ ? ($1) : () } @modules;
+ print $out "List of enabled modules from 'apache2 -M':\n";
+}
+if (! scalar @modules) {
+ print $out "Could not determine module list\n";
+}
+else {
+ my $missing;
+ foreach my $m (@modules) {
+ if (-e "/etc/apache2/mods-available/$m.conf" and
+ ! -e "/etc/apache2/mods-enabled/$m.conf") {
+ $m .= "*";
+ $missing = 1;
+ }
+ if ($m =~ /^(php\d)/) {
+ $php = $1;
+ }
+ }
+
+ print $out wrap(" ", " ", "@modules\n");
+
+ print $out
+ wrap(" ", " ",
+ "(A * means that the .conf file for that module is not " .
+ "enabled in /etc/apache2/mods-enabled/)\n")
+ if $missing;
+}
+if (defined $php) {
+ my @exts = qx{egrep ^extension= /etc/$php/apache2/php.ini /etc/$php/apache2/conf.d/* 2>/dev/null};
+ if (scalar @exts) {
+ chomp @exts;
+ @exts = grep { ! m{\.dpkg-(?:bak|dist):} } @exts;
+ @exts = sort grep { s{^.*:extension=(\S+)\.\S+}{$1} } @exts;
+ print $out "List of enabled $php extensions:\n";
+ print $out wrap(" ", " ", "@exts\n");
+ }
+}
+
--- apache2-2.2.16.orig/debian/README.source
+++ apache2-2.2.16/debian/README.source
@@ -0,0 +1,17 @@
+Debian-apache uses dpatch to make changes to the upstream source.
+
+To apply all of the patches run:
+./debian/rules patch
+
+To unapply all of the patches run:
+./debian/rules unpatch
+
+To add (or edit) a patch run:
+dpatch-edit-patch name_of_patch_goes_here
+#make your changes
+exit
+
+dpatch will make a new patch in debian/patches/ if one with that name doesn't already exist, otherwise it will change the existing one.
+To make it get used add it to debian/patches/00list .
+
+To make a patch not get used remove it from debian/patches/00list .
--- apache2-2.2.16.orig/debian/README.Debian
+++ apache2-2.2.16/debian/README.Debian
@@ -0,0 +1,372 @@
+Contents
+========
+
+ Apache2 Configuration under Debian GNU/Linux
+ Files and Directories in /etc/apache2
+ Tools
+
+ Using mod_disk_cache
+
+ SSL
+ Enabling SSL
+ Creating self-signed certificates
+ SSL workaround for MSIE
+
+ Suexec
+
+ Documentation
+
+ Upgrades
+
+ Common Problems
+
+
+Apache2 Configuration under Debian GNU/Linux
+============================================
+
+Debian's default Apache2 installation attempts to make adding and
+removing modules, virtual hosts, and extra configuration directives as
+flexible as possible, in order to make automating the changes and
+administering the server as easy as possible.
+
+Please be aware that this layout is quite different from the standard
+Apache configuration. Due to the use of environment variables, apache2
+needs to be started/stopped with /etc/init.d/apache2 or apache2ctl.
+Calling /usr/bin/apache2 directly will not work with the default
+configuration. To call apache2 with specific command line arguments,
+just call apache2ctl with the same arguments.
+
+Files and Directories in /etc/apache2:
+-------------------------------------
+
+apache2.conf
+
+ This is the main configuration file.
+
+envvars
+
+ This contains environment variables that may be used in the
+ configuration. Some settings, like user and pid file, need to
+ go in here so that other scripts can use them. It can also
+ be used to change some default settings used by apache2ctl.
+ Here is also the default LANG=C setting that can be changed
+ to a different language.
+
+conf.d/
+
+ Files in this directory are included by this line in
+ apache2.conf:
+
+ # Include generic snippets of statements
+ Include /etc/apache2/conf.d
+
+ This is a good place to add additional configuration
+ directives. Packages should not use configuration
+ files that start with 'local-' or end with '.local'.
+ The local administrator can use these filenames to make
+ sure that there are no conflicts with files provided by
+ packages.
+
+ If the local administrator is not comfortable with packages
+ activating their config files by default, it is possible
+ to change the 'Include /etc/apache2/conf.d/' in apache2.conf
+ into 'Include /etc/apache2/conf.d.enabled/' and create that
+ directory. He can then put symlinks to the files in conf.d
+ which he wants to enable into conf.d.enabled.
+
+httpd.conf
+
+ Empty file.
+
+magic
+
+ Empty file.
+
+mods-available/
+
+ This directory contains a series of .load and .conf files.
+ The .load files contain the Apache configuration directive
+ necessary to load the module in question. The respective
+ .conf files contain configuration directives necessary to
+ utilize the module in question.
+
+mods-enabled/
+
+ To actually enable a module for Apache2, it is necessary to
+ create a symlink in this directory to the .load (and .conf, if
+ it exists) files associated with the module in
+ mods-available/. For example:
+
+ cgi.load -> /etc/apache2/mods-available/cgi.load
+
+ports.conf
+
+ Configuration directives for which ports and IP addresses to
+ listen to.
+
+sites-available/
+
+ Like mods-available/, except it contains configuration
+ directives for different virtual hosts that might be used with
+ apache2. Note that the hostname doesn't have to correspond
+ exactly with the filename. 'default' is the default host.
+
+sites-enabled/
+
+ Similar in functionality to mods-enabled/, sites-enabled
+ contains symlinks to sites in sites-available/ that the
+ admnistrator wishes to enable.
+
+ Apache uses the first VirtualHost that matches the IP/Port
+ as default for named virtual hosts. Therefore the 'default'
+ site is linked to '000-default' so that it will be read first.
+
+ Example:
+ dedasys -> /etc/apache2/sites-available/dedasys
+
+The Include directive ignores files with names that
+
+- do not begin with a letter or number
+- contain a character that is neither letter nor number nor _-.
+- contain .dpkg
+
+Other files
+-----------
+
+For historical reasons, the pid file is in /var/run/apache2.pid and not in
+/var/run/apache2/apache2.pid.
+
+Tools
+-----
+
+a2enmod and a2dismod are available for enabling and disabling modules utilizing
+the above configuration system.
+
+a2ensite and a2dissite do essentially the same thing as the above tools, but
+for sites rather than modules.
+
+apxs2 -a/-A is modified to use a2enmod to activate newly installed modules.
+
+
+Using mod_disk_cache
+====================
+
+To ensure that the disk cache does not grow indefinitely, htcacheclean is
+started when mod_disk_cache is enabled. Both daemon and cron (daily) mode
+are supported. The configuration (run mode, cache size, ...) is in
+/etc/default/apache2 .
+
+Normally, htcacheclean is automatically started and stopped by
+/etc/init.d/apache2. However, if you change the state of mod_disk_cache or the
+configuration of htcacheclean while apache2 is running, you may need to
+manually start/stop htcacheclean with "/etc/init.d/apache2 start-htcacheclean"
+or "/etc/init.d/apache2 stop-htcacheclean".
+
+
+SSL
+===
+
+Enabling SSL
+------------
+
+To enable SSL, type (as user root):
+
+ a2ensite default-ssl
+ a2enmod ssl
+
+If you want to use self-signed certificates, you should install the ssl-cert
+package (see below). Otherwise, just adjust the SSLCertificateFile and
+SSLCertificateKeyFile directives in /etc/apache2/sites-available/default-ssl to
+point to your SSL certificate. Then restart apache:
+
+ /etc/init.d/apache2 restart
+
+The SSL key file should only be readable by root, the certificate file may be
+globally readable. These files are read by the Apache parent process which runs
+as root. Therefore it is not necessary to make the files readable by the
+www-data user.
+
+Creating self-signed certificates
+---------------------------------
+
+If you install the ssl-cert package, a self-signed certificate will be
+automatically created using the hostname currently configured on your computer.
+You can recreate that certificate (e.g. after you have changed /etc/hosts or
+DNS to give the correct hostname) as user root with:
+
+ make-ssl-cert generate-default-snakeoil --force-overwrite
+
+To create more certificates with different host names, you can use
+
+ make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /path/to/cert-file.crt
+
+This will ask you for the hostname and place both SSL key and certificate in
+the file /path/to/cert-file.crt . Use this file with the SSLCertificateFile
+directive in the Apache config (you don't need the SSLCertificateKeyFile in
+this case as it also contains the key). The file /path/to/cert-file.crt should
+only be readable by root. A good directory to use for the additional
+certificates/keys is /etc/ssl/private .
+
+SSL workaround for MSIE
+-----------------------
+
+The SSL workaround for MS Internet Explorer needs to be added to your SSL
+VirtualHost section (it was previously in ssl.conf but caused keepalive to be
+disabled even for non-SSL connections):
+
+ BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+ BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+The default SSL virtual host in /etc/apache2/sites-available/default-ssl
+already contains this workaround.
+
+
+Suexec
+======
+
+Debian ships two version of the suexec helper program required by mod_suexec.
+It is not installed by default, to avoid possible security issues. The package
+apache2-suexec contains the standard version that works only with document root
+/var/www, userdir suffix public_html, and Apache run user www-data. The package
+apache2-suexec-custom contains a customizable version, that can be configured
+with a config file to use different settings (like /srv/www as document root).
+For more information see the suexec(8) man page in the apache2-suexec-custom
+package.
+
+Since apache2-suexec-custom has received less testing and might be slightly
+slower, apache2-suexec is the recommended version unless you need the features
+from apache2-suexec-custom.
+
+
+Documentation
+=============
+
+The full Apache 2 documentation can be found on the web at
+
+http://httpd.apache.org/docs/2.2/
+
+or, if you have installed the apache2-doc package, in
+
+/usr/share/doc/apache2-doc/manual/
+
+or at
+
+http://localhost/manual/
+
+There is also a wiki that contains useful information:
+
+http://wiki.apache.org/httpd/
+
+Some hints about securing Apache 2 on Debian are available at
+
+http://wiki.debian.org/Apache/Hardening
+
+
+Upgrades
+========
+
+Changes in the Apache packages that require manual configuration adjustments
+are announced in NEWS.Debian. Installing the apt-listchanges package is
+recommended. It will display the relevant NEWS.Debian sections before
+upgrades.
+
+
+Multiple instances
+==================
+
+There is some support for running multiple instances of Apache2 on the same
+machine. See /usr/share/doc/apache2.2-common/README.multiple-instances for more
+information.
+
+
+Common Problems
+===============
+
+1) Error message "Could not determine the server's fully qualified domain name,
+using 127.0.0.1 for ServerName" during start
+
+This can usually be ignored but it means that Apache httpd was unable to obtain
+a fully-qualified hostname by doing a reverse lookup on your server's IP
+address. You may want to add the fully-qualified hostname to /etc/hosts .
+
+
+2) Error message "mod_rewrite: could not create rewrite_log_lock"
+
+This probably means that there are some stale SYSV semaphores around. This
+usually happens after apache2 has been killed with kill -9 (SIGKILL). You can
+clean up the semaphores with:
+
+ ipcs -s | grep www-data | awk ' { print $2 } ' | xargs ipcrm sem
+
+3) Message "NameVirtualHost *:80 has no VirtualHosts" in error log
+
+Probably the VirtualHost definitions have not been adjusted after the
+NameVirtualHost directive was changed in ports.conf.
+See /usr/share/doc/apache2.2-common/NEWS.Debian.gz
+
+4) Message "File does not exist: /etc/apache2/htdocs" in error log
+
+In most cases this means that no matching VirtualHost definition could be
+found for an incoming request. Check that the target IP address/port and the
+name in the Host: header of the request actually match one of the virtual
+hosts.
+
+5) Message "Couldn't create pollset in child; check user or system limits" in
+ error log
+
+On Linux kernels since 2.6.27.8, the value in
+
+ /proc/sys/fs/epoll/max_user_instances
+
+needs to be larger than
+
+ for prefork/itk MPM: 2 * MaxClients
+ for worker/event MPM: MaxClients + MaxClients/ThreadsPerChild
+
+It can be set on boot by adding a line like
+
+ fs.epoll.max_user_instances=1024
+
+to /etc/sysctl.conf.
+
+There are several other error messages related to creating a pollset that can
+appear for the same reason.
+
+On the other hand, errors about to adding to a pollset are related to the
+setting fs.epoll.max_user_watches. On most systems, max_user_watches should be
+high enough by default.
+
+6) Message "Server should be SSL-aware but has no certificate configured" in
+ error log
+
+Since 2.2.12, Apache is stricter about certain misconfigurations concerning
+name based SSL virtual hosts. See NEWS.Debian.gz for more details.
+
+7) Apache does not pass Authorization header to CGI scripts
+
+This is intentional to avoid security holes. If you really want to change it,
+you can use mod_rewrite:
+
+ RewriteCond %{HTTP:Authorization} (.*)
+ RewriteRule . - [env=HTTP_AUTHORIZATION:%1]
+
+8) mod_dav is behaving strangely
+
+In general, if you use mod_dav_fs, you need to disable multiviews and script
+execution for that directory. For example:
+
+
+ Dav on
+ Options -MultiViews -ExecCGI
+ SetHandler none
+
+ php_admin_value engine Off
+
+
+
+9) Message "apache2: bad user name ${APACHE_RUN_USER}" when starting apache2
+ directly
+
+Use apache2ctl (it accepts all options of apache2).
--- apache2-2.2.16.orig/debian/apache2.2-bin.install
+++ apache2-2.2.16/debian/apache2.2-bin.install
@@ -0,0 +1,2 @@
+usr/lib/apache2/modules
+usr/sbin/httxt2dbm
--- apache2-2.2.16.orig/debian/suexec-custom.config
+++ apache2-2.2.16/debian/suexec-custom.config
@@ -0,0 +1,5 @@
+/var/www
+public_html/cgi-bin
+# The first two lines contain the suexec document root and the suexec userdir
+# suffix. Both features can be disabled separately by prepending a # character.
+# This config file is only used by the apache2-suexec-custom package.
--- apache2-2.2.16.orig/debian/apache2.2-common.manpages
+++ apache2-2.2.16/debian/apache2.2-common.manpages
@@ -0,0 +1,7 @@
+debian/a2enmod.8
+debian/a2dismod.8
+debian/apache2.8
+debian/apachectl.8
+debian/apache2ctl.8
+debian/a2ensite.8
+debian/a2dissite.8
--- apache2-2.2.16.orig/debian/apache2-threaded-dev.install
+++ apache2-2.2.16/debian/apache2-threaded-dev.install
@@ -0,0 +1 @@
+usr/share/man/man8/apxs2.8
--- apache2-2.2.16.orig/debian/mpms.prerm
+++ apache2-2.2.16/debian/mpms.prerm
@@ -0,0 +1,27 @@
+#!/bin/sh -e
+
+# Apache2 prerm
+# Thom May
+
+case "$1" in
+ upgrade|remove)
+ if [ -x "/etc/init.d/apache2" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ invoke-rc.d apache2 stop || true
+ else
+ /etc/init.d/apache2 stop || true
+ fi
+ fi
+ sleep 2
+ ;;
+ deconfigure|failed-upgrade)
+ ;;
+ *)
+ echo "prerm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- apache2-2.2.16.orig/debian/a2ensite.8
+++ apache2-2.2.16/debian/a2ensite.8
@@ -0,0 +1,70 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH A2ENSITE 8 "8 June 2007"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+a2ensite, a2dissite \- enable or disable an apache2 site / virtual host
+.SH SYNOPSIS
+.B a2ensite
+.RI [ site ]
+.PP
+.B a2dissite
+.RI [ site ]
+.SH DESCRIPTION
+This manual page documents briefly the
+.B a2ensite
+and
+.B a2dissite
+commands.
+.PP
+.B a2ensite
+is a script that enables the specified site (which contains a block) within the
+.B apache2
+configuration. It does this by creating symlinks within
+.BR /etc/apache2/sites-enabled .
+Likewise,
+.B a2dissite
+disables a site by removing those symlinks. It is not an error to
+enable a site which is already enabled, or to disable one which is
+already disabled.
+.PP
+The
+.B default
+site is handled specially: The resulting symlink will be called
+.B 000-default
+in order to be loaded first.
+.SH EXAMPLES
+.RS
+.B "a2dissite default"
+.RE
+.PP
+Disables the
+.B default
+site.
+.SH FILES
+.TP
+.B /etc/apache2/sites-available
+Directory with files giving information on available sites.
+.TP
+.B /etc/apache2/sites-enabled
+Directory with links to the files in
+.B sites-available
+for enabled sites.
+.SH "SEE ALSO"
+.BR apache2ctl (8).
+.SH AUTHOR
+This manual page was written by Stefan Fritsch (based on the a2enmod manual
+page by Daniel Stone ) for the Debian GNU/Linux distribution.
--- apache2-2.2.16.orig/debian/changelog
+++ apache2-2.2.16/debian/changelog
@@ -0,0 +1,2865 @@
+apache2 (2.2.16-1ubuntu3.3) maverick-security; urgency=low
+
+ * SECURITY UPDATE: Range header DoS vulnerability
+ - debian/patches/084_CVE-2011-3192.dpatch: filter out large
+ byte ranges and improve memory efficiency in handling buckets.
+ (thanks to Debian and upstream)
+ - CVE-2011-3192
+ * Include fix for regressions introduced by above patch:
+ - debian/patches/085_CVE-2011-3192_regression.dpatch: return 206
+ and 416 response codes where appropriate (see deban bug 639825)
+
+ -- Steve Beattie Thu, 01 Sep 2011 01:51:58 -0700
+
+apache2 (2.2.16-1ubuntu3.1) maverick-security; urgency=low
+
+ * SECURITY UPDATE: denial of service via memory leak in mod_reqtimeout.
+ - debian/patches/204_CVE-2010-1623.dpatch: merge by small buckets to
+ prevent high memory usage in modules/filters/mod_reqtimeout.c.
+ - CVE-2010-1623
+
+ -- Marc Deslauriers Thu, 18 Nov 2010 12:59:47 -0500
+
+apache2 (2.2.16-1ubuntu3) maverick; urgency=low
+
+ * Revert "stty sane" to unbreak apache starting, this will have to be
+ fixed a different way. (LP: #626723)
+
+ -- Chuck Short Wed, 08 Sep 2010 08:33:17 -0400
+
+apache2 (2.2.16-1ubuntu2) maverick; urgency=low
+
+ * debian/apache2.2-common.apache2.init: Add stty sane so that users will get a
+ password prompt when using apache-ssl. (LP: #582963)
+
+ -- Chuck Short Wed, 25 Aug 2010 09:25:05 -0400
+
+apache2 (2.2.16-1ubuntu1) maverick; urgency=low
+
+ * Merge from debian unstable. Remaining changes:
+ - debian/{control, rules}: Enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
+ - debian/control: Add bzr tag and point it to our tree.
+ - debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
+
+ -- Chuck Short Mon, 26 Jul 2010 20:21:37 +0100
+
+apache2 (2.2.16-1) unstable; urgency=medium
+
+ * Urgency medium for security fix.
+ * New upstream release:
+ - CVE-2010-1452: mod_dav, mod_cache: Fix denial of service vulnerability
+ due to incorrect handling of requests without a path segment.
+ - mod_dir: add FallbackResource directive, to enable admin to specify
+ an action to happen when a URL maps to no file, without resorting
+ to ErrorDocument or mod_rewrite
+ * Fix mod_ssl header line corruption because of using memcpy for overlapping
+ buffers. PR 45444. LP: #609290, #589611, #595116
+
+ -- Stefan Fritsch Sat, 24 Jul 2010 22:18:43 +0200
+
+apache2 (2.2.15-6) unstable; urgency=low
+
+ * Fix init script not correctly killing htcacheclean. Closes: #580971
+ * Add a separate entry in README.Debian about the need to use apache2ctl
+ for starting instead of calling apache2 directly. Closes: #580445
+ * Fix debug info to allow gdb loading it automatically. Closes: #581514
+ * Fix install target in Makefile created by apxs2 -n. Closes: #588787
+ * Fix ab sending more requests than specified by the -n parameter.
+ Closes: #541158
+ * Add apache2 monit configuration to apache2.2-commons examples dir.
+ Closes: #583127
+ * Build as PIE, since gdb in squeeze now supports it.
+ * Update the postrm script to also purge the version of /var/www/index.html
+ introduced in 2.2.11-7.
+ * Bump Standards-Version (no changes).
+
+ -- Stefan Fritsch Fri, 16 Jul 2010 23:41:08 +0200
+
+apache2 (2.2.15-5ubuntu1) maverick; urgency=low
+
+ * Merge from debian unstable. Remaining changes:
+ - debian/{control, rules}: Enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
+ - debian/control: Add bzr tag and point it to our tree.
+ - debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381)
+ + Dropped:
+ - debian/patches/206-fix-potential-memory-leaks.dpatch: No longer needed.
+ - debian/patches/206-report-max-client-mpm-worker.dpatch: No longer needed.
+ - debian/config-dir/apache2.conf: Merged back from debian.
+ - mod-reqtimeout functionality: Merge back from debian.
+ - debian/patches/204_CVE-2010-0408.dpatch: No longer needed.
+ - debian/patches/205_CVE-2010-0434.dpatch: No longer needed.
+ - debian/patches/203_fix-ab-segfault.dpatch: No longer needed.
+
+ -- Chuck Short Wed, 05 May 2010 01:28:04 +0100
+
+apache2 (2.2.15-5) unstable; urgency=low
+
+ * Conflict with apache package as we now include apachectl. Closes: #579065
+ * Remove conflicts with old apache 2.0 modules. The conflicts are not
+ necessary anymore as skipping a stable release is not supported anyway.
+ * Silence the grep in preinst.
+
+ -- Stefan Fritsch Sun, 25 Apr 2010 10:46:09 +0200
+
+apache2 (2.2.15-4) unstable; urgency=low
+
+ * Move definition of other_vhosts_access.log to new config file
+ /etc/apache2/conf.d/other-vhosts-access-log, but disable it
+ if it has been disabled by the admin. Closes: #576572. LP: #507616
+ * Comment out the contents of mods-available/proxy.conf, as it just
+ is a nuisance for use of apache2 as a reverse proxy, which is much
+ more common than the use as forward proxy. Extend the comments
+ in the file.
+ * Change defaults or add example configs for some modules:
+ status.conf:
+ - enable ExtendedStatus by default
+ - enable ProxyStatus by default
+ - document SeeRequestTail directive
+ proxy_ftp.conf:
+ - set 'ProxyFtpDirCharset UTF-8' by default
+ ldap.conf:
+ - enable /ldap-status page, allow it from localhost by default
+ proxy_balancer.conf:
+ - add (disabled) example for /balancer-manager page
+ ssl.conf:
+ - document SSLStrictSNIVHostCheck directive
+ * Add symlink from apachectl to apache2ctl to be more compatible with
+ upstream. Apache httpd 1.3 hasn't been in Debian for some time.
+ * Simplify logrotate script. Closes: #576105
+ * Remove empty directory /usr/lib/debug/usr/sbin in mpm packages.
+ Closes: #576089
+ * Fix apxs2 to work with perl 5.12rc3. Closes: #577239
+ * Add source/format file to make lintian happy.
+
+ -- Stefan Fritsch Tue, 20 Apr 2010 23:11:09 +0200
+
+apache2 (2.2.15-3) unstable; urgency=low
+
+ * mod_reqtimeout: backport bugfixes from upstream trunk up to r928881,
+ including a fix for mod_proxy CONNECT requests.
+ * mod_dav_fs: Use correct permissions when creating new files. LP: #540747
+
+ -- Stefan Fritsch Mon, 29 Mar 2010 22:16:24 +0200
+
+apache2 (2.2.15-2) unstable; urgency=low
+
+ * Make the Files ~ "^\.ht" block in apache2.conf more secure by adding
+ Satisfy all. Closes: #572075
+ * mod_reqtimeout: Various bug fixes, including:
+ - Don't mess up timeouts of mod_proxy's backend connections.
+ Closes: #573163
+
+ -- Stefan Fritsch Wed, 10 Mar 2010 21:06:06 +0100
+
+apache2 (2.2.15-1) unstable; urgency=low
+
+ * New upstream version:
+ - CVE-2010-0408: mod_proxy_ajp: Fixes denial of service vulnerability
+ - CVE-2009-3555: mod_ssl: Improve the mitigation against SSL/TLS protocol
+ prefix injection attack.
+ - CVE-2010-0434: mod_headers: Fix potential information leak with threaded
+ MPMs.
+ - mod_reqtimeout: New module limiting the time waiting for receiving
+ a request from the client. This is a (partial) mitigation against
+ slowloris-type resource exhaustion attacks. The module is enabled by
+ default. Closes: #533661
+ - mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure
+ renegotiation with clients which do not yet support the secure
+ renegotiation protocol. As this requires openssl 0.9.8m, bump
+ build dependency accordingly.
+ * Fix bash completion for a2ensite if the site name contains 'conf' or
+ 'load'. Closes: #572232
+ * Do a configcheck in the init script before doing a non-graceful restart.
+ Closes: #571461
+
+ -- Stefan Fritsch Sun, 07 Mar 2010 23:22:56 +0100
+
+apache2 (2.2.14-7) unstable; urgency=low
+
+ * Fix potential memory leaks related to the usage of apr_brigade_destroy().
+ * Add hints about correct mod_dav_fs configuration to README.Debian.
+ Closes: #257945
+ * Fix error in Polish translation of 404 error page. Closes: #570228
+ * Document ThreadLimit in apache2.conf's comments.
+
+ -- Stefan Fritsch Sat, 20 Feb 2010 12:38:30 +0100
+
+apache2 (2.2.14-6) unstable; urgency=low
+
+ * Use environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR, and
+ APACHE_LOG_DIR in the default configuration. If you have modified
+ /etc/apache2/envvars, make sure that these variables are set and exported.
+ * Add support for multiple apache2 instances to initscript and apache2ctl.
+ See /usr/share/doc/apache2.2-common/README.multiple-instances for details.
+ Closes: #353450
+ * Set default compiled-in ServerRoot to /etc/apache2 and make paths in
+ apache2.conf relative to ServerRoot.
+ * Move ab and logresolve from /usr/sbin to /usr/bin. Closes: #351450, #564061
+ * Fix symlinks in apache2-dbg package. Closes: #567076
+ * Fix mod_cache CacheIgnoreURLSessionIdentifiers handling. Closes: #556383
+ * Add new init script action graceful-stop (LP: #456381)
+ * Add more languages to mime.conf. To limit this to useful entries, we only
+ add those for which a translation of the Debian intaller exists. LP: #217964
+ * Unset $HOME in /etc/apache2/envvars.
+ * Change default config of mod_info and mod_status to use IP addresses
+ instead of hostnames. Otherwise the hostname is sometimes logged even with
+ 'HostnameLookup Off'. Closes: #568409
+ * Add a hook to apache2.2-common's postrm script that may come in handy
+ when upgrading to 2.4.
+ * Make bug script also display php extensions.
+ * Bump Standards-Version (no changes).
+ * Remove Adam Conrad from Uploaders. Thanks for your work in the past.
+
+ -- Stefan Fritsch Sun, 07 Feb 2010 17:29:45 +0100
+
+apache2 (2.2.14-5ubuntu8) lucid; urgency=low
+
+ * debian/patches/210-backport-mod-reqtimeout-ftbfs.dpatch: Add missing mod_reqtime.so
+ (LP: #562370)
+
+ -- Chuck Short Tue, 13 Apr 2010 15:09:57 -0400
+
+apache2 (2.2.14-5ubuntu7) lucid; urgency=low
+
+ * debian/patches/206-fix-potential-memory-leaks.dpatch: Fix potential memory
+ leaks by making sure to not destroy bucket brigades that have been created
+ by earlier filters. Backported from 2.2.15.
+ * debian/patches/206-report-max-client-mpm-worker.dpatch: Don't report server
+ has reached MaxClients until it has. Backported from 2.2.15
+ * debian/config-dir/apache2.conf: Make the Files ~ "^\.ht" block in apache2.conf
+ more secure by adding Satisfy all. (Debian bug: #572075)
+ * debian/rules, debian/patches/209-backport-mod-reqtimeout.dpatch,
+ debian/config2-dir/mods-available/reqtimeout.load,
+ debian/config2-dir/mods-available/reqtimeout.conf debian/NEWS : Backport the
+ mod-reqtimeout module from 2.2.15, this will mitigate apache slowloris
+ bug in apache. Enable it by default. (LP: #392759)
+
+ -- Chuck Short Mon, 05 Apr 2010 09:53:35 -0400
+
+apache2 (2.2.14-5ubuntu6) lucid; urgency=low
+
+ * debian/apache2.2-common.apache2.init: Fix thinko. (LP: #551681)
+
+ -- Chuck Short Tue, 30 Mar 2010 09:41:11 -0400
+
+apache2 (2.2.14-5ubuntu5) lucid; urgency=low
+
+ * Revert 99-fix-mod-dav-permissions.dpatch
+
+ -- Chuck Short Tue, 30 Mar 2010 07:55:46 -0400
+
+apache2 (2.2.14-5ubuntu4) lucid; urgency=low
+
+ * debian/patches/99-fix-mod-dav-permissions.dpatch: Fix permisisons when
+ downloading files from webdav (LP: #540747)
+ * debian/apache2.2-common.apache2.init: Add graceful restart (LP: #456381)
+
+ -- Chuck Short Mon, 29 Mar 2010 13:37:39 -0400
+
+apache2 (2.2.14-5ubuntu3) lucid; urgency=low
+
+ * SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
+ - debian/patches/204_CVE-2010-0408.dpatch: return the right error code
+ in modules/proxy/mod_proxy_ajp.c.
+ - CVE-2010-0408
+ * SECURITY UPDATE: information disclosure via improper handling of
+ headers in subrequests
+ - debian/patches/205_CVE-2010-0434.dpatch: use a copy of r->headers_in
+ in server/protocol.c.
+ - CVE-2010-0434
+
+ -- Marc Deslauriers Wed, 10 Mar 2010 14:48:48 -0500
+
+apache2 (2.2.14-5ubuntu2) lucid; urgency=low
+
+ * debian/patches/203_fix-ab-segfault.dpatch: Fix segfaulting ab when using really
+ wacky options. (LP: #450501)
+
+ -- Chuck Short Mon, 08 Mar 2010 14:53:17 -0500
+
+apache2 (2.2.14-5ubuntu1) lucid; urgency=low
+
+ * Merge from debian testing. Remaining changes: LP: #506862
+ - debian/{control, rules}: Enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
+ - debian/control: Add bzr tag and point it to our tree.
+
+ -- Bhavani Shankar Wed, 13 Jan 2010 14:28:41 +0530
+
+apache2 (2.2.14-5) unstable; urgency=low
+
+ * Security: Further mitigation for the TLS renegotation attack
+ (CVE-2009-3555): Disable keep-alive if parts of the next request have
+ already been received when doing a renegotiation. This defends against
+ some request splicing attacks.
+ * Print a useful error message if 'apache2ctl status' fails. Add a comment
+ to /etc/apache2/envvars on how to change the options for www-browser.
+ Closes: #561496, #272069
+ * Improve function to detect apache2 pid in init-script (closes: #562583).
+ * Add hint README.Debian on how to pass auth info to CGI scripts.
+ Closes: #483219
+ * Re-introduce objcopy magic to avoid dangling symlinks to the debug info
+ in the mpm packages. Closes: #563278
+ * Make apxs2 use a2enmod and /etc/apache2/mods-available. Closes: #470178,
+ LP: #500703
+ * Point to README.backtrace in apache2-dbg's description.
+ * Use more debhelper functions to simplify debian/rules.
+ * Add misc-depends to various packages to make lintian happy.
+ * Change build-dep from libcap2-dev to libcap-dev because of package rename.
+
+ -- Stefan Fritsch Sat, 02 Jan 2010 22:44:15 +0100
+
+apache2 (2.2.14-4ubuntu1) lucid; urgency=low
+
+ * Resynchronzie with Debian, remaining changes are:
+ - debian/{control, rules}: Enable PIE hardening.
+ - debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
+ - debian/control: Add bzr tag and point it to our tree.
+
+ -- Chuck Short Wed, 23 Dec 2009 14:44:51 -0500
+
+apache2 (2.2.14-4) unstable; urgency=low
+
+ * Disable localized error pages again by default because they break
+ configurations with " SetHandler ...". A workaround is
+ described in the comments in /etc/apache2/conf.d/localized-error-pages
+ (closes: #543333).
+ * mod_rewrite: Fix URLs in redirects with literal IPv6 hosts
+ (closes: #557015).
+ * Automatically listen on port 443 if mod_gnutls is loaded (closes: #558234).
+ * Add man page for split-logfile.
+ * Link with -lcrypt where necessary to fix a FTBFS with binutils-gold
+ (closes: #553946).
+
+ -- Stefan Fritsch Sun, 13 Dec 2009 20:05:37 +0100
+
+apache2 (2.2.14-3) unstable; urgency=low
+
+ * Backport various mod_dav/mod_dav_fs fixes from upstream trunk svn. This
+ includes:
+ - Make PUT replace files atomically (closes: #525137).
+ - Make MOVE not delete the destination if the source file disappeared in
+ the meantime (closes: #273476).
+ NOTE: The format of the DavLockDB has changed. The default DavLockDB will
+ be deleted on upgrade. Non-default DavLockDBs should be deleted manually.
+ * Fix output of "/etc/init.d/apache2 status" (closes: #555687).
+ * Update the comment about SNI in ports.conf (closes: #556932).
+ * Set redirect-carefully for Konqueror/4.
+
+ -- Stefan Fritsch Sat, 21 Nov 2009 10:20:54 +0100
+
+apache2 (2.2.14-2) unstable; urgency=medium
+
+ * Security:
+ Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
+ for the TLS renegotiation prefix injection attack (CVE-2009-3555).
+ Any configuration which requires renegotiation for per-directory/location
+ access control is still vulnerable.
+ * Allow RemoveType to override the types from /etc/mime.types. This allows
+ to use .es and .tr for Spanish and Turkish files in mod_negotiation.
+ Closes: #496080
+ * Fix 'CacheEnable disk http://'. Closes: #442266
+ * Fix missing dependency by changing killall to pkill in the init script.
+ LP: #460692
+ * Add X-Interactive header to init script as it may ask for the ssl key
+ passphrase. Closes: #554824
+ * Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
+ * Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
+
+ -- Stefan Fritsch Sat, 07 Nov 2009 14:37:37 +0100
+
+apache2 (2.2.14-1ubuntu1) lucid; urgency=low
+
+ * Merge from debian testing, remaining changes:
+ - debian/{control, rules}: Enable PIE hardening.
+ - debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
+ - debian/conrol: Add bzr tag and point it to our tree.
+ - Dropped debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch:
+ Already applied upstream.
+
+ -- Chuck Short Fri, 06 Nov 2009 00:29:03 +0000
+
+apache2 (2.2.14-1) unstable; urgency=low
+
+ * New upstream version:
+ - new module mod_proxy_scgi
+ * Disable hardening option -pie again, as gdb in Debian does not support
+ it properly and it is broken on mips*.
+
+ -- Stefan Fritsch Tue, 29 Sep 2009 20:55:05 +0200
+
+apache2 (2.2.13-2) unstable; urgency=high
+
+ * mod_proxy_ftp security fixes (closes: #545951):
+ - DoS by malicious ftp server (CVE-2009-3094)
+ - missing input sanitization: a user could execute arbitrary ftp commands
+ on the backend ftp server (CVE-2009-3095)
+ * Add entries to NEWS.Debian and README.Debian about Apache being stricter
+ about certain misconfigurations involving name based SSL virtual hosts.
+ Also make Apache print the location of the misconfigured VirtualHost when
+ it complains about a missing SSLCertificateFile statement. Closes: #541607
+ * Add Build-Conflicts: autoconf2.13 (closes: #541536).
+ * Adjust priority of apache2-mpm-itk to extra.
+ * Switch apache2.2-common and the four mpm packages from architecture all to
+ any. This is stupid but makes apache2 binNMUable again (closes: #544509).
+ * Bump Standards-Version (no changes).
+
+ -- Stefan Fritsch Wed, 16 Sep 2009 20:55:02 +0200
+
+apache2 (2.2.13-1) unstable; urgency=low
+
+ * New upstream release:
+ - Fixes segfault with mod_deflate and mod_php (closes: #542623).
+
+ -- Stefan Fritsch Mon, 31 Aug 2009 20:28:56 +0200
+
+apache2 (2.2.12-1ubuntu2) karmic; urgency=low
+
+ * debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch:
+ - Fix potential segfaults with the use of the legacy ap_rputs() etc
+ interfaces, in cases where an output filter fails. This happens
+ frequently after CVE-2009-1891 got fixed. (LP: #409987)
+
+ -- Marc Deslauriers Mon, 17 Aug 2009 15:38:47 -0400
+
+apache2 (2.2.12-1ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+ - Dropped debian/patches/203_fix-ssl-timeftm-ignored.dpatch.
+
+ -- Chuck Short Tue, 04 Aug 2009 20:04:24 +0100
+
+apache2 (2.2.12-1) unstable; urgency=low
+
+ * New upstream release:
+ - Adds support for TLS Server Name Indication (closes: #461917 LP: #184131).
+ (The Debian default configuration will be changed to use SNI in a later
+ version.)
+ - Fixes timefmt config in SSI (closes: #363964).
+ - mod_ssl: Adds SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
+ to enable stricter checking of remote server certificates.
+ * Make mod_deflate not compress the content for HEAD requests. This is a
+ similar issue as CVE-2009-1891.
+ * Enable hardening compile options.
+ * Switch default LogFormat from %b (size of file sent) to %O (bytes actually
+ sent) (closes: #272476 LP: #255124)
+ * Add the default LANG=C to /etc/apache2/envvars and document it in
+ README.Debian (closes: #511878).
+ * Enable localized error pages by default if the necessary modules are
+ loaded. Move the config for it from apache2.conf to
+ /etc/apache2/conf.d/localized-error-pages (closes: #467004). Clarify the
+ required order of the aliases in the comment (closes: #196795).
+ * Change default for ServerTokens to 'OS', to not announce the exact module
+ versions to the world (LP: #205996)
+ * Make a2ensite and friends ignore the same filenames as apache does for
+ included config files, even if LANG is not C.
+ * Merge source packages apache2 and apache2-mpm-itk (current itk version is
+ 2.2.11-02). This removes the binNMU mess necessary for every apache2 upload
+ (closes: #500885, #512084). Add Steinar to Uploaders. Remove apache2-src
+ package, which is no longer necessary.
+ * Ship our own version of the magic config file (taken from file 4.17-5etch3)
+ which is still compatible with mod_mime_magic (closes: #483111).
+ * Add ThreadLimit to the default config and put ThreadsPerChild and
+ MaxClients into the correct order so that Apache does not complain
+ (closes: #495656).
+ Also add a configuration block for the event MPM in apache2.conf.
+ * Fix HTTP PUT with mod_dav failing to detect an aborted connection
+ (closes: #451563).
+ * Change references to httpd.conf in apache2-doc to apache2.conf
+ (closes: #465393).
+ * Clarify the recommended permissions for SSL certificates in README.Debian
+ (closes: #512778).
+ * Document in README.Debian how to name files in conf.d to avoid conflicts
+ with packages (closes: #493252)
+ * Remove 2.0 -> 2.2 upgrade logic from maintainer scripts.
+ * Remove other_vhosts_access.log on package purge.
+
+ -- Stefan Fritsch Tue, 04 Aug 2009 11:02:34 +0200
+
+apache2 (2.2.11-7ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes: LP: #398130
+ - debian/patches/203_fix-ssl-timeftm-ignored.dpatch:
+ Fix timefmt is ignored when XBitHack is on. (LP: #258914)
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Bhavani Shankar Sat, 11 Jul 2009 16:34:32 +0530
+
+apache2 (2.2.11-7) unstable; urgency=low
+
+ * Security fixes:
+ - CVE-2009-1890: denial of service in mod_proxy
+ - CVE-2009-1891: denial of service in mod_deflate (closes: #534712)
+ * Add symlinks for the debug info to the mpm packages.
+ * Be slightly more informative in the default index.html without pointing
+ to Apache or Debian (LP: #89364)
+ * Remove dependency on net-tools, which is no longer necessary
+ (closes: #535849)
+ * Bump Standards-Version (no changes)
+
+ -- Stefan Fritsch Fri, 10 Jul 2009 22:42:57 +0200
+
+apache2 (2.2.11-6ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/patches/203_fix-ssl-timeftm-ignored.dpatch:
+ Fix timefmt is ignored when XBitHack is on. (LP: #258914)
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Chuck Short Tue, 09 Jun 2009 01:01:23 +0100
+
+apache2 (2.2.11-6) unstable; urgency=high
+
+ * CVE-2009-1195: mod_include allowed to bypass IncludesNoExec for Server
+ Side Includes (closes: #530834).
+ * Fix postinst scripts (closes: #532278).
+
+ -- Stefan Fritsch Mon, 08 Jun 2009 19:22:58 +0200
+
+apache2 (2.2.11-5ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
+ Fix timefmt is ignored when XBitHack is on. (LP: #258914)
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Andrew Mitchell Wed, 03 Jun 2009 14:10:54 +1200
+
+apache2 (2.2.11-5) unstable; urgency=low
+
+ * Move all binaries into a new package apache2.2-bin and make
+ apache2.2-common depend on it. This allows to
+ - run apache as user process only, e.g. with gnome-user-share.
+ Closes: #468690
+ - run multiple instances of apache with different MPMs. This configuration
+ is not supported in any way, though. Closes: #517572
+ * Switch to debhelper compatibility level 7 and remove some code duplication
+ in debian/rules.
+ * Override some Lintian warnings about old autotools helper files and being
+ not binNMUable (apache2 is not binNMUable anyway, because of the
+ apache2 <-> apache2-mpm-itk dependency).
+
+ -- Stefan Fritsch Fri, 22 May 2009 19:30:20 +0200
+
+apache2 (2.2.11-4) unstable; urgency=low
+
+ [ Stefan Fritsch ]
+ * Disable TRACE method by default (closes: #492130).
+ * Compress some more mime types with mod_deflate by default. This may cause
+ problems with MSIE 6, but that browser should now be considered obsolete.
+ Closes: #397526, #521209
+ * Various backports from upstream svn branches/2.2.x:
+ - CVE-2009-1191: mod_proxy_ajp: Avoid delivering content from a previous
+ request which failed to send a request body
+ - Fix FollowSymlinks / SymlinksIfOwnerMatch ignored with
+ server-side-includes PR 45959 (closes: #524474)
+ - Fix mod_rewrite "B" flag breakage PR 45529 (closes: #524268)
+ - Fix mod_deflate etag handling PR 45023 (LP: #358314)
+ - Fix mod_ldap segfault if LDAP initialization failed PR 45994
+ * Allow apache2-mpm-itk as alternate dependency in apache2 meta package
+ (closes: #527225).
+ * Fix some misuse of command substitution in the init script. Thanks to
+ Jari Aalto for the patch. (Closes: #523398)
+ * Extend the gnome-vfs DAV workaround to gvfs (closes: #522845).
+ * Add more info to check_forensic man page (closes: #528424).
+ * Make "apache2ctl help" point to help on apache2 args (closes: #528425).
+ * Lintian warnings:
+ - fix spelling error in apache2-utils description
+ - tweak debian/copyright to make lintian not complain about pointers to GPL
+ - bump standards-version (no changes)
+
+ [ Peter Samuelson ]
+ * Adjust sections to match recent ftpmaster overrides.
+
+ -- Stefan Fritsch Tue, 19 May 2009 22:55:27 +0200
+
+apache2 (2.2.11-3ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
+ Fix timefmt is ignored when XBitHack is on. (LP: #258914)
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Andrew Mitchell Tue, 12 May 2009 16:15:34 +1200
+
+apache2 (2.2.11-3) unstable; urgency=low
+
+ * Rebuild against apr-util 1.3, to fix undefined symbol errors in mod_ldap
+ (see #521899). This also creates the dependencies on the new external
+ libaprutil1-dbd-* and libaprutil1-ldap packages.
+
+ -- Stefan Fritsch Tue, 31 Mar 2009 21:07:26 +0200
+
+apache2 (2.2.11-2ubuntu2) jaunty; urgency=low
+
+ * debian/patches/203_fix-ssi-timeftm-ignored.dpatch:
+ Fix timefmt is ignored when XBitHack is on. (LP: #258914)
+
+ -- Chuck Short Wed, 01 Apr 2009 11:39:17 -0400
+
+apache2 (2.2.11-2ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/{contro,rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Chuck Short Sat, 17 Jan 2009 00:02:55 +0000
+
+apache2 (2.2.11-2) unstable; urgency=low
+
+ * Report an error instead instead of segfaulting when apr_pollset_create
+ fails (PR 46467). On Linux kernels since 2.6.27.8, the value in
+ /proc/sys/fs/epoll/max_user_instances needs to be larger than twice the
+ value of MaxClients in the Apache configuration. Closes: #511103
+
+ -- Stefan Fritsch Fri, 16 Jan 2009 19:01:59 +0100
+
+apache2 (2.2.11-1ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/{control, rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Chuck Short Mon, 15 Dec 2008 00:06:50 +0000
+
+apache2 (2.2.11-1) unstable; urgency=low
+
+ [Thom May]
+ * New Upstream Version (Closes: #508186, LP: #307397)
+ - Contains rewritten shmcb code which should fix alignment problems on
+ alpha (Closes: #419720).
+ - Notable new features: chroot support, mod_proxy improvements.
+
+ [Ryan Niebur]
+ * fix segfault in ab when being verbose on ssl sites (Closes: #495982)
+ * remove trailing slash for DocumentRoot (Closes: #495110)
+
+ -- Stefan Fritsch Sun, 14 Dec 2008 09:34:24 +0100
+
+apache2 (2.2.9-11ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes: (LP: #303375)
+ - debian/{control, rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Bhavani Shankar Sat, 29 Nov 2008 14:02:31 +0530
+
+apache2 (2.2.9-11) unstable; urgency=low
+
+ * Regression fix from upstream svn for mod_proxy:
+ Prevent segmentation faults by correctly adjusting the lifetime of the
+ buckets read from the proxy backend. PR 45792
+ * Fix from upstream svn for mpm_worker:
+ Crosscheck that idle workers are still available before using them and
+ thus preventing an overflow of the worker queue which causes a SegFault.
+ PR 45605
+ * Add a comment to ports.conf to point to NEWS.Debian.gz in case of
+ upgrading problems.
+
+ -- Stefan Fritsch Wed, 26 Nov 2008 23:10:22 +0100
+
+apache2 (2.2.9-10ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/{control, rules}: enable PIE hardening.
+ - debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Chuck Short Wed, 05 Nov 2008 02:23:18 -0400
+
+apache2 (2.2.9-10) unstable; urgency=low
+
+ * Regression fix from upstream svn for mod_proxy_http:
+ Don't trigger a retry by the client if a failure to read the response line
+ was the result of a timeout.
+
+ -- Stefan Fritsch Wed, 01 Oct 2008 11:50:18 +0200
+
+apache2 (2.2.9-9) unstable; urgency=medium
+
+ * Revert the attempted fix for #496080 because it did not work due to
+ upstream PR 38330. Instead, document the problem and possible workarounds
+ in README.Debian.
+
+ -- Stefan Fritsch Fri, 12 Sep 2008 11:39:15 +0200
+
+apache2 (2.2.9-8) unstable; urgency=low
+
+ * Fix Spanish language support which was broken by .es being added to
+ /etc/mime.types for application/ecmascript. (Closes: #496080)
+ * Correct description of ServerTokens in /etc/apache2/conf.d/security.
+ (Closes: #497362)
+ * Clarify how to use apache2ctl to pass arbitrary arguments to
+ apache2. (LP: #259363)
+ * Add hints to README.Debian about the messages
+ "NameVirtualHost *:80 has no VirtualHosts" and
+ "File does not exist: /htdocs".
+
+ -- Stefan Fritsch Thu, 11 Sep 2008 09:17:33 +0200
+
+apache2 (2.2.9-7ubuntu3) intrepid; urgency=low
+
+ * Revert logrotate change since it will break it for everyone.
+
+ -- Chuck Short Fri, 19 Sep 2008 09:32:01 -0400
+
+apache2 (2.2.9-7ubuntu2) intrepid; urgency=low
+
+ * debian/logrotate: Restart rather than reload for busy websites.
+ (LP: #270899)
+
+ -- Chuck Short Thu, 18 Sep 2008 08:42:22 -0400
+
+apache2 (2.2.9-7ubuntu1) intrepid; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/{control,rules}: enable PIE hardening.
+ - debian/{control,rules,apache2.2-common.ufw.profile}: add ufw profiles.
+
+ -- Kees Cook Thu, 28 Aug 2008 08:10:59 -0700
+
+apache2 (2.2.9-7) unstable; urgency=low
+
+ * Fix XSS in mod_proxy_ftp (CVE-2008-2939).
+ * Fix mod_proxy_http losing the query string with noescape (PR 45247).
+ * Make the balancer manager work in Opera and MSIE (PR 45578).
+ * Fix mod_headers "edit" removing multiple headers with the same name (PR
+ 45333).
+ * Also describe how to get a backtrace from a running process in
+ README.backtrace.
+
+ -- Stefan Fritsch Fri, 08 Aug 2008 19:27:40 +0200
+
+apache2 (2.2.9-6) unstable; urgency=high
+
+ * Urgency high for RC bug fix.
+ * Fix SIGBUS on SPARC by preventing gcc from optimizing some memcpy calls
+ away. (Closes: #485525)
+
+ -- Stefan Fritsch Sun, 20 Jul 2008 10:17:19 +0200
+
+apache2 (2.2.9-5) unstable; urgency=medium
+
+ * Urgency medium to get this into testing before the freeze.
+ * Remove IPv6 patch that was necessary for very old kernels but creates
+ problems on systems with current kernels and net.ipv6.bindv6only = 1.
+ Apache will now always create its sockets with IPV6_V6ONLY set to 0.
+ (Closes: #391280)
+
+ -- Stefan Fritsch Mon, 07 Jul 2008 21:20:48 +0200
+
+apache2 (2.2.9-4) unstable; urgency=low
+
+ * Make postinst more quiet. (Closes: #489153)
+ * Add Turkish language support. (Closes: #489224)
+ * Remove duplicate comments in sites-available/default-ssl. (Closes: #489383)
+ * Describe in NEWS.Debian how to revert to the old NameVirtualHost config.
+ (Closes: #489215)
+ * Redirect apache2 bug reports to apache2.2-common, to get useful dependency
+ information.
+
+ -- Stefan Fritsch Sun, 06 Jul 2008 10:38:37 +0200
+
+apache2 (2.2.9-3ubuntu2) intrepid; urgency=low
+
+ * add ufw integration (see
+ https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages)
+ (LP: #261198)
+ - debian/control: suggest ufw for apache2.2-common
+ - add apache2.2-common.ufw.profile with 3 profiles and install it to
+ /etc/ufw/applications.d/apache2.2-common
+
+ -- Didier Roche Tue, 26 Aug 2008 19:03:42 +0200
+
+apache2 (2.2.9-3ubuntu1) intrepid; urgency=low
+
+ * debian/{control,rules}: enable PIE hardening
+
+ -- Kees Cook Wed, 20 Aug 2008 15:45:00 -0700
+
+apache2 (2.2.9-3) unstable; urgency=low
+
+ [ Stefan Fritsch ]
+ * Move NameVirtualHost directive to ports.conf and switch from "*" to
+ "*:80". (Closes: #314606, #486286)
+ * Comment out the CacheEnable line in disk_cache.conf. It would have caused
+ problems with Etch to Lenny upgrades.
+ * Change the minimum user id for suexec back to 100, the new value of 1000
+ was too disruptive for existing configurations. (Closes: #488821)
+ * Add a default SSL virtual host. (Closes: #267477)
+ - Use snakeoil certificate by default (if ssl-cert is installed).
+ (Closes: #293524, #446765)
+ - Document this in README.Debian.
+ (Closes: #293469, #293519, #398520, #395823)
+ - Add MSIE workarounds. (Closes: #421802)
+ - Add ssl-cert to Recommends.
+ * Add a new config file /etc/apache2/conf.d/security with some vaguely
+ security related diectives. (Closes: #260063)
+ * Adjust mod_userdir accordingly. Also add "AllowOverride Indexes" for the
+ home directories.
+ * Disable SSLv2 by default. It is insecure. Also only enable ciphers with
+ key lengths of at least 128 bit.
+ * Make the init script complain about a missing $APACHE_PID_FILE during
+ "start", too, and not only during "stop" or "restart". This makes it more
+ obvious that /etc/apache2/envvars has to be updated. (Closes: #473982)
+ * Add hint about the "..., using 127.0.0.1 for ServerName" warning to
+ README.Debian. (Closes: #457708)
+ * Add hint about the "could not create rewrite_log_lock" error message to
+ README.Debian. (Closes: #450831)
+ * Remove empty dir from apache2-doc to fix Lintian warning.
+ * Always pass -g to gcc instead of relying on dpkg-buildpackage to set
+ CFLAGS. We always want the debug info for the apache2-dbg package.
+
+ [ Ryan Niebur ]
+ * Upgraded to policy 3.8.0
+ - added support for noopt in DEB_BUILD_OPTIONS
+ - added a README.source
+ - added support for parallel in DEB_BUILD_OPTIONS
+ * Dropped XS- from the Vcs fields in control
+
+ -- Stefan Fritsch Wed, 02 Jul 2008 10:15:57 +0200
+
+apache2 (2.2.9-2) unstable; urgency=low
+
+ * Make the init script use normal 'stop' instead of 'graceful-stop' again:
+ With graceful-stop, it can take a long time until all child processes have
+ closed their listening sockets and there is no way for the init script to
+ know when it is save to start apache again. This could make the restart of
+ apache fail. (Closes: #486629, #463338)
+ * Improve package descriptions, thanks to Justin B Rye. (Closes: #486855)
+
+ -- Stefan Fritsch Sat, 21 Jun 2008 12:22:17 +0200
+
+apache2 (2.2.9-1) unstable; urgency=low
+
+ * New upstream release. Notable changes:
+ - mod_proxy_http: Better handling of excessive interim responses from
+ origin server to prevent potential denial of service and high memory
+ usage (CVE-2008-2364).
+ - mod_proxy_balancer: Prevent CSRF attacks against the balancer-manager
+ (CVE-2007-6420).
+ - Worker / Event MPM: Fix race condition in pool recycling that leads to
+ segmentation faults under load. (Closes: #484800)
+ - mod_proxy: Keep connections to the backend persistent in the HTTPS case.
+ - mod_proxy: Support environment variable interpolation in reverse
+ proxying directives.
+ - mod_headers: Add 'merge' option to avoid duplicate values within the
+ same header.
+ - mod_substitute: The default is now flattening the buckets after each
+ substitution. The newly added 'q' flag allows for the quicker, more
+ efficient bucket-splitting.
+ * Shorten the init script's waiting period during 'restart' from 10 to 4
+ seconds. This should still be plenty to allow the apache processes to
+ close their listening sockets. Make the wait even shorter if apache dies
+ faster. (Closes: #479136)
+ * Fix some lintian warnings:
+ - Add some missing patch descriptions.
+ - Point to /usr/share/common-licenses instead of including the license in
+ the copyright file.
+
+ -- Stefan Fritsch Sat, 14 Jun 2008 08:29:41 +0200
+
+apache2 (2.2.8-5) unstable; urgency=low
+
+ * Replace a2{en,dis}{mod,site} by a rewritten version that
+ - supports wildcards (Closes: #373969).
+ - can be influenced with environment variables (Closes: #349716).
+ - checks existing symlinks for correctness (Closes: #409970).
+ - allows to remove dead symlinks (Closes: #480893).
+ * Move suexec suid helper program to a separate package apache2-suexec,
+ which is not installed by default. Provide an alternative version of
+ suexec, which can be customized with a config file. This can be found in
+ the apache2-suexec-custom package. Closes: #312252, #266835
+ * Some more suexec fixes:
+ - Fix race condition when changing directories.
+ - Accept only /var/www/*, and not /var/www*. The same for public_html/*
+ instead of public_html* (CVE-2007-1742).
+ - Raise the minimum userid that suexec may change to from 100 to 1000.
+ * Enable mod_deflate in new installs.
+ * Include config.nice in apache2-src. This hopefully allows apache2-mpm-itk
+ to drop the build-dependency on apache2-prefork-dev.
+ * Mention environment variables in apache2 and apache2ctl man pages and point
+ to README.Debian. (Closes: #475150)
+ * Drop unneeded build-dep on libtool.
+ * Drop obsolete apache2-mpm-perchild package (closes: #477522).
+ * Don't fail in postinst if there is a dangling symlink /var/www/index.html.
+ * Fix typo in bug number in 2.2.8-3 changelog entry.
+ * Use dh_lintian in debian/rules.
+
+ -- Stefan Fritsch Sat, 31 May 2008 17:02:03 +0200
+
+apache2 (2.2.8-4) unstable; urgency=high
+
+ * Urgency high for DoS vulnerability fix.
+ * Fix memory leak in mod_ssl with zlib compression.
+
+ -- Stefan Fritsch Tue, 13 May 2008 22:31:37 +0200
+
+apache2 (2.2.8-3) unstable; urgency=low
+
+ * mod_cache: Handle If-Range correctly if the cached resource was stale
+ (closes: #470652).
+ * mod_autodindex: Use UTF-8 as character set for filenames in the default
+ configuration. Change this in autoindex.conf if you are still using
+ ISO-8859-1.
+ * Introduce APACHE_RUN_DIR and APACHE_LOCK_DIR in apache2ctl. Also, make it
+ use APACHE_RUN_USER instead of APACHE2_RUN_USER, to be consistent with
+ apache2.conf.
+ * Add 'status' function to init script (adapted from patch by Dustin
+ Kirkland).
+ * Don't build the modules three times. We are only shipping one set of them,
+ anyway. (Inspired by the Fedora package.)
+ * Remove Fabio M. Di Nitto from the uploaders field (thanks for your work).
+
+ -- Stefan Fritsch Fri, 14 Mar 2008 10:57:19 +0100
+
+apache2 (2.2.8-2) unstable; urgency=low
+
+ * Provide a fallback access log (other_vhosts_access.log) and a suitable
+ LogFormat (vhost_combined) for VirtualHosts that don't define their own
+ log file. (Closes: #313430)
+ * Fix broken symlink to README.Debian.gz and typos in the file
+ (closes: #461462).
+ * Improve generation of password salts in htpasswd (closes: #469271).
+ * Point VCS tags in debian control to trunk, to make them useful with
+ debcheckout.
+ * Add missing ${APACHE_ARGUMENTS} to *) case in apache2ctl.
+ * In upgrades from etch, replace /etc/apache2/default without asking also in
+ the NO_START=1 case, in order to not break piuparts (closes: #466367).
+ * Print file name where "Useless use of AllowOverride" occured.
+ (Closes: #410334)
+ * Make bugreport script source /etc/apache2/envvars before calling apache2.
+ * Add note about MSIE SSL workaround to README.Debian.
+ * Don't ship empty /var/www/apache2-default in apache2-doc.
+ (Closes: #469145)
+ * mod_autoindex: Use the bomb icon only for the name 'core', not for
+ '*core'. (Closes: #467480)
+ * Include module name in a2enmod error messages (closes: #461341).
+
+ -- Stefan Fritsch Sat, 08 Mar 2008 12:28:14 +0100
+
+apache2 (2.2.8-1) unstable; urgency=low
+
+ * New upstream version:
+ - Fixes cross-site scripting issues in
+ o mod_imagemap (CVE-2007-5000)
+ o mod_status (CVE-2007-6388)
+ o mod_proxy_balancer's balancer manager (CVE-2007-6421)
+ - Fixes a denial of service issue in mod_proxy_balancer's balancer manager
+ (CVE-2007-6422).
+ - Fixes mod_proxy URL encoding in error messages (closes: #337325).
+ - Adds explicit charset to the output of various modules to work around
+ possible cross-site scripting flaws affecting web browsers that do not
+ derive the response character set as required by RFC2616. For
+ mod_proxy_ftp there is now the new ProxyFtpDirCharset directive to
+ specify something else than ISO-8859-1 (CVE-2008-0005).
+ - Adds mod_substitute which performs inline response content pattern
+ matching (including regex) and substitution (like mod_line_edit).
+ - Adds "DefaultType none" option.
+ - Adds new "B" option to RewriteRule to suppress URL unescaping.
+ - Adds an "if" directive for mod_include to test whether an URL is
+ accessible, and if so, conditionally display content.
+ - Adds support for mod_ssl to the event MPM.
+ * Move the configuration of User, Group, and PidFile to
+ /etc/apache2/envvars. This makes it easier to use these settings in
+ scripts. /etc/apache2/envvars can now also be used to influence apache2ctl
+ (inspired by Marc Haber's patch). (Closes: #349709, #460105, #458085)
+ * Make apache2ctl check the configuration syntax before trying to restart
+ apache, to match the behaviour documented in the man page.
+ (Closes: #459236)
+ * Convert docs to be directly viewable with a browser (and not use content
+ negotiation).
+ * Add doc-base entry for the documentation. (closes: #311269)
+ * Don't ship default files in /var/www, but copy a sample file to
+ /var/www/index.html on new installs. Also remove the now unneeded
+ RedirectMatch line from sites-available/default.
+ (Closes: #411774, #458093)
+ * Add some information to README.Debian (Apache wiki, default virtual host)
+ * Build with LDFLAGS=-Wl,--as-needed to drop a lot of unnecessary
+ dependencies, easing library transitions (closes: #458857).
+ * Add icons for OpenDocuments, add sharutils to Build-Depends for uudecode.
+ Patch by Nicolas Valcárcel. (Closes: #436441)
+ * Add reportbug script to list enabled modules.
+ * Fix some lintian warnings:
+ - Pass --no-start to dh_installinit instead of omitting the debhelper token
+ in various maintainer scripts. Also move the update-rc.d call to
+ apache2.2-common.
+ - Add Short-Description to init script.
+ * Remove unused apache2-mpm-prefork.prerm from source package and clean up
+ debian/rules a bit.
+ * Don't ship NEWS.Debian with apache2-utils, as the contents are only
+ relevant for the server.
+
+ -- Stefan Fritsch Thu, 17 Jan 2008 20:27:56 +0100
+
+apache2 (2.2.6-3) unstable; urgency=low
+
+ * Allocate fewer bucket brigades in case of a flush bucket. This might help
+ with the memory leaks reported in #399776 and #421557.
+ * Escape the HTTP method in error messages to avoid potential cross site
+ scripting vulnerabilities (CVE-2007-6203).
+ * Update 053_bad_file_descriptor_PR42829.dpatch to avoid a race condition.
+ * Redirect /doc/apache2-doc/manual/ to /manual/ in the apache2-doc config
+ (Closes: #450867).
+ * Add icons for .ogg and .ogm (Closes: #255443).
+ * Add comment about how to log X-Forwarded-For (Closes: #425008).
+ * Make mod_proxy_balancer not depend on mod_cache.
+ * Add Homepage field to debian/control.
+ * Add/fix some lintian overrides, fix some warnings.
+ * Bump Standards-Version (no changes).
+
+ -- Stefan Fritsch Fri, 07 Dec 2007 22:38:59 +0100
+
+apache2 (2.2.6-2) unstable; urgency=low
+
+ * Avoid calling apr_pollset_poll() and accept_func() when the listening
+ sockets have already been closed on graceful stop or reload. This
+ hopefully fixes processes not being killed (closes: #445263, #447164)
+ and the "Bad file descriptor: apr_socket_accept: (client socket)"
+ error message (closes: #400918, #443310)
+ * Allow logresolve to process long lines (Closes: #331631)
+ * Remove duplicate config examples (Closes: #294662)
+ * Include README.backtrace describing how to create a backtrace
+ * Add CVE reference to 2.2.6-1 changelog entry
+
+ -- Stefan Fritsch Thu, 18 Oct 2007 19:35:40 +0200
+
+apache2 (2.2.6-1) unstable; urgency=low
+
+ * New upstream release
+ - fixes mod_proxy DoS for threaded MPMs (CVE-2007-3847)
+ - fixes spurious warning for valid wildcard certificates (Closes: #414855)
+ - adds warning that htpasswd is not setuid safe (Closes: #356285)
+ - adds Type and Charset options to IndexOptions directive,
+ allowing a workaround for buggy browsers affected by CVE-2007-4465
+ - adds new ProxyPassMatch directive
+ * Add index.htm to the default DirectoryIndex configuration
+ (Closes: #439375)
+ * Use apache2ctl in init script (Closes: #439027)
+ * make init script less noisy (Closes: #438950)
+ * improve NEWS entry (Closes: #440084)
+
+ -- Stefan Fritsch Thu, 06 Sep 2007 23:54:42 +0200
+
+apache2 (2.2.4-3) unstable; urgency=low
+
+ [ Stefan Fritsch ]
+ * enable default site on new installs again (Closes: #436341)
+ * make mod_authn_dbd depend on mod_dbd
+ * make a2dissite return 0 if a site is already disabled (Closes: #435398)
+ * make a2 scripts print errors to stderr (Closes: #435400)
+ * move TypesConfig directive from apache2.conf to mime.conf
+ (Closes: #434248)
+
+ [ Adam Conrad ]
+ * Special case apache2-dbg magic in debian/rules, so we don't do
+ this on Ubuntu, which has an archive of detached debug packages.
+
+ -- Stefan Fritsch Tue, 07 Aug 2007 20:49:28 +0200
+
+apache2 (2.2.4-2) unstable; urgency=low
+
+ * Modularize config: Move module specific configuration from apache2.conf
+ to mods-available/*conf (Closes: #338472)
+ * Remove the NO_START kludge. Now you have to use rc*.d symlinks to disable
+ apache2. (Closes: #408462, #275561)
+ * Create run and lock directores in apache2ctl to make it work on fresh
+ installations before the first call of the init script. Together with
+ the previous item, this closes: #418499
+ * Disable AddDefaultCharset again (Closes: #397886)
+ * Make ports.conf, conf.d/charset, and /etc/default/apache2 conffiles
+ managed by dpkg
+ * Listen on port 443 by default if mod_ssl is loaded (Closes: #404598)
+ * Add logic to start htcacheclean as daemon or cronjob. The configuration
+ is in /etc/default/apache2
+ * Fix security issues:
+ - CVE-2007-3304: prevent parent process to send SIGUSR1 to arbitrary
+ processes
+ - CVE-2006-5752: XSS in mod_status
+ * Add init.d dependency info from insserv overrides to /etc/init.d/apache2
+ * Replace apachectl with apache2ctl in docs (Closes: #164493)
+ * Add usage message to apache2ctl (Closes: #359008)
+ * Make -dev packages priority extra
+ * Add secure example cipher/protocol configuration to ssl.conf
+ * Update watch file (Closes: #433552)
+ * Bump dh_compat to 5
+ * Add new package apache2-dbg with debugging symbols
+ * Fix mod_cache returning 304 instead of 200 on HEAD requests
+
+ -- Stefan Fritsch Tue, 03 Jul 2007 21:23:40 +0200
+
+apache2 (2.2.4-1) unstable; urgency=medium
+
+ [ Stefan Fritsch ]
+ * Urgency medium for security fix
+ * Fix CVE-2007-1863: DoS in mod_cache
+ * New upstream version (Closes: #427050)
+ - Fixes "proxy: error reading status line from remote server"
+ (Closes: #410331)
+ * Fix CVE-2007-1862: mod_mem_cache DoS (introduced in 2.2.4)
+ * Change logrotate script to use reload instead of restart.
+ (Closes: #298689)
+ * chmod o-rx /var/log/apache2 (Closes: #291841)
+ * chmod o-x suexec (Closes: #431048)
+ * Update patch for truncated mod_cgi 500 responses from upstream SVN
+ (Closes: #412580)
+ * Don't use AddDefaultCharset for our docs (Closes: #414429)
+ * fix options syntax in sites-available/default (Closes: #419539)
+ * Move conf.d include to the end of apache2.conf (Closes: #305933)
+ * Remove log, cache, and lock files on purge (Closes: #428887)
+ * Ship /usr/lib/cgi-bin (Closes: #415698)
+ * Add note to README.Debian how to read docs (Closes: #350822)
+ * Document pid file name (Closes: #350286)
+ * Update Standards-Version (no changes needed)
+ * Fix some lintian warnings, add some overrides
+ * Start apache when doing a "restart" even if it was not running
+ (Closes: #384682)
+ * reload config in apache2-doc postinst (Closes: #289289)
+ * don't fail in prerm if apache is not running (Closes: #418536)
+ * Suggest apache2-doc and www-browser (Closes: #399056)
+ * Make init script always display a warning if NO_START=1 since
+ VERBOSE=yes is not the default anymore (Closes: #430116)
+ * Replace apache2(8) man page with a more current version
+ * Add httxt2dbm(8) man page
+ * Show -X option in help message (Closes: #391817)
+ * remove sick-hack-to-update-modules
+ * don't depend on procps on hurd (Closes: #431125)
+
+ [ Peter Samuelson ]
+ * Add shlibs:Depends to apache2.2-common.
+
+ -- Stefan Fritsch Sun, 01 Jul 2007 19:57:51 +0200
+
+apache2 (2.2.3-5) unstable; urgency=low
+
+ [ Tollef Fog Heen ]
+ * Fix up apache2-src so the .tar.gz contains an apache2 top level
+ directory.
+ * Make apache2 MPMs provide and conflict with apache2-mpm so other
+ packages can provide MPMs too.
+ * Get rid of 2.1 references from descriptions. (Closes: #400981)
+
+ [ Thom May ]
+ * Let the init script cope with multiple pid files correctly. Probably we
+ shouldn't be doing this at all, but we might as well do it properly!
+ (Closes: #396162)
+ * Add a sensible autoindex default config
+ * Add patch from upstream to ensure that mod_cgi 500 responses aren't
+ truncated (Closes: #412580)
+ * Use graceful-stop to shutdown apache to ensure we cope nicely with long
+ running or blocked children
+
+ [ Peter Samuelson ]
+ * Ship apache2 manpage in apache2.2-common. (Closes: #391813)
+ * Rearrange init script so that 'force-reload' is the same as 'reload'.
+ (Closes: #401053)
+ * Add Build-Depends: mawk. (Closes: #403682)
+ * Add a needed guard to apache2.conf.
+ (Closes: #407307)
+ * Stop shipping /var/run/apache2/ as it is created at runtime anyway.
+ * Move the /var/lock/apache2 owner fix from the apache2.2-common
+ postinst to the init script, as /var/lock may not persist across
+ reboots. (Closes: #420101)
+
+ [ Stefan Fritsch ]
+ * Add Build-Depends: libssl-dev, zlib1g-dev (Closes: #399043)
+ * Add XS-Vcs-* to debian/control
+ * Improve handling of empty $MODNAME in a2enmod (Closes: #422589)
+ * Treat apache2-mpm-itk as prefork in a2enmod (Closes: #412602)
+ * Re-add README.Debian and describe
+ - the config dir layout (closes: #419552)
+ - which files are ignored by Include
+ - when and how to change "restart" to "reload" in the logrotate script
+ * When purging, remove {mods,sites}-enabled symlinks and the config files
+ created by postinst (Closes: #397789)
+ * Fix suexec to log after a cgi error (Closes: #312385)
+ * Add watch file
+ * Add AddType for .bz2 (Closes: #416322)
+ * Make init script messages conform better to policy (Closes: #390348)
+ and exit with failure if called with unknown parameter (Closes: #412407)
+ * Fix segfault in mod_proxy_ftp when FTP server sends back no spaces
+ (Closes: #413727)
+ * Ship /etc/apache2/conf.d/apache2-doc (Closes: #418464)
+ * Tell the user when selecting cgid instead of cgi (Closes: #428058)
+ * Add a2ensite/a2dissite man pages (Closes: #322385)
+ * Comment out CacheEnable by default, to prevent filling up /var.
+ Document the problem in README.Debian and NEWS.Debian, point to
+ htcacheclean and give a warning when doing a2enmod disk_cache
+ (Closes: #423653).
+ * Add myself to Uploaders.
+
+ -- Stefan Fritsch Sun, 10 Jun 2007 18:54:29 +0200
+
+apache2 (2.2.3-4) unstable; urgency=high
+
+ * High-urgency upload for RC bugfixes.
+ * Ack NMUs - thanks Andi, Steve.
+ * Add myself to Uploaders.
+ * Refactor apache2.2-common.postinst slightly, to account for sarge
+ upgrades (since it's a new package name, rather than an upgrade).
+ (Closes: #396782, #415775)
+ * If mod_proxy was configured in sarge, add proxy_http and
+ disk_cache modules, which used to be included in the mod_proxy config.
+ (Closes: #407171)
+
+ -- Peter Samuelson Tue, 27 Mar 2007 07:06:49 -0500
+
+apache2 (2.2.3-3.3) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * High-urgency upload for RC bugfix.
+ * apache2.2-common should depend on procps, since it will fail to create
+ httpd.conf if it's not installed. Closes: #398535.
+
+ -- Steve Langasek Mon, 5 Feb 2007 01:55:57 -0800
+
+apache2 (2.2.3-3.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * 043_ajp_connection_reuse: Patch from upstream Bugzilla, fixing a critical
+ issue with regard to connection reuse in mod_proxy_ajp.
+ Closes: #396265
+
+ -- Andreas Barth Sat, 9 Dec 2006 21:05:45 +0000
+
+apache2 (2.2.3-3.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Enable authz_user by default, fix silent authentication breakage.
+ Closes: #397310
+ * Add default modules if coming from earlier than this version.
+ Closes: #392349, #392352, #392701, #393913, #396678, #395976
+ * Re-Enable modules cern_meta, dumpio and ext_filter. Closes: #391393
+
+ -- Andreas Barth Fri, 10 Nov 2006 15:44:33 +0100
+
+apache2 (2.2.3-3) unstable; urgency=medium
+
+ [ Peter Samuelson ]
+ * a2dismod: exit 0 if a module exists but is already disabled.
+ * Ship a2enmod.8 and a2dismod.8 again, and expand them a bit.
+ (Closes: #270551)
+
+ [ Tollef Fog Heen ]
+ * Build apache2-src package.
+ * Do not AddDefaultCharset if we are proxying. Closes: #277526
+ * Do not forcefully link against libdb4.3 and other libs.
+ * Enable the same list of modules as we had in 2.0 (by default) and do
+ that for all older versions than 2.2.3-3 to fix upgrade issues people
+ have had. Closes: #392349
+ * Set default IndexWidth to *.
+ * Clean up CPPFLAGS and CFLAGS, including making all of CFLAGS a
+ superset of CPPFLAGS. Also make sure to include -I switches with
+ absolute paths so the apache headers are useful.
+ * Warn when not starting HTTPD due to missing apache binary.
+ Closes: #384128
+ * Provide sample disk and memory cache configurations. Closes: #278564
+ * Provide dir.conf. Closes: #392356
+ * Add alternate dependency from apache to apache2-mpm-event
+ * On reload, make the init script exit 1 with an error message if the
+ configuration is broken. Closes: #316858
+ * Add default deflate.conf compressing text/html, text/plain and
+ text/xml. Closes: #349016
+ * Add { and } around the usage format in the init script to make the
+ init script bash completion happier. Closes: #350606
+
+ [ Adam Conrad ]
+ * Update our php4 and php5 conflicts, to reflect the reality that each
+ were uploaded and built again while apache2.2 was in the new queue.
+ Closes: #392189
+ * Migrate kill symlinks from K91 to K09 (closes: #376503)
+ * Make apache2 depend on the current version of the MPMs, as it used
+ to in the 2.0.x series (and make it binNMU-safe) (closes: #394658)
+ * Make sure that the RedirectMatch in sites-available/default continues
+ to be commented out for Ubuntu, while having it uncommented for Debian.
+
+ [ Thom May ]
+ * Fix permissions on suexec (Closes: #391918)
+ * This is Debian, not Ubuntu (Closes: #393277)
+
+ -- Adam Conrad Sat, 7 Oct 2006 17:57:04 +1000
+
+apache2 (2.2.3-2) unstable; urgency=low
+
+ * Make sure to ship /var/log/apache2 in the apache2.2-common package.
+ Closes: #390786
+ * Install suexec.8 as suexec2.8. Closes: #390774
+ * Make sure that we never ship .svn directories in any binary packages.
+ Closes: #390785
+ * Not only chmod -x /usr/sbin/apache2 in apache2.2-common.preinst, chmod
+ +x it in same's postinst too. Closes: #390794
+ * We now ship htcacheclean in apache2-utils. Closes: #376680
+ * Try to stop old apaches in preinst of the mpms. Closes: #390893
+ * Make apache2-mpm-{worker,prefork} conflict with apache2-mpm-event and
+ apache2-common.
+ * rm -f /var/lib/dpkg/info/apache2-common.postrm. So apache2-common can
+ be purged. Yes, we're on crack. Closes: #390823
+ * Make apache2-utils's Replaces on apache2-common be unversioned.
+ Closes: #391018
+ * Stop shipping cern_meta.load, dumpio.load and ext_filter.load. Thanks
+ to Stephane Chazelas for noticing. Closes: #391393
+
+ -- Tollef Fog Heen Tue, 3 Oct 2006 10:03:48 +0200
+
+apache2 (2.2.3-1) unstable; urgency=low
+
+ * Remove mention of AddDefaultCharset from apache2.conf as this is now
+ in /etc/apache2/conf.d/charset.
+ * Rename apache2-common to apache2.2-common. Conflict and replace old
+ version. This is to force modules to be uninstalled until versions
+ compiled against 2.2 are provided.
+ * Remove Daniel Stone from list of uploaders.
+ * We no longer ship 035_HEAD_Content-Length_Fix_From_CVS. Closes: #298143
+ * Don't start the server on reload. Closes: #316321
+ * Install S91/K09 links, not S91/K91, also only support not starting
+ through defaults file to cover upgrades from old
+ installations. Closes: #359977, #349655
+ * Big cleanup by using dh_install properly rather than loads of hacks in
+ debian/rules.
+ * No longer ship compat symlinks for ab, etc. Those are installed as
+ ab, htpasswd and similar.
+ * Remove apache2-mpm-{event,worker}-{prerm,preinst,postinst} in clean,
+ as those are copies of other files.
+ * Add build-depends for libapr1-dev (>= 1.2.7-6) to make sure we get a
+ version which ships a useful apr-config --apr-libtool.
+ * chmod -x /usr/sbin/apache2 on upgrades from before 2.2 to avoid
+ problems stopping apache due to some dpkg bug.
+ * Add Conflicts for broken modules which didn't depend on
+ apache2-common.
+
+ -- Tollef Fog Heen Thu, 17 Aug 2006 14:02:58 +0200
+
+apache2 (2.2.3-1~exp.r170) experimental; urgency=low
+
+ [ Jeroen van Wolffelaar ]
+ * Staging upload to experimental of subversion revision r170
+
+ [ Thom May, Tollef Fog Heen, Fabio M. Di Nitto and Adam Conrad ]
+ * New Upstream Release. Closes: #344072
+ http://httpd.apache.org/docs/2.2/new_features_2_2.html has a list of
+ new features and changes.
+ - Fixes LFS support. Closes: #341460, #285337, #241223
+ - Fixes off-by-one error in mod_rewrite ldap schema handling
+ (CVE-2006-3747)
+ - Fixes XSS issue in mod_imap/mod_imagemap (CVE-2005-3352).
+ Closes: #343467.
+ - mpm_perchild no longer exists, so closing bugs for perchild.
+ Closes: #236193, #238586
+ - Fixes PHP POST with SSLVerifyClient. Closes: 353443
+ * Build-depend on lsb-release and pick up the branding from there.
+ * Build-depend on apr-util 1.0 which is now in a separate source
+ package.
+ * Mangle the Debian layout to be more FHS compatible
+ * No longer build-conflict with libgdbm-dev
+ * Use external PCRE
+ * Make apache2-utils stop providing apache2-utils. Also make it stop
+ conflicting with itself.
+ * Rename default site from default-site to just default.
+ * Try to migrate modules which used to be built-in:, alias, mime,
+ authz_host, autoindex, dir, env, negotiation, setenvif, status.
+ * Mod imap has been renamed to imagemap, ditto for auth_ldap =>
+ authnz_ldap. Cope with that in postinst.
+ * Stop globbing in apache2.conf.
+ Closes: #337817, #340955, #348189, #379015, #368497
+ * Don't install CHANGES into the apache2 package. It's just a
+ metapackage.
+ * Add rudimentary rdeps handling to a2dismod. Closes: #273929
+ * Stop providing apache-utils.
+ * Cope with /var/run and /var/lock on tmpfs.
+ * Remove all subdirs in srclib as we are using external libraries for
+ those anyway. Also remove test/zb.c. Closes: 340538
+ * Make ssl.conf not block on /dev/random, but rather use /dev/urandom.
+ * Make apache2-common depend on lsb-base, thanks to Gleb Arshinov
+
+ -- Jeroen van Wolffelaar Tue, 15 Aug 2006 16:17:33 +0200
+
+apache2 (2.0.55-4.1) unstable; urgency=high
+
+ * Non-maintainer upload. Urgency set to high due to security fixes.
+ * Added '052_mod_rewrite_CVE-2006-3747' to fix the off-by-one bug in
+ mod_rewrite.
+ [CVE-2006-3747]. (Closes: #380182)
+ * Added '053_restore_prefix_fix' to allow rebuilding from source.
+ (Closes: #374160)
+ * Added '054_apr_sendfile' to allow building for Hurd.
+ (Closes: #349416)
+ * Added '055_expect_CVE-2006-3918' to fix XSS attack in Expect headers.
+ [CVE-2006-3918]. (Closes: #381376)
+ * Added bash-completion script from Guillaume Rousse.
+ (Closes: #299855)
+
+ -- Steve Kemp Sat, 5 Aug 2006 21:35:53 +0000
+
+apache2 (2.2.0-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- Fabio M. Di Nitto Thu, 26 Jan 2006 13:46:08 +0100
+
+apache2 (2.0.55-4) unstable; urgency=low
+
+ * Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
+ mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
+ * Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
+ threaded MPMs when making a non-SSL connection to an SSL-enabled port
+ on a server with a custom 400 error document defined; see CVE-2005-3357
+ * Clean up our use of trailing slashes on directories in debian/rules, so
+ the newer, pickier, obviously very improved coreutils doesn't bite us.
+ * Remove some cruft from apache2-common's postinst, dealing with upgrade
+ scenarios from versions older than those released in Sarge or Warty.
+ * Use "SHELL := sh -e" in debian/rules, so the build will stop on shell
+ errors, instead of blundering on to later make targets (closes: #340761)
+ * Recreate /var/run/apache2 and /var/lock/apache2 in our init script, in
+ case the user has /var/run and /var/lock on tmpfs, which is fasionable.
+ * Make our init script a /bin/bash script instead of a /bin/sh script, so
+ we can abuse it with regex globbing (#348189, #347962, #340955, #342008)
+ * Take patch from Adrian Bridgett to output errors from our config test
+ in the init script, but only do so when we're VERBOSE (closes: #339323)
+ * In the spirit of the LSB, make our init script exit 2 when called with
+ incorrect arguments, and exit 4 when asked for status (closes: #330275)
+ * Fix the default site to not mix configuration syntax (closes: #345922)
+ * Mention apxs2 in the apache2-*-dev long descriptions (closes: #307921)
+
+ -- Adam Conrad Sat, 26 Nov 2005 19:06:32 +1100
+
+apache2 (2.0.55-3) unstable; urgency=low
+
+ * Brown paper bag release: Tidy up CFLAGS and APR configure call to make
+ sure that what we link to agrees with what apu-config tells others to do.
+
+ -- Adam Conrad Mon, 24 Oct 2005 13:02:52 +1000
+
+apache2 (2.0.55-2) unstable; urgency=low
+
+ * Mess with 010_more_fhs_compliancy to nail down the compiled default for
+ cgisock to match with the default shipped in the config file, so people
+ don't get confused if they miss including cgid.conf (closes: #316477)
+ * Make the compiled-in PidFile match the config file for similar reasons.
+ * Add 049_apr_tables_HEAD_cleanup, resolving an issue where merging two
+ tables from different resource pools would leave you with the contents
+ of only one, rather than both. This patch also cleans up some broken
+ pointer arithmetic and type casting along the way (closes: #251800)
+ * Specify the DocumentRoot without a trailing slash (closes: #311317)
+ * Fix the manpage to point at proper locations (closes: #307665, #332619)
+
+ -- Adam Conrad Sun, 23 Oct 2005 13:24:39 +1000
+
+apache2 (2.0.55-1) unstable; urgency=low
+
+ * New upstream bugfix and security release, superseding these patches:
+ - Drop 041_util_ldap_fix.patch, util_ldap seems to be unbroken.
+ - Drop 043_ssl_off_by_one_CAN-2005-1268, fixed upstream.
+ - Drop 044_content_length_CAN-2005-2088, fixed upstream.
+ - Drop 045_byterange_CAN-2005-2728, fixed upstream.
+ - Drop 046_verify_client_CAN-2005-2700, fixed upstream.
+ - Resolves a serious memory leak in the worker MPM; see CVE-2005-2970
+ - Add 048_reverse_proxy_fix, to resolve a regression in 2.0.55 with
+ mod_proxy, mod_ssl and HTTP POST requests (upstream bug #37145)
+ * New release builds cleanly with OpenSSL 0.9.8 (closes: #332791, #333363)
+ * Fix up our built-in version of DBS to use find's -{max,min}depth
+ arguments in a way that doesn't make find whine like a spoiled child.
+ * Merge Ubuntu and Debian packaging, bringing in patch 047 (closes: #327269)
+ - Comment out the / -> /apache2-default/ redirect, as user feedback seems
+ to indicate that it's just too bloody confusing for most people.
+ - New installations (only) now get an AddDefaultCharset UTF-8 directive.
+ * Build-depend on lsb-release, and use it in debian/rules to determine which
+ distribution we're building on, dropping the 007_debian_advertising patch.
+ * Drop debconf dependency entirely; we don't even use it (closes: #331741)
+ * Finally support DEB_BUILD_OPTIONS="noopt debug" properly in debian/rules.
+ * Adjust mime_magic.conf to point at the new FHS location of magic.mime.
+ * Drop the apache2-mpm-threadpool transitional package; Sarge is released.
+ * Try a bit harder to find the *CORRECT* PidFile directive in the init
+ script, instead of the old "rgrep and pray" method (closes: #303076)
+ * Make init script to always use apache2ctl consistently (closes: #316303)
+ * Build (and have -dev packages depend on) libdb4.3 instead of libdb4.2.
+
+ -- Adam Conrad Mon, 17 Oct 2005 13:00:13 +1000
+
+apache2 (2.0.54-5ubuntu2) breezy; urgency=low
+
+ * Add 047_ssl_reneg_with_body, which adds a (bounded) buffer of request
+ body data to provide a limited but safe fix for the mod_ssl renegotiation
+ vs requests-with-bodies bug, as occurs with POST and SVN (Ubuntu #14991)
+
+ -- Adam Conrad Tue, 4 Oct 2005 11:53:01 +1000
+
+apache2 (2.0.54-5ubuntu1) breezy; urgency=low
+
+ * Resynchronise with Debian, bringing in several security patches.
+
+ -- Adam Conrad Mon, 5 Sep 2005 20:40:31 +1000
+
+apache2 (2.0.54-5) stable-security; urgency=high
+
+ * Add 043_ssl_off_by_one_CAN-2005-1268, fixing an off-by-one error in SSL
+ certificate validation; see CAN-2005-1268 (closes: #320048, #320063)
+ * Add 044_content_length_CAN-2005-2088, resolving an issue in mod_proxy
+ where, when a response contains both Transfer-Encoding and Content-Length
+ headers, the connection can be used for HTTP request smuggling and HTTP
+ request spoofing attacks; see CAN-2005-2088 (closes: #316173)
+ * Add 045_byterange_CAN-2005-2728, to resolve a denial of service in apache
+ when large byte ranges are requested; see CAN-2005-2728 (closes: #326435)
+ * Add 046_verify_client_CAN-2005-2700, resolving an issue where the context
+ of the SSLVerifyClient directive is not honoured within a
+ nested in a , and is left unenforced; see CAN-2005-2700
+
+ -- Adam Conrad Fri, 2 Sep 2005 22:26:28 +1000
+
+apache2 (2.0.54-4) unstable; urgency=low
+
+ * Alter 041_util_ldap_fix.patch to revert util_ldap.c to the known
+ good version from 2.0.53 (closes: #308648, and re-fixes #307567)
+
+ -- Adam Conrad Wed, 11 May 2005 20:15:38 -0600
+
+apache2 (2.0.54-3) unstable; urgency=medium
+
+ * Add 042_htdigest_CAN-2005-1344 to fix a buffer overflow in
+ htdigest, which is described in CAN-2005-1344 (closes: #307134)
+ * Add 041_util_ldap_fix.patch from upstream bug #34618 to fix
+ issues with mod_auth_ldap sometimes segfaulting and sometimes
+ locking up and spinning the CPU to oblivion (closes: #307567)
+ * Alter 011_fix_ap-config to make apr-config point us at the system
+ libtool, and make libapr0-dev depend on libtool (closes: #306481)
+ * Alter 008_make_include_safe to prevent apache2 from including dpkg
+ conffile leftovers (.dpkg-old et al) (closes: #304786, #296728)
+
+ -- Adam Conrad Thu, 5 May 2005 03:45:24 -0600
+
+apache2 (2.0.54-2) unstable; urgency=low
+
+ * Set suexec2's ownership properly, so it's actually executable by
+ apache2 with the newly-restrictive permissions (closes: #305242)
+
+ -- Adam Conrad Mon, 18 Apr 2005 22:09:42 -0600
+
+apache2 (2.0.54-1) unstable; urgency=low
+
+ * New upstream bugfix-only release (closes: #305121)
+ * Fix debian/watch file to only look at apache 2.0.x, so we stop being
+ told about the 2.1 beta releases (and I'll notice new 2.0.x releases)
+ * Drop o+rx permissions from suexec2; while it has code in place to
+ make sure the caller is www-data, if that code should be buggy,
+ filesystem permissions will help mitigate fallout (closes: #301045)
+ * Update the 003_build_with_autoconf_2.5 patch to make sure both
+ apr and apr-util have an AC_PREREQ for autoconf 2.50, so we don't get
+ weird autoconf mix-and-match FTBFS issues (closes: #301819)
+
+ -- Adam Conrad Sun, 17 Apr 2005 23:10:18 -0600
+
+apache2 (2.0.53-5ubuntu5) hoary; urgency=low
+
+ * Fix the init script to not exit with an error when asked to
+ stop a daemon that isn't running (Was the root cause of #8374)
+
+ -- Adam Conrad Fri, 1 Apr 2005 16:30:56 +0000
+
+apache2 (2.0.53-5ubuntu4) hoary; urgency=low
+
+ * Make sure package removals don't fail even if the init script
+ doesn't stop apache2 (Ubuntu #8374)
+
+ -- Adam Conrad Fri, 1 Apr 2005 15:07:20 +0000
+
+apache2 (2.0.53-5ubuntu3) hoary; urgency=low
+
+ * Add dependency on lsb-base (>= 1.3-9ubuntu2) to guarantee
+ availability of lsb init functions (Ubuntu #7765)
+
+ -- Adam Conrad Sun, 27 Mar 2005 21:55:41 -0700
+
+apache2 (2.0.53-5ubuntu2) hoary; urgency=low
+
+ * Really remove /etc/apache2/conf.d/charset on purge, rather
+ than just writing about it in the changelog.
+
+ -- Adam Conrad Sun, 27 Mar 2005 08:32:39 -0700
+
+apache2 (2.0.53-5ubuntu1) hoary; urgency=low
+
+ * Resynchronise with Debian, resolving minor conflicts.
+ * Remove /etc/apache2/conf.d/charset on purge.
+
+ -- Adam Conrad Sun, 27 Mar 2005 15:15:44 +0000
+
+apache2 (2.0.53-5) unstable; urgency=high
+
+ * Update 040_link_external_pcre to require autoconf 2.50, so it
+ doesn't fail when autoconf2.13 is installed (closes: #295428)
+ * Further mangle the apache_stop function in the init script so it
+ attempts as hard as possible to make sure apache2 is stopped before
+ it tries to restart. Thanks to Andre Tomt for
+ the bug and patch this fix was based on (closes: #295915, #281557)
+
+ -- Adam Conrad Fri, 25 Feb 2005 00:51:13 -0700
+
+apache2 (2.0.53-4) unstable; urgency=low
+
+ * Add 040_link_external_pcre to allow us to link to an external libpcre
+ rather than statically compiling the bundled version.
+ * Add --with-external-pcre to the configure flags in debian/rules
+ (closes: #294673, #294675, #282606, #294740)
+ * Stop hardcoding the path to netstat in postinst (closes: #294737)
+
+ -- Adam Conrad Mon, 14 Feb 2005 01:45:08 +0000
+
+apache2 (2.0.53-3) unstable; urgency=medium
+
+ * Drop Andres Salomon's PCRE manglig patch in favour of hand-merging
+ Joe Orton's patch against head to completely internalise apache's
+ copy of PCRE, only exposing a wrapper API. (closes: #294395)
+
+ -- Adam Conrad Wed, 9 Feb 2005 11:30:21 -0700
+
+apache2 (2.0.53-2) unstable; urgency=low
+
+ * Make apache2-threaded-dev and apache2-prefork-dev both arch:any
+ as they contain architecture-dependant defines (closes: #294257)
+
+ -- Adam Conrad Wed, 9 Feb 2005 04:20:07 -0700
+
+apache2 (2.0.53-1) unstable; urgency=low
+
+ * New upstream release
+ - Remove 036_HEAD_CAN-2004-0942, integrated upstream
+ - Remove 037_HEAD_CAN-2004-0885, integrated upstream
+ * Drop support for the threadpool MPM, as it's abandoned upstream.
+ - Make apache2-mpm-threadpool an empty package depending on
+ apache2-mpm-worker, and make worker replace the old threadpool
+ * Make SYSCONFDIR configurable at the top of a2{en,dis}{mod,site}
+ * Drop the build-conflict on gawk, and use ac_cv_prog_AWK=mawk
+ instead (closes: #283396)
+ * Make the apache_stop() function stop trying to do the equivalent
+ of "killall apache2", and instead issue a nasty warning if it can't
+ stop apache2 on its own
+ * Make "restart" an alias for "force-reload" in the init script, as
+ apache2ctl restart doesn't match policy's requirements for restart
+ * Swapping between threaded and unthreaded MPMs could leave one with
+ both mod_cgi and mod_cgid enabled. Fixed the postinsts so that
+ no longer happens
+ * Update 021-pcre_mangle_symbols.patch from Andres Salomon, now also
+ mangling typedefs, which should fix PHP (closes: #280823)
+ * Hardcode a dependency on libgcc1 (>= 1:3.3.5) so pthread_cancel
+ will work correctly with partial upgrades (closes: #287033)
+ * When removing ssl_scache, make sure to remove its db transation logs
+ and other garbage as well (closes: #293831)
+ * Remove duplicate /icons/ from the default site (closes: #291856)
+ * Yank 039_fix_forensic_tmpfiles from Ubuntu's apache2 packages
+ * Split out utils into seperate apache2-utils. This will also
+ supercede the apache-utils package (closes: #285219)
+ * Add split-logfile to apache2-utils (closes: #290814)
+ * Make the MPM postinsts scream loudly, but not fail, if you've
+ deleted cgi{,d}.load before swapping MPMs (closes: #283141)
+
+ -- Adam Conrad Mon, 7 Feb 2005 07:54:12 -0700
+
+apache2 (2.0.52-3) unstable; urgency=high
+
+ * Brown paper bag release to fix apache2-common's postinst, by judiciously
+ sprinkling ||true in a couple of needed places (closes: #280527)
+ * While hunting for unclean uses of VAR=`command` in the package, found
+ the cause of the "can't purge with broken config" bugs and fixed that
+ too with yet another ||true (closes: #263511, #273759, #279875)
+
+ -- Adam Conrad Wed, 10 Nov 2004 01:32:16 -0700
+
+apache2 (2.0.52-2) unstable; urgency=high
+
+ * Include two patches, 036_HEAD_CAN-2004-0942 and 037_HEAD_CAN-2004-0885
+ - CAN-2004-0942: Memory leak in header parsing in server/protocol.c
+ - CAN-2004-0885: Incorrect SSLCipherSuite selection in mod_ssl
+ * Fix up our use of netstat in apache2-common's postinst to clean up some
+ unnecessary output to stderr, as well as detect when netstat believes
+ we don't have AF_INET support. This should allow for installation in
+ chroots where the /proc filesystem isn't mounted (closes: #245487)
+ * Add 035_HEAD_Content-Length_Fix_From_CVS, which should solve problems
+ with Content-Length being set incorrectly on proxied HEAD requests,
+ breaking Windows Update from proxied machines (closes: #277787)
+ * Take out the reload/start magic in the postinst, and just call start in
+ all cases, as we stop the daemon in the prerm (closes: #275175, #222786)
+ * Copy config.guess/config.sub/ltmain.sh in from /usr/share/libtool at
+ build time. (closes: #257228, #263101)
+ * Clean up the clean target in debian/rules to remove some duplicate
+ maintainer scripts from the debian/ directory that we don't need to be
+ shipping in the source package.
+ * Move envvars to /etc/apache2/ and add patch 038_no_LD_LIBRARY_PATH to
+ remove the extraneous LD_LIBRARY_PATH from envvars (closes: #276670)
+
+ -- Adam Conrad Sun, 7 Nov 2004 04:09:46 -0700
+
+apache2 (2.0.52-1) unstable; urgency=high
+
+ * New upstream bugfix/security release:
+ - Fixes CAN-2004-0811: Satisfy directive bypass (closes: #273412)
+ * Add '|| true' to a2enmod to stop it from dying when the installed MPM
+ isn't prefork (closes: #273017, #273019, #272865, #273021, #273258)
+ * Touch /var/log/apache2/error.log on new installs to ensure that our log
+ directory isn't removed until the package is purged, so logrotate doesn't
+ complain about its inability to find it (closes: #239571)
+ * Add 032_suexec_is_shared, which makes sure suEXEC is only searched for
+ and enabled when mod_suexec is loaded (closes: #227653)
+ * Use '$APACHE2CTL startssl' consistently in init script to make sure the
+ SSL define doesn't disappear on force-reload (closes: #272531)
+ * Add 033_dbm_read_hash_or_btree to allow apr-util and dbmmanage to open
+ and manipulate DB_BTREE databases, while still defaulting to creating
+ DB_HASH databases as before. This should clear up incompatibilities
+ with other applications (such as PHP) which default to DB_BTREE.
+ * Moved dbmmanage2 to /usr/bin, instead of /usr/sbin, as it's a user tool.
+ * Added 034_ab2_has_openssl, thanks to 2.1-cvs, Fedora, thom, and a bit
+ of munging, to compile a working ab2 with SSL support (closes: #261820)
+
+ -- Adam Conrad Tue, 28 Sep 2004 10:21:20 -0600
+
+apache2 (2.0.51-2) unstable; urgency=high
+
+ * Test for the existence of /usr/sbin/apache2 before we go trying to invoke
+ it to determine what MPM we have installed (closes: #272103, #272207)
+ * Make the default httpd.conf created in apache2-common's postinst contain
+ a fake LoadModule line (commented out), and make apxs2 default to
+ installing modules to /etc/apache2/httpd.conf, so people using apxs2
+ rather than the mods-{enabled,available} directories get the expected
+ behaviour, rather than obscure errors (closes: #167552, #231134)
+ * apxs2 now writes the correct path to modules in httpd.conf, including
+ the mysteriously missing slash (closes: #231450, #167557)
+ * Make apxs2 install modules with mode 644, since 755 makes no sense.
+ * Added a bit of magic to a2{en,dis}site to treat the default site as a
+ special case and add a "000-" priority to the beginning of its symlink.
+ Patches welcome to turn this into something robust, like update-rc.d.
+
+ -- Adam Conrad Sat, 18 Sep 2004 07:12:12 -0600
+
+apache2 (2.0.51-1) unstable; urgency=high
+
+ * New upstream release, including the following security fixes:
+ - CAN-2004-0747: ap_resolve_env buffer overflow
+ - CAN-2004-0786: apr_uri_parse segfault in memcpy
+ - CAN-2004-0809: mod_dav crash/DoS via NULL pointer dereference
+ * Drop the following patches which are now included upstream:
+ - 025_CAN-2004-0748.patch
+ - 026_CAN-2004-0751.patch
+ - 027_autoindex_ignore_bad_files.patch
+ - 028_apr_sticky_bits.patch
+ * Install a properly sanitised config_vars.mk so that apxs2 behaves in
+ a reasonably sane way (closes: #243340, #270768)
+ * Relax www-browser dependency to a Suggests, as the mod_status dump from
+ apache2ctl is a pretty minor (and oft unused) feature (closes: #269309)
+ * init script now allows you to stop (but not start, restart, etc) the web
+ server, even if NO_START is set to 1 (closes: #269398)
+ * Make the apache2 -> apache2-mpm-* dependency tighter, so it does what
+ one expects when installing it (closes: #269580)
+ * Remove the ^/doc/apache2-doc/manual(.*)$ /manual$1 RedirectMatch from
+ the default site which was confusing and useless (closes: #270216)
+ * Add debian/watch file to track upstream versions.
+ * Add some magic to a2enmod to map cgi to cgid if using a threaded MPM.
+ * Add a2ensite and a2dissite which do the same thing as a2{en,dis}mod,
+ but for sites rather than modules (closes: #269251)
+
+ -- Adam Conrad Wed, 15 Sep 2004 00:09:39 -0600
+
+apache2 (2.0.50-12) unstable; urgency=high
+
+ * Build-depend on mawk, and build-conflict with gawk, as we're only
+ guaranteed of having one or the other installed at any given time
+ and GNU awk seems to royally mess up the build with regards to which
+ external symbols get exported by httpd (closes: #268155)
+ * Add myself to the Uploaders field as it seems that, for better or
+ worse, I have become a co-maintainer of apache2.
+ * Drop the :80 from the default site config, so changing ports in
+ ports.conf now Just Works (closes: #253271)
+ * Added 029_docroot_manual.patch, which corrects the links in the start
+ page to point to /manual/ instead of manual/, so the link actually
+ works when apache2-doc is installed (closes: #232954)
+ * Add a postrm to apache2-common, implementing a policy-compliant purge
+ process (closes: #237030, #252254, #197986)
+ * Add a simple RedirectMatch to the "default" site, so that fresh
+ installations see the default start page, rather than a directory
+ listing (closes: #240772, #255974, #264070)
+ * Add 030_www-browser_apachectl.patch, and make apache2-common depend
+ on www-browser, so 'apache2ctl status' works (closes: #266724)
+ * Move apache2's (re)start from the apache2-common postinst to the MPM
+ postinsts, so we're not trying to start the old binary if apache2-common
+ is configured before apache2-mpm-* is unpacked (closes: #268936)
+ * Enable CGI on initial installation, as packages depending on httpd-cgi
+ require it to be running to work (closes: #267547, #263038)
+ * Only enable userdir on upgrades from older versions where it was
+ built-in, or on fresh installs.
+
+ -- Adam Conrad Mon, 30 Aug 2004 17:40:47 -0600
+
+apache2 (2.0.50-11) unstable; urgency=high
+
+ * Add two patches from upstream to address two vulnerabilities in mod_ssl:
+ - CAN-2004-0748 is a potential infinite loop in the SSL input filter
+ which can be triggered by an aborted connection.
+ - CAN-2004-0751 is a potential segfault in the SSL input filter which
+ can be triggered by the response to request which is proxied to a
+ remote SSL server.
+ * Changed the ownership of /var/cache/apache2 to allow mod_proxy to
+ actually cache files (closes: #264622)
+ * Added a patch from upstream to make mod_autoindex skip over files that
+ it can't stat() (closes: #264645)
+ * New installations now get an /etc/default/apache2 file with a moderately
+ informative comment, and the default set sanely (closes: #263515)
+ * Added a patch from upstream to make APR stop creating directories with
+ the sticky bit set (closes: #266198)
+ * Remove the bogus "-e" from the echo that creates httpd.conf, so people
+ installing with ash/dash don't get a broken file (closes: #267693)
+
+ -- Adam Conrad Mon, 23 Aug 2004 19:25:50 -0600
+
+apache2 (2.0.50-10) unstable; urgency=high
+
+ * Roll back the libapr0 ABI changes introduced in 2.0.50-9. We were
+ hopeful that we could hunt down and fix any fallout from this change
+ before release, and we were, apparently, wrong.
+ (closes: #266211, #266145, #266165, #266330, #266230, #266279, #266736)
+
+ -- Adam Conrad Thu, 19 Aug 2004 03:46:11 -0600
+
+apache2 (2.0.50-9) unstable; urgency=medium
+
+ * Enable LFS properly. (Closes: #264645, #244897)
+ - Added 023_largefiles_upstream_fixes which makes the upstream configure
+ script a bit smarter and fixes some misuses of size_t/off_t.
+ - Added 024_largefiles_debian_hacks which adds some hideous hackery to
+ work around a bug in glibc where sendfile64 is used in place of sendfile
+ with no fallback even if the current kernel doesn't support it.
+ - Add note to README.Debian noting that while we can now read, write, and
+ list large files, SERVING large files is kernel-dependant.
+ * Bump libapr0 shlibs to (>= 2.0.50-9), since we're introducing
+ some serious ABI breakage with the above changes.
+ * Fix up the PATH in apache2's init script to list /usr/local, /usr, /
+ in the standard order.
+ * Change misleading return messages for a2{en,dis}mod, to reflect
+ the reality that some modules just won't load/unload properly
+ without a full stop/start server cycle.
+
+ -- Adam Conrad Sun, 15 Aug 2004 07:41:19 -0600
+
+apache2 (2.0.50-8) unstable; urgency=high
+
+ * Ensure we link against the correct version of DB42
+
+ -- Thom May Mon, 9 Aug 2004 14:37:38 +0100
+
+apache2 (2.0.50-7) unstable; urgency=high
+
+ * Fix up linking of apr-util (Closes: #262009)
+
+ -- Thom May Tue, 3 Aug 2004 12:42:53 +0100
+
+apache2 (2.0.50-6) unstable; urgency=high
+
+ * use 'env -i' rather than trying to parse env (Closes: #261558, #258713)
+ * revert to old build process (Closes: #260756, #259693)
+ * Reflect changes in ssl setup - Thanks, Björn Wiberg (Closes: #259414)
+ * Remove userdir config from main config file (Closes: #260058)
+
+ -- Thom May Tue, 27 Jul 2004 10:31:46 +0100
+
+apache2 (2.0.50-5) unstable; urgency=high
+
+ * Add necessary suexec information to central build
+ (Closes: #258453, #258772)
+ * Exclude lines starting with a space from removal from the env
+ (Closes: #258713)
+
+ -- Thom May Mon, 12 Jul 2004 17:30:59 +0100
+
+apache2 (2.0.50-4) unstable; urgency=high
+
+ * Fix dependencies so the MPMs don't conflict with the metapackages *g*
+ Thanks to Adam Conrad for this catch
+
+ -- Thom May Fri, 9 Jul 2004 00:55:19 +0100
+
+apache2 (2.0.50-3) unstable; urgency=high
+
+ * Brown paper bag of epic proportion. Build all mpms with the proper
+ collection of libraries. (Closes: #258217, #258202)
+ * Clean up environment (Closes: #241579)
+ * Clarify prefork description (Closes: #252918)
+ * Make apache2-default/manual DTRT (Closes: #244847)
+ * Note that we don't ship INSTALL or README.platforms (Closes: #232956)
+
+ -- Thom May Thu, 8 Jul 2004 16:04:31 +0100
+
+apache2 (2.0.50-2) unstable; urgency=high
+
+ * Make a2enmod a bit more robust (Closes: #258149, #258145)
+ * Should really be urgency=high to get into testing quick
+
+ -- Thom May Wed, 7 Jul 2004 23:03:36 +0100
+
+apache2 (2.0.50-1) unstable; urgency=medium
+
+ * New upstream release, fixes [CAN-2004-0493] and [CAN-2004-0488]
+ * The "I can't believe you're late to your own raid" release
+ * Check whether verbose is on or off in rcS's config (Closes: #242351)
+ * Add an apache2 metapackage (Closes: #234955)
+ * Specifically disable /~root (Closes: #246139)
+ * Stop the daemon in prerm (Closes: #245488)
+ * Redirect /doc/apache2-doc/manual to /manual so the correct magic happens
+ (Closes: #248038)
+ * Update SSL config to current upstream (Closes: #234591,#231147)
+ * No longer install default cgis - they're already shipped in -doc as
+ examples. (Closes: #231665)
+ * Tighten regex for Include (Closes: #234489)
+ * Remove ext-filter.load since we ship ext_filter.load too (Closes: #249268)
+ * Enable userdir as a shared module (Closes: #251102, #246134)
+ * OSKURO SUCKS (otherwise known as: not a bug) (Closes: #208569)
+ * Create /var/lib/apache2 (Closes: #242169)
+ * Remove 'AddDefaultCharset' line from apache2.conf (Suggestion from Marco
+ D'Itri)
+
+ -- Thom May Tue, 6 Jul 2004 18:45:35 +0100
+
+apache2 (2.0.49-1) unstable; urgency=high
+
+ * New Upstream release. (Closes: #240100)
+ * Add missing $ to init-script (closes: #240301)
+ * Provides: httpd-cgi in reference to #117916
+
+ -- Thom May Sun, 4 Apr 2004 11:32:20 +0100
+
+apache2 (2.0.48-8) unstable; urgency=low
+
+ * Fix typo in debian/rules (closes: #230760)
+ * Added patch 021-pcre_mangle_symbols.patch (closes: #235810)
+ * Fixed typo in the init scripts (closes: #230263)
+ * Changed a bunch of mv's to cp's in rules (closes: #228840)
+ * Change mime_magic to use magic from libmagic1 (closes: #236509)
+ * Disable ssl-cert until it sucks less. related to 230791 (closes: #231726)
+ * update descriptions (closes: #234543, #234538, #234542)
+ * Nuke /etc/vhosts and all associated cruft (closes: #235029)
+
+ -- Thom May Mon, 2 Feb 2004 12:47:10 +0000
+
+apache2 (2.0.48-7) unstable; urgency=low
+
+ * Brown paper bag release. Refix the nonfixed libapr0 which built
+ without linking information.
+
+ -- Tollef Fog Heen Fri, 30 Jan 2004 18:25:12 +0100
+
+apache2 (2.0.48-6) unstable; urgency=low
+
+ * Build-Conflict with gdbm (closes: #230226, #230175, #204672)
+
+ -- Tollef Fog Heen Fri, 30 Jan 2004 12:24:09 +0100
+
+apache2 (2.0.48-5) unstable; urgency=low
+
+ * (Daniel Stone)
+ - Bump Standards-Version to 3.6.1.0.
+ - init-script: Print a small warning when NO_START=1. (closes: #178431)
+ - default site: Enable FollowSymLinks. (closes: #200829)
+ * (Thom May)
+ - Permanently kill the ErrorLog directive from ssl.conf
+ - Call ssl-cert to generate an SSL cert using debconf (closes: #178322)
+ - Allow /usr/share/doc/ to be viewable from localhost (closes: #222551)
+ - Set the default DocumentRoot to be /var/www (closes: #222552)
+ - Change where the init script is installed to (Closes: #223417)
+ - Upgrade to DB4.2
+ * (Tollef Fog Heen)
+ - handle building out of the SVN checkout.
+
+ -- Tollef Fog Heen Wed, 28 Jan 2004 00:13:13 +0100
+
+apache2 (2.0.48-4) unstable; urgency=medium
+
+ * (Daniel Stone)
+ - Change apache2-threaded-dev's Conflicts from apache2-perfork-dev to
+ apache2-prefork-dev. Learn how to type, dude (thanks to Grzegorz
+ Prokopski for spotting this one).
+
+ -- Daniel Stone Mon, 17 Nov 2003 12:00:11 +1100
+
+apache2 (2.0.48-3) unstable; urgency=medium
+
+ * Grmmp. stuffed the upload
+
+ -- Thom May Wed, 12 Nov 2003 18:18:54 +0000
+
+apache2 (2.0.48-2) unstable; urgency=high
+
+ * (Thom May)
+ - Fix locking busted by NPTL (Closes: #220299)
+ - Fix IPv6 weirdness (thanks to Jordi/Fabio) (Closes: #220334)
+
+ -- Thom May Wed, 12 Nov 2003 13:04:04 +0000
+
+apache2 (2.0.48-1) unstable; urgency=low
+
+ * (Thom May)
+ - New Upstream Release (Closes: #202094)
+ - Fix i18n autonegotiation for the manual (Closes: #201648)
+ - Add deb.{gif,png} (Closes: #199454)
+ - Explicitly link against libdl (Closes: #195968)
+ - Add dependency on ssl-cert (Closes: #177837)
+ - Take preventative action against SCTP
+ - Add apache2-prefork-dev to work around PHP.
+ - Shut Oskuro up - startup time changed to 91 (Closes: #208569)
+ - Install README.etc into apache2-common's doc dir
+ (Closes: #208751,#177941)
+ - Auth_LDAP loads mod_ldap as well. (Closes: #217795)
+ - Make sure /var/lock/apache2 has correct ownership (Closes: #206375)
+ - Fix for SSL enabled virtual hosts (Closes: #202925)
+ - Steal new apr_threads.m4 from upstream to deal with -lpthread better
+ (Closes: #197685)
+ * (Fabio M. Di Nitto)
+ - Fixed init script (Closes: #203093)
+
+ -- Thom May Sat, 16 Aug 2003 00:13:20 +0100
+
+apache2 (2.0.47-2) unstable; urgency=low
+
+ * Move dav.conf to dav_fs.conf (Closes: #201530)
+ * Fix the manual, and only ship it once. (Closes: #201648)
+ * Enable SymLinksIfOwnerMatch for cgi-bin (Closes: #200829)
+
+ -- Thom May Wed, 16 Jul 2003 10:24:28 +0100
+
+apache2 (2.0.47-1) unstable; urgency=high
+
+ * New Upstream Release. Bunch of security fixes (Closes: #200593)
+ * Add asis.load, auth_ldap.load, cache.load, dav_fs.load, disk_cache.load,
+ ext_filter.load, file_cache.load, imap.load, ldap.load, mem_cache.load,
+ include.load (Closes: #197152, #198389, #196115)
+ Note that dav_fs was previously loaded by dav.load, and is now broken out
+ into a seperate file.
+ * Patch apxs2 to use datadir rather than prefix for top_builddir.
+ (Closes: #198607)
+ * Kill a couple of pointless conflicts. (Closes: #197242)
+ * Change suexec docroot from /var/www/apache2-default to /var/www
+ (Closes: #198981)
+ * Make sure we use Expat rather than xmltok (Closes: #197020)
+ * Ship find_ap{r,u}.m4 (per Nuutti Kotivuori)
+
+ -- Thom May Fri, 4 Jul 2003 13:40:37 +0100
+
+apache2 (2.0.46-3) unstable; urgency=low
+
+ * Clean up the proxy config although it's not enabled by default.
+ (Closes: #195187)
+ * Remove all traces of gdbm. (Closes: #196231)
+ * Re-enable ldap support (Closes: #190092)
+ * This changelog should be policy compliant. Any whingers can take a long
+ hike off a short pier.
+ * use printf rather than echo to work round weird shells. (Closes: #196230)
+
+ -- Thom May Thu, 5 Jun 2003 19:26:21 +0100
+
+apache2 (2.0.46-2) unstable; urgency=critical
+
+ * Fix config_vars.mk creation and installation (Closes: #195141, #195190)
+
+ -- Thom May Thu, 29 May 2003 11:47:13 +0100
+
+apache2 (2.0.46-1) unstable; urgency=critical
+
+ * The "David Welton is my hero" release
+ * New upstream release, numerous security vulns fixed.
+ * Oh the pain.
+ * Move ScriptSocket to /var/run/apache2 (Closes: #188655)
+ * Restore mod_include (Closes: #188483)
+ * Move the virtual hosts config to the end of the config file
+ (Closes: #188584)
+ * Add Mod-Ext-Filter (Closes: #182770)
+ * Add actions.load (Closes: #178087, #179571, #181527)
+ * Add a dependency on net-tool (Closes: #190663)
+ * Clean up FHS compliancy and fix up a typo in apachectl (Closes: #187723)
+ * Fix for the apxs -q APR_BINDIR doesn't work problem (Closes: #188278)
+ * Special case the install of special.mk (Closes: #179776)
+ * Make apache2-dev and apache-dev not conflict. (This renames apxs back to
+ apxs2)
+ * Add README for /etc/apache2 written by David.
+ * Add auth_digest.load courtesy of Amelia A Lewis
+ (Closes: #194111)
+
+ -- Thom May Wed, 28 May 2003 14:17:21 +0100
+
+apache2 (2.0.45-3) unstable; urgency=critical
+
+ * another "stupid freaking sasl" release. the series is on!
+
+ -- Thom May Tue, 8 Apr 2003 17:13:09 +0100
+
+apache2 (2.0.45-2) unstable; urgency=critical
+
+ * the "stupid freaking sasl" release.
+ * fix override disparities too.
+ * fix dulpicate dependency on libssl0.9.7 (Closes: #179598)
+
+ -- Thom May Tue, 8 Apr 2003 13:34:44 +0100
+
+apache2 (2.0.45-1) unstable; urgency=critical
+
+ * New upstream release (Closes: #187502)
+ * Fix korean language type, thanks to Donggyoo Lee
+ (Closes: #179542)
+ * Add explicit dependency to libsasl-dev (Closes: #179674)
+ * Remove ErrorLog from ssl.conf
+ * forward ported patches courtesy of Roberto Moreda ; big
+ thanks!
+
+ -- Thom May Sat, 5 Apr 2003 14:35:58 +0100
+
+apache2 (2.0.44-6) unstable; urgency=low
+
+ * Make APR's postinst idempotent (Closes: #178105, #178141)
+ * Make Apache2-common's postinst non interactive (Closes: #178551)
+ * People filing bugs after they're fixed should be shot (Closes: #178244)
+ * Build Logio into the core, apparently.
+
+ -- Thom May Mon, 27 Jan 2003 20:47:28 +0000
+
+apache2 (2.0.44-5) unstable; urgency=low
+
+ * The "someone should take my compiler away from me" release
+ * Depend on openssl as well. Grrr. (Closes: #177985)
+ * Clean up the last of the section mismatches
+
+ -- Thom May Thu, 23 Jan 2003 15:04:20 +0000
+
+apache2 (2.0.44-4) unstable; urgency=low
+
+ * The "going for broke" release.
+ * Enable Logio, suggested by Roberto Moreda
+ * Stop force loading of cgi modules. (until we can do it cleanly)
+ (Closes: #177876, #177795)
+ * Restore symlink for libapr.so.0 (Closes: #177792)
+ * Apache2-common must depend on libssl0.9.7 (Closes: #177845)
+ * Rename ssl-certificate so we don't conflict with apache-ssl
+ (Closes: #177881)
+ * Only create the certificate if it's not there already (Duh!)
+
+ -- Thom May Wed, 22 Jan 2003 09:59:11 +0000
+
+apache2 (2.0.44-3) unstable; urgency=low
+
+ * The "This one goes out wearing a brown paper bag" release
+ * Fix apxs to correctly return the header locations (Closes: #177729)
+
+ -- Thom May Tue, 21 Jan 2003 16:35:14 +0000
+
+apache2 (2.0.44-2) unstable; urgency=low
+
+ * The "Ooops, I did it again" release
+ * Fixup of sections and priorities.
+ * Add dependency of libldap2-dev to libapr0-dev
+ * Correct dependencies to be db4.1 not db4.0
+
+ -- Thom May Tue, 21 Jan 2003 13:26:57 +0000
+
+apache2 (2.0.44-1) unstable; urgency=low
+
+ * Conform to 10.4 of policy re init scripts, (Closes: #165693)
+ * Be more selective about filenames when doing Include
+ Patch - 008_make_include_safe (Closes: #161512)
+ * Make HTMLTable validate, and add a note recommending its use.
+ (Patch submitted upstream and will be in 2.0.44)
+ Patch - 010_fix_html_table (Closes: #153593)
+ * Make apr have correct library versioning
+ Patch committed upstream
+ Patch - 011_make_apr_versioned (Closes: #162775)
+ * Placed packaging code under subversion change management
+ http://svn.positive-internet.com/svn/apache2/trunk
+ * Changed some bash scripts to use #!/bin/bash rather than #!/bin/sh
+ (Closes: #168338)
+ * Changed apache2-common to merely suggest apache2-doc (Closes: #167595)
+ * Patch from David Kimdon to clean up debian/scripts/*
+ * Rename apxs2 to apxs; conflict with apache-dev (Closes: #167550)
+ * Upstream fix for AllowOverride documentation (Closes: #169431)
+ * Tighter build dependency on debhelper (Closes: #170803)
+ * Only reload in logrotate if apache2 is actually running (Closes: #171095)
+ * Upstream Fix for AddOutputFilterByType documentation (Closes: #172294)
+ * Add robots.txt to apache2-common (Closes: #172592)
+ * Enable cgi in postinst (Closes: #168709)
+ * Create an SSL Certificate on install (Closes: #168109)
+ * Fix a couple of typos in debian/ssl-certificate, with thanks to Nuutti
+ Kotivuori
+ * Change to restart rather than reload in logrotate, to work round a nasty
+ PHP bug (PHP has bugs? *gasp* I thought it was perfect!) with thanks to
+ Adam Conrad for the suggestion
+ * Clarify what needs to be installed for a working system (Thanks to Sean
+ Abrahams)
+ * Support debug DEB_BUILD_OPTIONS setting, thanks to Karl Hegbloom
+ (Closes: #174221)
+ * Add -pipe to the CFLAGS, thanks to Karl Hegbloom
+ * Force apr-util to build against db4
+ * add OSX finder to the list of things that needs to be redirect-carefully'd
+ * s/enabled/disabled in debian/a2-scripts/a2dismod (Closes: #173956)
+ * enable auth-ldap, auth-anon, auth-dbm, auth-digest, and action as shared
+ modules (Closes: #172044, #174583, #172093)
+ * Upgrade to Berkely DB 4.1
+ * Upgrade to OpenSSL 0.9.7
+ * Add patch to ensure DB4.1 --with-unique-names is picked up. (Committed
+ upstream)
+ * Add local apache2 and apache2ctl manpages, since upstream have removed
+ them.
+
+ -- Thom May Mon, 20 Jan 2003 11:14:43 +0000
+
+apache2 (2.0.43-1) unstable; urgency=medium
+
+ * New Upstream Release; Fixes: CVE: CAN-2002-0840 CERT: VU#240329
+ * Add extra config to unfuck perchild. hopefully.
+ * Rejig Proxy Config some. With thanks to: Emmanuel Chantreau (Closes: #163124)
+ * Fix cgi install. Thanks to: Bastian Kleineidam (Closes: #162791)
+ * Fix postinst to check installation type and behave accordingly (Closes: #162627)
+ * Bring product version into line with RFC2616 (Closes: #151384)
+ * Add allow line for ipv6 localhost (Closes: #163533)
+ * Make more of the modules modular.
+ * Set UseCanonicalName off
+ * Added index.xhtml to DirectoryIndex settings
+ * Enabled MultiViews in the default site, and for the manual (Closes: #160367)
+ * Removed Unnecessary cgi.conf (Closes: #163842)
+
+ -- Thom May Fri, 4 Oct 2002 21:47:18 +0100
+
+apache2 (2.0.42-2) unstable; urgency=low
+
+ * Tighten dependencies yet more
+ * Restart in postinst. don't stop in prerm and start in postinst (Closes: #162344, #162350, #162537)
+ * Fix dh_shlibdeps up
+ * PERCHILD IS NOT WORKING IN THIS RELEASE. DON'T EXPECT IT TO. BUGS ABOUT
+ THIS WILL BE CLOSED WITH EXTREME PREJUDICE.
+
+ -- Thom May Fri, 27 Sep 2002 13:06:59 +0100
+
+apache2 (2.0.42-1) unstable; urgency=low
+
+ * "Pretty. What shall we blow up?"
+ * New Upstream Version (Closes: #160364)
+ * Fix man names and sections (Closes: #157113)
+ * Correct the regex for netstat checking of ports, thanks to Matthew Hambley
+ for this.
+ * Correct dependencies for apache2-common. (Closes: #161793)
+ * Applied patch from Stefan Gybas to fix a2enmod (Closes: #159459)
+ * Added BrowserMatch directives for microsoft's bodgy DAV implementations
+ and also for gnome-vfs (Closes: #155097)
+ * Loosened the config for home directories (Closes: #153599)
+ * Updated to latest standards version
+ * Drop priority to extra to bring it in line with libdb4.0
+ * Added logrotate script - Thanks to Phil Edwards for the basic version, and
+ the apache package that I ripped the rest off from (Closes: #155488)
+ * Tighten up what the Include lines load some. This is related to #161512
+ but doesn't completely close it.
+
+ -- Thom May Sat, 21 Sep 2002 22:14:22 +0100
+
+apache2 (2.0.40-1) unstable; urgency=low
+
+ * New Upstream Version
+ * Correct dependencies. (Closes: #156959)
+ * Code to check for something else listening on 80 (Closes: #156129)
+ * correct permissions on suexec2 man page (Closes: #157005)
+ * Make the start and stop targets use apache2 directly rather than
+ apache2ctl.
+ * Check for the existence of apache2 and exit if it's not there (Closes: #156640)
+ * Nuke ssl_scache on startup (Closes: #157445)
+ * patch apxs to not need an mpm installed. Correct dependencies for -dev.
+ Stop messing around with ap_config_auto.h.
+ This hopefully resolves James Troup's objections to apache2. (Closes: #157895)
+ * Add code to check for a 2.2 based kernel and set up the Scoreboard
+ accordingly. (Closes: #156899)
+ * make sure i only have to update one init.d script, rather than 4.
+ * make apxs return a correctly formatted response on queries.
+
+ -- Thom May Wed, 21 Aug 2002 14:21:14 +0100
+
+apache2 (2.0.39+cvs.1028741220-2) unstable; urgency=low
+
+ * Rebuild against new libc6. Grr. (Closes: #155865)
+ * Actually create /etc/apache2/httpd.conf
+ * Propagate init.d changes through the other MPMs.
+
+ -- Thom May Thu, 8 Aug 2002 09:19:49 +0100
+
+apache2 (2.0.39+cvs.1028741220-1) unstable; urgency=low
+
+ * New Upstream Version
+ * Make a versioned depends on libapr0 (Closes: #154879, #155400)
+ * Ensure that /etc/init.d/apache2 is registered properly.
+ * Added a conf.d directory for random conf snippets
+ * Ensure that the /manual/ alias is setup by the correct package (Closes: #155179)
+ * Ensure that DAVLockDB is created in the right directory (Closes: #155096)
+ * Now Building in a pbuilder chroot environment.
+ * Perchild is now pseudo working (Closes: #154148)
+ * Cumulatively (note to Lazarus Long: this means all the things in this
+ changelog added together) (Closes: #155297, #155307, #155317, #155717, #155363, #155719, #155801)
+ * Note that preceeding changelog entry may not be parseable by strict grammar
+ checks. Thanks to Jamie Wilkinson for pointing this out.
+ * Turn MultiViews back on for the default site (Closes: #155450)
+ checks. Thanks to Jamie Wilkinson for pointing this out.
+ * Turn MultiViews back on for the default site (Closes: #155450)
+ * Removed all CVS directories (Closes: #155602, #155393, #155402)
+ * SSI has been fixed upstream (Closes: #151744)
+ * Removed SSLLog directives (Closes: #152940)
+ * Put icons in the right place (Closes: #155178)
+ * Fixed build-dep on libgdbmg1-dev (Closes: #155412)
+ * Get correct information into config_vars.mk (Closes: #151712)
+ * Removed 'ServerName localhost' line (Closes: #155359)
+ * Placed apr-util headers in correct package
+ * Ensured that the init.d script restarts apache properly
+
+ -- Thom May Tue, 30 Jul 2002 22:37:52 +0100
+
+apache2 (2.0.39+cvs.1027964860-1) unstable; urgency=low
+
+ * New Upstream Source
+ * Correct Icons path (Closes: #151314)
+ * Add missing dep on mime-support (Closes: #151848, #152220, #152221, #151772)
+ * Fixup suexec2, thanks to Masahito Omote (Closes: #151422)
+ * Mark Brown
+ - Remove spurious claim that apache2 hasn't been uploaded (Closes: #151433)
+ - Bring apache2 in line with policy on /usr/share/doc/ (Closes: #151459)
+ - Make reload behave the same as force-reload (Closes: #151432)
+ * place the manual in the right place, thanks to Md (Closes: #151766)
+ * David Kimdon
+ - add build depends on zlib1g-dev (Closes: #151286)
+
+ -- Thom May Fri, 29 Jul 2002 19:12:56 +0100
+
+apache2 (2.0.39-1) unstable; urgency=low
+
+ * New Upstream Version, fixing a denial of service attack.
+ * Fix installation of icons and manual.
+ * David Kimdon
+ - fix path for envvars in apxs2
+ - use generalized directives in ssl.conf ( SSLLog -> ErrorLog,
+ SSLLogLevel -> LogLevel ), this allows server to load ssl
+ module
+
+ -- Thom May Fri, 14 Jun 2002 17:29:59 -0700
+
+apache2 (2.0.37-2) unstable; urgency=low
+
+ * Updated Copyright file to actually contain a copy of the various licenses.
+
+ -- Thom May Fri, 14 Jun 2002 15:41:41 +0100
+
+apache2 (2.0.37-1) unstable; urgency=low
+
+ * New upstream version
+
+ -- Thom May Thu, 13 Jun 2002 17:47:12 +0100
+
+apache2 (2.0.37+cvs.JCW_PRE2_2037-1) unstable; urgency=low
+ * New upstream release
+ -- Thom May Wed, 5 Jun 2002 12:42:34 +0100
+
+apache2 (2.0.36-2) unstable; urgency=low
+
+ * debian/control - Correct provides, conflicts and depends, especially for
+ the mpms.
+ * build-dep doesn't work with provides, which makes sense. Need to make a
+ note of this in the policy.
+ * debian/rules - ensure that the mpm specific header file is installed into
+ the right place
+
+ -- Thom May Fri, 31 May 2002 14:54:39 +0100
+
+apache2 (2.0.36-1) unstable; urgency=low
+
+ * The "The obviously begging in a changelog works" release.
+ * New Upstream release
+ * Vpath Builds now work, giving the ability to select which MPM you require
+ * Changed vhost base to only be a Recommends: as I'm not happy that it's
+ currently in a properly releasable state.
+ * New enhost script courtesy of DannyS.
+ * David Kimdon
+ - make apxs2 find envvars properly
+ - use libtool to install apache2 binaries for different mpm's
+ - fix dependancies for apache2-dev (we can't do a versioned 'Provides'
+ so we need to list all the packages that provide apache2 along
+ with their version)
+ * Implemented a long overdue suggestion to only create ports.conf if it's
+ not in existance already, rather than to add a command to listen on 80 iff
+ that didn't exist. The person who suggested it is lost in the mists of my
+ mailbox. If it was you, please email me!
+ * debian/vhost-base/add.d/apache2 - apply patch from "Omniflux"
+ to fix some brainos
+
+ -- Thom May Mon, 6 May 2002 16:39:18 +0100
+
+apache2 (2.0.35+cvs.20020420-1) unstable; urgency=low
+
+ * The "finding myself standing on the corner staring into a different world"
+ release. Will someone please give me a job?
+ * Resync with upstream CVS. lots and lots of bug fixes since the last
+ release.
+ * Attempting to build with multiple MPMs, so speedfreaks can have a threaded
+ MPM. (Available MPMs are: prefork, worker, threadpool, and
+ leader/follower).
+ * Now sedding ap{r,u}-config in the install target.
+ * vpath build evilness suggested by Andrew Suffield and others. I hate them
+ all. :)
+
+ -- Thom May Sat, 20 Apr 2002 17:04:46 +0100
+
+apache2 (2.0.35-2) unstable; urgency=low
+
+ * The "Apache2 isn't released, therefore the Bug Tracking System doesn't
+ bloody well work" release
+ * Fixes a bug in add host, due to the change from Port to Listen.
+ (Reported by numerous people, patch more or less from Esteve Fernandez
+ .
+ * Attempt to fix apu-config, suggestion and patch from David Kimdon, if it's
+ wrong, I broke it. (Changed it to apply pre-build, rather than post build.
+ Yes, it's the lazy approach. It's also the right one :) )
+ * THE BUG TRACKING SYSTEM IS NOT THE RIGHT PLACE TO SEND BUG REPORTS FOR
+ APACHE2.
+ * REALLY.
+
+ -- Thom May Sat, 6 Apr 2002 21:04:16 +0100
+
+apache2 (2.0.35-1) unstable; urgency=low
+
+ * WOOOOOOOOOOOHOOOOOOOOO! Apache2's first General Availability release!
+ * Various bug fixes, suggestions and so on.
+ * Built with db3 for the time being.
+
+ -- Thom May Sat, 6 Apr 2002 03:01:24 +0100
+
+apache2 (2.0.34+retag-1) unstable; urgency=low
+
+ * Resync with upstream release.
+ * Fix packaging-fus (Hi Marcello!)
+ * Upstream have fixed cgi probs.
+
+ -- Thom May Mon, 1 Apr 2002 14:50:12 +0100
+
+apache2 (2.0.34-1) unstable; urgency=low
+
+ * New upstream release
+ * added mod_deflate as a shared library
+ * bashed on apache2.conf some.
+
+ -- Thom May Tue, 26 Mar 2002 23:23:09 +0000
+
+apache2 (2.0.33-1) unstable; urgency=low
+
+ * New upstream.
+ * Unfucked all code, include init.d and /etc/vhosts.
+ * FHS'ified, more or less
+ * Some debconf, but not much.
+ * Merged more patches upstream
+
+ -- Thom May Sat, 9 Mar 2002 23:33:09 +0000
+
+apache2 (2.0.32+cvs.20020228-1) unstable; urgency=low
+
+ * The "bathwater, no baby" release.
+ * Submitted patches upstream like crazy.
+ * Tossed the insanely bogus apachectl patch
+ * Debconf not included here. Want to get everything else right, and a
+ release out.
+ * Boom!
+
+ -- Thom May Thu, 28 Feb 2002 21:07:24 +0000
+
+apache2 (2.0.32-1) unstable; urgency=low
+
+ * The "Throwing stuff away like mad and seeing if it still builds" release.
+ * Ditched apache2-modules* on the principle of least surprise - the deb
+ layouts now pretty closely follow apache.
+ * Trying to triage away patches that have been fixed upstream.
+ * Major attack on debconfiscation starts here -> .
+
+ -- Thom May Tue, 19 Feb 2002 20:37:58 +0000
+
+apache2 (2.0.31+cvs.20020217-1) unstable; urgency=low
+
+ * New CVS snapshot from HEAD to benefit Subversion for the impending 0.9
+ release. Enjoy! 81 lines in the last couple of days ... :)
+ * debian/patches/005_more_hardcoded_paths:
+ - Regenerated diff against newer version of mpm_default.h.
+ * debian/patches/008_apr-config_sucks
+ - Regenerated apr-util part of diff against newer version of
+ apu-config.in.
+ * debian/apache2.{config,templates,postinst},
+ debian/vhost-base/add.d/apache2,
+ debian/vhost-base/templates.d/apache2{,.in}, debian/rules:
+ - Debconfage asking which port to run on, and make the vhost-base script
+ only list the current ports; ports stuff moved to
+ /etc/apache2/ports.conf - re-enable dh_installdebconf in debian/rules.
+ - Moved templates.d/apache2 to templates.d/apache2.in so we can do some
+ nifty inplace regexps.
+ * debian/apache2.init.d:
+ - Bail out of the init script if there aren't any sites enabled.
+ * debian/{rules,control}:
+ - Get rid of apache2-modules; move its contents to apache2.
+ * debian/config-mods/cgid.conf:
+ - Get rid of redundant wrapper around ScriptSock, so it
+ actually loads. Thanks to Pieter "Pitr" Jansen for this one.
+
+ -- Daniel Stone Sun, 17 Feb 2002 01:23:43 +1100
+
+apache2 (2.0.31+cvs.20020207-1) unstable; urgency=low
+
+ * The one-big-happy-apache2-bug-squashing-family release.
+ * Update to latest CVS; hopefully this won't mean that piro deadlocks every
+ time dpkg goes to read its database. Hopefully this gets rid of the bugs.
+ Yes, all of them.
+ * debian/patches/004a_srclib_layout_support:
+ - Updated a touch to fit in with .32-dev.
+ * debian/patches/008_stuff_in_sbin_not_bin:
+ - Removed; obsoleted by upstream discovering sanity.
+ * debian/patches/008_apr-config_sucks:
+ - Fix problem whereby @prefix@ would sub to $(prefix), but $(prefix)
+ wouldn't sub to the prefix, or ${prefix}, thus screwing up the running
+ of apr-config ... ditto for apu-config (from apr-util).
+ * debian/patches/009_apxs:
+ - Reworked to make it actually work, and apply cleanly.
+ - Fix libtool breakage once again, thanks David Kimdon.
+ * debian/patches/010_shmget:
+ - Hack to srclib/apr/apr.h.in to make it prefer shmget over everything
+ else, to make it 2.2/non-tmpfs safe. (Thanks Ben Collins).
+ * debian/patches/012_debian_version:
+ - Minor update (include a space in front of "Debian", change it to
+ "Debian GNU/Linux" to clarify things, and before the the Hurd [happy
+ now, you crack junkies?] people complain, it's not released as a Debian
+ port yet, so feh).
+ * debian/vhost-base/add.d/apache2:
+ - Change sites to sites-available, in line with the previous change.
+ * debian/config/mods-available:
+ - Move to debian/config-mods to make life easier with the move to
+ apache2-modules (see below).
+ * debian/config-mods/auth_dbm.load:
+ - New file, in line with introducing mod_auth_dbm; thanks again to David
+ Kimdon.
+ * debian/a2-scripts/a2{en,dis}mod:
+ - Rewritten to be much cleaner and cool. (Thanks to Ben Collins for
+ pointing out that the permissions were screwed).
+ * debian/apache2.postinst:
+ - New file, no #DEBHELPER# token so that we don't care if postinst fails;
+ this way it won't bail if you're already running another web server.
+ Thanks to David Kimdon for pointing out an error.
+ * debian/vhost-base/{enable,disable}.d/apache2:
+ - Fixed! Woot! The code isn't the best you'll see, but now *WORKS*. Whoo!
+ * debian/control:
+ - Extend libapr-dev's Depends to include libapr0 (duh).
+ - Remove apache2-modules-dev as modules are no longer built both shared
+ and static, IMHO this was quite braindead behavior. Upstream's change,
+ not mine.
+ - Remove apache2-support as apxs2 requred apache2 anyway. Chalk one (more)
+ down for "failed experiments".
+ - Removed redundant libssl0.9.6 and libxmltok1 build-deps; we already
+ build-depped on the relevant -dev packages; thanks Ben Collins.
+ * debian/rules:
+ - Modules are no longer built statically as well as dynamically (upstream
+ change), so stop trying to move the files around.
+ - Sort out the libapr0/libapr-dev mess once and for all; thanks to Matt
+ Wilcox and Ben Collins for patiently talking me through it.
+ - Move *contents* of mods-available to apache2-modules, but keep the
+ directory itself as part of apache2, to keep the addons happy; thanks
+ David Kimdon.
+ - s/apache2-support/apache2/, see debian/control entry.
+ - Remove extraneous LICENSE file from the vhost manual.
+ - Remove *.exp files, because they're unneeded.
+ * debian/apache2.docs:
+ - Remove KEYS from the list of docs because this is crap and no longer
+ distributed. w00t!
+
+ -- Daniel Stone Thu, 7 Feb 2002 20:39:44 +1100
+
+apache2 (2.0.28-3) unstable; urgency=low
+
+ * Enabled mod_auth_dbm for Subversion. (thanks David Kimdon).
+
+ -- Daniel Stone Thu, 29 Nov 2001 23:25:53 +1100
+
+apache2 (2.0.28-2) unstable; urgency=low
+
+ * Fixed up a couple of things,
+ /etc/apache2/modules->/etc/apache2/mods-available, etc.
+ * Included mod_dav, so Subversion can be built.
+ * New package: apache2-modules-dev, containing all
+ /usr/lib/apache2/modules/*a. (Thanks Adam Heath).
+ * Moved libapr.so.* symlinks to libapr-dev (Thanks again to doogie).
+
+ -- Daniel Stone Sun, 25 Nov 2001 19:00:19 +1100
+
+apache2 (2.0.28-1) unstable; urgency=low
+
+ * Updated to 2.0.28, which they actually managed to agree on calling a beta.
+ * debian/apache2.init.d:
+ - Stripped of almost all its functionality. Now just touches httpd.conf if
+ we're starting and it doesn't exist, and then calls apache2ctl with all
+ our options, whatever they may be - it can error out if it wants.
+ * Removed patches:
+ - 010_index.html.it_typo - merged upstream.
+ * Updated patches:
+ - 009_apxs: make it actually find libtool. Thanks to David Kimdon.
+ - 002_apache2ctl: really fix apache2ctl graceful.
+
+ -- Daniel Stone Sun, 18 Nov 2001 15:29:43 +1100
+
+apache2 (2.0.26+cvs.20011028-2) unstable; urgency=low
+
+ * Added vhost-base support.
+ - Removed Debconfage and moved all the templates to
+ debian/vhost-base/templates.d (/etc/vhosts/templates.d).
+ Removed apache2.postinst and apache2.config.
+ - Removed a2{dis,en}host.
+ * /usr/lib/cgi-bin will now be /cgi-bin, /var/vhosts/hostname/cgi-bin will be
+ /cgi-local.
+
+ -- Daniel Stone Fri, 9 Nov 2001 21:53:27 +1100
+
+apache2 (2.0.26+cvs.20011028-1) unstable; urgency=low
+
+ * Resync with HEAD (another coming to fix segfaults, but no net connectivity
+ at the moment - 4-11-2001, 2:12pm. Grrr).
+ * New patches:
+ - 011_mod_autoindex-symlink: make icons for symlinks to files and dirs
+ special cases.
+ + Touches modules/generators/mod_autoindex.c
+ + Special cases: ^^SYMDIR^^ and ^^SYMLINK^^.
+ - 012_debian_version: adds "Debian" to the Apache version string.
+ + Touches include/ap_release.h - this patch has *no* context. Please
+ don't give it any, I don't want to have to rediff every version.
+ * debian/config/httpd.conf, debian/config/apache2.conf:
+ - Move main config file to apache2.conf, made it much more bare-bones.
+ + User (or package) config should be done in httpd.conf.
+ * apache2.conf:
+ - s/Port/Listen/ - booya! Finally they cleaned it up.
+ - Add (commented-out) icon entries for ^^SYMDIR^^ and ^^SYMLINK^^.
+ Anyone volunteer to create icons?
+ * debian/apache2.postinst:
+ - Minor cleanups.
+ - And later: Made it just call ap2addhost --default. (and a2enhost).
+ * debian/config/modules/ssl.conf, debian/config/sites/default-443:
+ - Put only generic SSL stuff in ssl.conf, split SSL support out into
+ a new virtual host thingy in accordance with dealing with ports.
+ * debian/config/sites/default, debian/config/sites/default-443,
+ debian/patches/004b_debian_layout:
+ - Add a new alias /cgi-pub/ to /usr/lib/cgi-bin. Packages should put
+ scripts here.
+ * debian/control:
+ - changed the Suggests: on apache2-doc to a Recommends:
+ + otherwise /manual/ will be a broken alias, as it points to
+ /usr/share/doc/apache2-doc/manual.
+ - changed libapr-dev to Architecture: all (from Arch: any) - whoops.
+ * Added support for multiple ports on the one virtual host. At the moment
+ it's one gigantic, ugly, kludge. *sigh*. Format:
+ - /var/vhosts/site.name/htdocs-PORT
+ - /var/vhosts/site.name/logs/(access|error).log-PORT
+ - /var/vhosts/site.name/cgi-bin-PORT
+ * debian/apache2.postinst, debian/config/sites/default, etc:
+ - s#/var/www#/var/vhosts#;
+ - s#htdocs#htdocs-$PORT#;
+ * More Debconfage - it now asks if you want SSL support in the default
+ virtual host, and which port number you want (default 81 so it sits
+ side-by-side with apache).
+ * Major change to postinst, a2addhost, et al:
+ - It's all now done in Perl, and postinst is no longer a special case.
+ The standalones call Debconf for what they need to do, calling it as a
+ standalone. This way, postinst just calls a2addhost, etc, and it also
+ smooths the path for me to do the vhost-base stuff.
+ * No, this migration path probably won't be smooth (between apache2
+ versions). Sorry.
+ * Last release before I make it vhost-base compliant.
+
+ -- Daniel Stone Sun, 28 Oct 2001 20:33:18 +1100
+
+apache2 (2.0.26+cvs.20011023-1) unstable; urgency=low
+
+ * Damnit, resync with HEAD (2_0_26 was unstable).
+
+ -- Daniel Stone Tue, 23 Oct 2001 18:36:42 +1000
+
+apache2 (2.0.26-1) unstable; urgency=low
+
+ * Resync with upstream CVS (but only as far as the APACHE_2_0_26 tag).
+ Essentially, this gives all the coolness of a CVS tree, but all the
+ stability of a release. I may start tracking HEAD later, we'll just
+ have to see.
+ * Changed libapr->libapr0.
+ * Fixed a couple of typo's in index.html.it (thanks Md, via Joey).
+ * 22nd October, 7:51pm: Resync again as they added a couple of files
+ and bumped the tag to fix segfaults.
+
+ -- Daniel Stone Wed, 17 Oct 2001 23:50:39 +1000
+
+apache2 (2.0.25+cvs.20011001-1) unstable; urgency=low
+
+ * More CVS resyncing joy.
+ * Silly stupid evil poo bum hack to apachectl. I don't like this.
+ Please, help.
+ * Got rid of a few lintian warnings.
+ * Install build stuff to /etc/apache2/build, adjust apxs accordingly.
+ * Agreed on policy with madduck. This is a MAJOR CHANGE, people.
+ A lot of stuff has changed around, so you'll need to change your
+ packages.
+ apache2 now treats everything as a virtual host (even when you only
+ have one host). This allows us to skirt around FHS and do our own
+ thing. ("Thpthpthpthpthpthpt, we're using vhosts. FHS doesn't say
+ anything about that.")
+ Please see README.Debian for more details.
+ * More fun with virtual hosts. Migrated their configuration files to
+ /etc/apache2/virtuals/. This will allow for easy adding and
+ removal, via the new tools /usr/sbin/ap2(add|del)vh.
+ apache2's postinst touches /etc/apache2/POSTINST_CONFED, and will refuse
+ to re-run the postinst config stuff if it's there already.
+ * Module fun - /usr/sbin/ap2mod(en|dis). Modules put their loading line in
+ /etc/apache2/modules/foo.load, config in /etc/apache2/modules/foo.conf.
+ Enabled module stuff gets symlinked into /etc/apache2/mods-enabled.
+ * Move APR stuff to /usr/lib, not /usr/lib/libapr. Whoops, should've done
+ this a *long* *time* *ago*.
+ * More silly APR hacks: Move /usr/include/libapr to /usr/include/apache2, as
+ silly things like php4 don't get the fact that APR and apache2 can indeed
+ have different include directories. Grrr.
+ * Juggled script names - it's now a2(en|dis)(host|mod).
+ * I don't care, I'm uploading. No, really (closes: #103471).
+ It's been 93 days since I first did dh_make and ITPed it. :)
+
+ -- Daniel Stone Thu, 4 Oct 2001 20:15:31 +1000
+
+apache2 (2.0.25+cvs.20010923-1) unstable; urgency=low
+
+ * Another resync with upstream CVS; most of the changes below were made
+ between then and now.
+ * Also added apache2-support - everything from support/*, so php4, et al
+ don't need to Build-Depend on apache2 itself.
+
+ -- Daniel Stone Sun, 23 Sep 2001 13:21:16 +1000
+
+apache2 (2.0.25+cvs.20010908-1) unstable; urgency=low
+
+ * Synched everything with CVS; it works now.
+ * We now build with ./buildconf due to the above; redo all the patches
+ against configure.in. I swear this will be the last change, and that I'll
+ test it.
+ * Removed php4 and modperl-2.0 from the tree. I should keep the changelogs
+ internal, as this is now getting not only very silly, but very embarassing.
+ * I corrected myself in the ITP that it was licensed under the Apache
+ Software License, not GPLed, but forgot to do that in debian/copyright.
+ Whoops. Feel free to LART.
+ * Lintian cleanups:
+ - Remove extra LICENSE files.
+ - Stop stuff calling -rpath.
+ - Change printenv to call /usr/bin/perl, not /usr/local/bin/perl - wtf?
+ - Move manpages to the right directory.
+ * Minor merge from Thom courtesy of some stuff being stored on pandora:~thom.
+ - Use buildprogs.pl to parse stuff like apache2ctl, apxs2, etc.
+ * Hopefully I'm only one CVS sync away from an upload.
+ * Moved some stuff over to /usr/sbin, fixed apache2ctl once and for all.
+ Hopefully.
+
+ -- Daniel Stone Sun, 9 Sep 2001 00:05:03 +1000
+
+apache2 (2.0.24-2) unstable; urgency=low
+
+ * The "Farewell Buddha" Release.
+ * Or, alternatively: The "Darren Milburn is an Idiot for Inciting Crowds"
+ Release.
+ * Yes, it's the height of evil, I know: modperl-2.0 goes into the source
+ tree. (from CVS).
+ Separate tarballs, thanks to DBS, but still, yeah.
+ * Ditto php4.
+ * Still no Thom's laptop; hence no merges, and I'm not going to duplicate
+ work.
+
+ -- Daniel Stone Sun, 2 Sep 2001 21:50:59 +1000
+
+apache2 (2.0.24-1) unstable; urgency=low
+
+ * New upstream version.
+ * Use prefork, not threaded, MPM. (threaded is currently broken).
+ * Update example httpd.conf for mod_ssl and have lines for all the modules.
+ * Build-Depends, all the Build-Depends!
+ * Update maintainer email address (thanks Joey).
+ * Turns out using buildconf was what broke modules. I swear I won't do
+ anything like that again. Promise! (thanks Thom for pointing this out)
+ * Implied by the above, rediff all patches against configure, not
+ configure.in.
+ * Also, don't copy configure.{guess,sub} over anymore, because we don't need
+ them.
+ * More Thom merges:
+ - debian/patches/003_apache2ctl - rewritten apache2ctl to actually work.
+ * Return of debian/patches/006_dont_install_build_crap. GAH!
+
+ -- Daniel Stone Sat, 18 Aug 2001 17:01:19 +1000
+
+apache2 (2.0.23-2) unstable; urgency=low
+ * SSL finally works, and beat instructions on how to get it going out
+ of someone on new-httpd. Moved SSL stuff to apache2-modules.
+ * Disabled TLS, because it's unstable and unnecessary.
+ * Merge from Thom May's tree:
+ 005b_debian_layout - The Debian layout for stuff
+ - Move APR stuff to /usr/lib/libapr and /usr/include/libapr.
+ - Clean up debian/rules, largely thanks to the two new patches.
+ * General cleanups, resulting from running lintian:
+ - Chuck #DEBHELPER# in postinst, which also fixes the /usr/doc
+ and init.d problems (due to debhelper now doing its postinst
+ thing).
+ - Remove LICENSE files from apache2-doc and the default document
+ root.
+ - Remove man/ and build/ top-level dirs, install manpages correctly.
+ - Updated 004_perl_in_usr_bin to include the manual search CGI.
+ * Remove all evil, ugly, patches to configure in debian/patches/*, instead,
+ diff against configure.in, because autoconf gets run in the configure
+ stage every time.
+ * Copy config.{guess,sub} from /usr/share/misc (provided by autotools-dev) at
+ runtime, thus eliminating debian/patches/002_config_guess_and_sub.
+ * Reshuffled patch numbers to cope with the above.
+ * I give up on this DBM crap. Disable mod_auth_dbm for now.
+
+ -- Daniel Stone Wed, 15 Aug 2001 18:27:23 +1000
+
+apache2 (2.0.23-1) unstable; urgency=low
+
+ * New upstream - 2.0.23.
+ * New patches:
+ 004_conffile_in_etc_apache2 - Make an ugly init.d hack unnecessary.
+ 005_perl_in_usr_bin - Make example CGI scripts use /usr/bin/perl.
+ * Fix mime_magic stuff by copying magic to /etc/apache2.
+ * Remove debian/patches/003_cgisock_in_var_log_apache2, instead found a new
+ conffile directive, put this into the default distributed conffile.
+
+ -- Daniel Stone Sun, 12 Aug 2001 18:05:32 +1000
+
+apache2 (2.0.22-2) unstable; urgency=low
+
+ * Aargh, I'm an idiot. Fix a bug in mod_cgid.c that had a hardcoded path.
+ That's now debian/pactches/003*.
+
+ -- Daniel Stone Sat, 11 Aug 2001 08:04:13 +1000
+
+apache2 (2.0.22-1) unstable; urgency=low
+
+ * Updated to 2.0.22, started using a form of DBS.
+ * Merge from Thom May's 2.0.20 tree - new libapr-dev package.
+ * Backed out the old mod_(tls|ssl) hacks, see if 2.0.23 is any better
+ (apparently it is, thank god).
+
+ -- Daniel Stone Wed, 8 Aug 2001 15:13:09 +1000
+
+apache2 (2.0.20-2) unstable; urgency=low
+
+ * New SSL fixes from new-httpd. Apparently, this (generally) works.
+
+ -- Daniel Stone Fri, 13 Jul 2001 07:57:18 -0500
+
+apache2 (2.0.20-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Daniel Stone Mon, 9 Jul 2001 18:41:04 +1000
+
+apache2 (2.0.18-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Daniel Stone Wed, 4 Jul 2001 21:29:29 +1000
+
--- apache2-2.2.16.orig/debian/apache2.2-bin.manpages
+++ apache2-2.2.16/debian/apache2.2-bin.manpages
@@ -0,0 +1 @@
+debian/httxt2dbm.8
--- apache2-2.2.16.orig/debian/NEWS
+++ apache2-2.2.16/debian/NEWS
@@ -0,0 +1,154 @@
+apache2 (2.2.15-4) unstable; urgency=low
+
+ * Note to people using mod_proxy as forward proxy, i.e. with
+ 'ProxyRequests on':
+ This release disables the configuration in mods-available/proxy.conf
+ by default. You should verify that access control for proxy access
+ still works as intended. This is especially important if you have
+ your forward proxy configuration in a different configuration file
+ than proxy.conf.
+
+ -- Stefan Fritsch Mon, 19 Apr 2010 22:36:57 +0200
+
+apache2 (2.2.15-1) unstable; urgency=low
+
+ * This release adds and enables mod_reqtimeout, which limits the time
+ Apache waits for a client to send a complete request. This helps to
+ mitigate against certain denial of service attacks. In case of problems
+ with slow clients, the timeout values can be adjusted in
+ /etc/apache2/mods-available/reqtimeout.conf , or the module can be
+ disabled with "a2dismod reqtimeout".
+
+ -- Stefan Fritsch Sun, 07 Mar 2010 23:09:30 +0100
+
+apache2 (2.2.14-6) unstable; urgency=low
+
+ * Apache now uses the environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR,
+ and APACHE_LOG_DIR in the default configuration. If you have modified
+ /etc/apache2/envvars, make sure that these variables are set and exported.
+ * There is now some support for running multiple instances of Apache on the
+ same machine. See the documentation in /usr/share/doc/apache2.2-common for
+ details.
+
+ -- Stefan Fritsch Sun, 07 Feb 2010 13:56:59 +0100
+
+apache2 (2.2.13-2) unstable; urgency=high
+
+ * The new support for TLS Server Name Indication added in 2.2.12 causes
+ Apache to be stricter about certain misconfigurations involving name
+ based SSL virtual hosts. This may result in Apache refusing to start
+ with the logged error message:
+
+ Server should be SSL-aware but has no certificate configured
+ [Hint: SSLCertificateFile]
+
+ Up to 2.2.11, Apache accepted configurations where the necessary SSL
+ configuration statements were included in the first (default)
+ block but not in subsequent
+ blocks. Starting with 2.2.12, every VirtualHost block used with SSL must
+ contain the SSLEngine, SSLCertificateFile, and SSLCertificateKeyFile
+ directives (SSLCertificateKeyFile is optional in some cases).
+
+ When you encounter the above problem, the output of the command
+
+ egrep -ir '^[^#]*(sslcertificate|sslengine|virtualhost)' \
+ /etc/apache2/*conf* /etc/apache2/*enabled
+
+ may be useful to determine which VirtualHost sections need to be changed.
+
+ Also, formerly accidentially working constructs like
+
+
+
+ where one virtual host definition is used for both a non-ssl and a ssl
+ virtual host do not work anymore. You can achieve a similar effect with
+
+
+ Include /.../vhost.include
+
+
+ SSLEngine on
+ SSLCertificateFile ...
+ Include /.../vhost.include
+
+
+ -- Stefan Fritsch Wed, 16 Sep 2009 20:14:59 +0200
+
+apache2 (2.2.9-3) unstable; urgency=low
+
+ * The directive "NameVirtualHost *" has been changed to "NameVirtualHost
+ *:80". It has also been moved from sites-available/default to ports.conf.
+ This allows to ship a proper SSL default virtual host config in
+ sites-available/default-ssl, but it means that if you use several name
+ based virtual hosts:
+
+ - you will have to change to in your
+ name based virtual hosts
+
+ - you need to add more NameVirtualHost directives if you use other ports
+ than 80 with name based virtual hosts. You may also have to add these
+ ports to the default virtual host in /etc/apache2/sites-available/default
+ (like this: "").
+
+ If you prefer to revert to the old setup instead (and don't need the
+ default-ssl host), just change "NameVirtualHost *:80" back to
+ "NameVirtualHost *" in ports.conf and "" to
+ "" in sites-available/default.
+
+ * For mod_disk_cache, caching is again disabled in disk_cache.conf by
+ default. It usually makes more sense to enable this on a per-virtual host
+ basis.
+
+ -- Stefan Fritsch Mon, 30 Jun 2008 19:47:52 +0200
+
+apache2 (2.2.8-5) unstable; urgency=low
+
+ * The suexec helper program needed for mod_suexec is now shipped in a
+ separate package, apache2-suexec, which is not installed by default.
+ You need to install this package manually if you are using mod_suexec.
+
+ There is now also the apache2-suexec-custom package, which contains a
+ customizable version of suexec which can be used with different document
+ roots than /var/www.
+
+ -- Stefan Fritsch Sun, 04 May 2008 20:24:00 +0200
+
+apache2 (2.2.8-1) unstable; urgency=low
+
+ * The Apache User and Group and the PidFile path are now configured in
+ /etc/apache2/envvars, to make it easier to use them in scripts
+ (like the init and logrotate scripts, and apache2ctl).
+ If you have changed these settings from their default values, you need to
+ adjust /etc/apache2/envvars.
+ This also means that starting apache2 with "apache2 -k start" is no longer
+ possible, you have to use /etc/init.d/apache2 or apache2ctl.
+
+ -- Stefan Fritsch Tue, 15 Jan 2008 21:41:23 +0100
+
+apache2 (2.2.4-2) unstable; urgency=low
+
+ * This version introduces some changes in the configuration layout and
+ defaults. You will probably have to adjust your configuration accordingly.
+
+ - Module specific configuration has been moved from
+ /etc/apache2/apache2.conf to /etc/apache2/mods-available/*.conf for the
+ following modules:
+ actions alias autoindex
+ info mime negotiation
+ setenvif status
+
+ - AddDefaultCharset is again disabled by default. See
+ /etc/apache2/conf.d/charset
+
+ - "Listen 443" is automatically enabled in /etc/apache2/ports.conf if
+ mod_ssl is enabled.
+
+ * The NO_START functionality from /etc/default/apache2 has been removed. If
+ you don't want to start apache2 on boot, rename the S*apache2 start
+ symlinks as usual.
+
+ * To ensure that the disk cache does not grow indefinitely, htcacheclean is
+ now started when mod_disk_cache is enabled. The details can be configured
+ in /etc/default/apache2 .
+
+ -- Stefan Fritsch Mon, 09 Jul 2007 21:50:58 +0200
--- apache2-2.2.16.orig/debian/a2dismod.8
+++ apache2-2.2.16/debian/a2dismod.8
@@ -0,0 +1 @@
+.so man8/a2enmod.8
--- apache2-2.2.16.orig/debian/apachectl.8
+++ apache2-2.2.16/debian/apachectl.8
@@ -0,0 +1 @@
+.so man8/apache2ctl.8
--- apache2-2.2.16.orig/debian/control
+++ apache2-2.2.16/debian/control
@@ -0,0 +1,205 @@
+Source: apache2
+Section: httpd
+Priority: optional
+Maintainer: Ubuntu Developers
+XSBC-Original-Maintainer: Debian Apache Maintainers
+Uploaders: Tollef Fog Heen , Thom May , Adam Conrad , Peter Samuelson , Stefan Fritsch , Steinar H. Gunderson
+Build-Depends: debhelper (>= 7.4.3), dpatch, lsb-release, libaprutil1-dev (>= 1.3.4), libapr1-dev (>= 1.2.7-6), openssl, libpcre3-dev, mawk, zlib1g-dev, libssl-dev (>= 0.9.8m), sharutils, libcap-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386], autoconf, hardening-wrapper
+Build-Conflicts: autoconf2.13
+Standards-Version: 3.9.0
+Vcs-Bzr: http://code.launchpad.net/ubuntu/+source/apache2
+XSBC-Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2
+XSBC-Original-Vcs-svn: svn://svn.debian.org/pkg-apache/trunk/apache2
+Homepage: http://httpd.apache.org/
+
+Package: apache2.2-common
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-bin (= ${binary:Version}), apache2-utils, libmagic1, mime-support, lsb-base, procps [!hurd-i386], perl
+Recommends: ssl-cert
+Suggests: www-browser, apache2-doc, apache2-suexec | apache2-suexec-custom, ufw
+Conflicts: apache2-common, apache
+Replaces: apache2-common
+Description: Apache HTTP Server common files
+ The Apache Software Foundation's goal is to build a secure, efficient and
+ extensible HTTP server as standards-compliant open source software. The
+ result has long been the number one web server on the Internet.
+ .
+ This package contains the configuration and support scripts.
+ However, it does *not* include the server itself; for this you need to
+ install one of the apache2-mpm-* packages, such as worker or prefork.
+
+Package: apache2.2-bin
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Conflicts: apache2.2-common (<< 2.2.11-5~)
+Replaces: apache2.2-common (<< 2.2.14-2~)
+Description: Apache HTTP Server common binary files
+ The Apache Software Foundation's goal is to build a secure, efficient and
+ extensible HTTP server as standards-compliant open source software. The
+ result has long been the number one web server on the Internet.
+ .
+ This package contains all binaries but no configuration or support scripts.
+ To get a stand-alone server, you need to install one of the apache2-mpm-*
+ packages, such as worker or prefork. Other packages like gnome-user-share
+ may bring their own Apache configuration, though.
+
+Package: apache2-mpm-worker
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), apache2.2-bin (= ${binary:Version})
+Provides: apache2-mpm, apache2, httpd, httpd-cgi
+Conflicts: apache2-mpm, apache2-common
+Replaces: apache2-mpm-threadpool (<< 2.0.53), apache2-mpm-perchild (<< 2.2.0)
+Description: Apache HTTP Server - high speed threaded model
+ Each Apache Multi-Processing Module provides a different "flavor" of
+ web server binary, compiled with a different processing model.
+ .
+ The worker MPM provides the default threaded implementation. It is
+ recommended especially for high-traffic sites because it is faster
+ and has a smaller memory footprint than the traditional prefork MPM.
+
+Package: apache2-mpm-prefork
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), apache2.2-bin (= ${binary:Version})
+Provides: apache2-mpm, apache2, httpd, httpd-cgi
+Conflicts: apache2-mpm, apache2-common
+Description: Apache HTTP Server - traditional non-threaded model
+ Each Apache Multi-Processing Module provides a different "flavor" of
+ web server binary, compiled with a different processing model.
+ .
+ The prefork MPM provides a non-threaded, pre-forking implementation
+ that handles requests in a manner similar to Apache 1.3. It is not as
+ fast as threaded models, but is considered to be more stable. It is
+ appropriate for sites that need to maintain compatibility with
+ non-thread-safe libraries, and is the best MPM for isolating each
+ request, so that a problem with a single request will not affect any
+ other.
+
+Package: apache2-mpm-event
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), apache2.2-bin (= ${binary:Version})
+Provides: apache2-mpm, apache2, httpd, httpd-cgi
+Conflicts: apache2-mpm, apache2-common
+Description: Apache HTTP Server - event driven model
+ Each Apache Multi-Processing Module provides a different "flavor" of
+ web server binary, compiled with a different processing model.
+ .
+ The event MPM is designed to allow more requests to be served
+ simultaneously by passing off some processing work to supporting
+ threads, freeing up the main threads to work on new requests. It is
+ especially suitable for sites that see extensive KeepAlive traffic.
+ .
+ This MPM is experimental and less tested than the worker and prefork MPMs.
+
+Package: apache2-mpm-itk
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), apache2.2-bin (= ${binary:Version})
+Provides: apache2-mpm, apache2, httpd, httpd-cgi
+Conflicts: apache2-mpm, apache2-common
+Architecture: any
+Priority: extra
+Description: multiuser MPM for Apache 2.2
+ The ITK Multi-Processing Module (MPM) works in about the same way as the
+ classical "prefork" module (that is, without threads), except that it allows
+ you to constrain each individual vhost to a particular system user. This
+ allows you to run several different web sites on a single server without
+ worrying that they will be able to read each others' files. This is a
+ third-party MPM that is not included in the normal Apache httpd.
+ .
+ Please note that this MPM is somewhat less tested than the MPMs that come with
+ Apache itself.
+
+Package: apache2-utils
+Architecture: any
+Replaces: apache2-common, apache-utils (<< 1.3.33-4)
+Conflicts: apache-common (<< 1.3.28.0.1-1)
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Description: utility programs for webservers
+ Provides some add-on programs useful for any webserver. These include:
+ - ab (Apache benchmark tool)
+ - logresolve (Resolve IP addresses to hostname in logfiles)
+ - htpasswd (Manipulate basic authentication files)
+ - htdigest (Manipulate digest authentication files)
+ - dbmmanage (Manipulate basic authentication files in DBM format, using perl)
+ - htdbm (Manipulate basic authentication files in DBM format, using APR)
+ - rotatelogs (Periodically stop writing to a logfile and open a new one)
+ - split-logfile (Split a single log including multiple vhosts)
+ - checkgid (Checks whether the caller can setgid to the specified group)
+ - check_forensic (Extract mod_log_forensic output from Apache log files)
+
+Package: apache2-suexec
+Priority: optional
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}, apache2.2-common
+Conflicts: apache2-suexec, apache-common
+Replaces: apache2-suexec
+Description: Standard suexec program for Apache 2 mod_suexec
+ Provides the standard suexec helper program for mod_suexec. This version is
+ compiled with document root /var/www and userdir suffix public_html. If you
+ need different settings, use the package apache2-suexec-custom.
+
+Package: apache2-suexec-custom
+Priority: extra
+Architecture: any
+Depends: ${misc:Depends}, ${shlibs:Depends}, apache2.2-common
+Provides: apache2-suexec
+Conflicts: apache2-suexec, apache-common
+Replaces: apache2-suexec
+Description: Configurable suexec program for Apache 2 mod_suexec
+ Provides a customizable version of the suexec helper program for mod_suexec.
+ This is not the version from upstream, but can be configured with a
+ configuration file.
+ .
+ If you do not need non-standard document root or userdir settings, it is
+ recommended that you use the standard suexec helper program from the
+ apache2-suexec package instead.
+
+Package: apache2
+Architecture: any
+Depends: ${misc:Depends}, apache2-mpm-worker (= ${binary:Version}) | apache2-mpm-prefork (= ${binary:Version}) | apache2-mpm-event (= ${binary:Version}) | apache2-mpm-itk (= ${binary:Version}), apache2.2-common (= ${binary:Version})
+Description: Apache HTTP Server metapackage
+ The Apache Software Foundation's goal is to build a secure, efficient and
+ extensible HTTP server as standards-compliant open source software. The
+ result has long been the number one web server on the Internet.
+ .
+ It features support for HTTPS, virtual hosting, CGI, SSI, IPv6, easy
+ scripting and database integration, request/response filtering, many
+ flexible authentication schemes, and more.
+
+Package: apache2-doc
+Section: doc
+Architecture: all
+Depends: ${misc:Depends}
+Description: Apache HTTP Server documentation
+ This package provides the documentation for Apache 2. For more details
+ see the apache2 package description.
+
+Package: apache2-prefork-dev
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), openssl, libaprutil1-dev
+Conflicts: apache2-threaded-dev
+Priority: extra
+Description: Apache development headers - non-threaded MPM
+ This package provides the development headers and apxs2 binary for
+ apache2-mpm-prefork; see the apache2 package description for more details.
+ .
+ This should only be used when you absolutely *must* support a non-threaded
+ environment (for PHP, for example).
+
+Package: apache2-threaded-dev
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-common (= ${binary:Version}), openssl, libaprutil1-dev
+Conflicts: apache2-prefork-dev
+Provides: apache2-dev
+Priority: extra
+Description: Apache development headers - threaded MPM
+ This package provides the development headers and apxs2 binary for
+ threaded versions of apache2; see the apache2 package description
+ for more details.
+
+Package: apache2-dbg
+Section: debug
+Priority: extra
+Architecture: any
+Depends: ${misc:Depends}, apache2.2-bin (= ${binary:Version})
+Description: Apache debugging symbols
+ This package includes the debugging symbols for Apache 2.
+ See /usr/share/doc/apache2.2-common/README.backtrace for more information.
--- apache2-2.2.16.orig/debian/apache2-dbg.postinst
+++ apache2-2.2.16/debian/apache2-dbg.postinst
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+if [ "$1" != "configure" ]; then
+ exit 0
+fi
+
+P=apache2-dbg
+if dpkg --compare-versions "$2" lt 2.2.11-5~ ; then
+ DOCDIR=/usr/share/doc/$P
+ if [ ! -h $DOCDIR -a -d $DOCDIR ] ; then
+ rmdir $DOCDIR 2> /dev/null && ln -s apache2.2-bin $DOCDIR
+ fi
+fi
+
+#DEBHELPER#
+
+exit 0
--- apache2-2.2.16.orig/debian/apache2.2-common.postrm
+++ apache2-2.2.16/debian/apache2.2-common.postrm
@@ -0,0 +1,79 @@
+#! /bin/sh
+
+set -e
+
+# Allow apache 2.4 to override what we do.
+if [ -x /etc/apache2/upgrade-to-2.4-in-progress ] ; then
+ set +e
+ /etc/apache2/upgrade-to-2.4-in-progress $0 "$@"
+ ret=$?
+ set -e
+ case $ret in
+ 42)
+ exit 0
+ ;;
+ 43)
+ DONT_PURGE=1
+ ;;
+ 0)
+ : # do nothing
+ ;;
+ *)
+ exit $ret
+ ;;
+ esac
+fi
+
+
+if [ "$1" = purge -a "$DONT_PURGE" != 1 ] ; then
+ rm -f /etc/apache2/httpd.conf \
+ /var/cache/apache2/reload \
+ /var/log/apache2/access.log* \
+ /var/log/apache2/other_vhosts_access.log* \
+ /var/log/apache2/error.log*
+
+ rm -rf /var/cache/apache2/proxy \
+ /var/cache/apache2/mod_disk_cache \
+ /var/run/apache2 \
+ /var/lock/apache2
+
+ for f in /etc/apache2/sites-enabled/* \
+ /etc/apache2/mods-enabled/* ; do
+ [ -L "$f" ] && rm -f "$f"
+ done
+
+ for d in /etc/apache2/sites-enabled/ \
+ /etc/apache2/mods-enabled/ \
+ /etc/apache2/conf.d \
+ /etc/apache2 \
+ /var/log/apache2 \
+ /var/cache/apache2 ; do
+ rmdir $d 2> /dev/null || true
+ done
+
+fi
+
+restore_conffile() {
+ if [ -e $1.dpkg-apache2.2-common.old ] ; then
+ echo Restoring previous version of $1 ...
+ mv $1.dpkg-apache2.2-common.old $1
+ fi
+}
+
+if [ "$1" = abort-upgrade ] ; then
+ restore_conffile /etc/default/apache2
+ restore_conffile /etc/apache2/ports.conf
+ restore_conffile /etc/apache2/conf.d/charset
+fi
+
+if [ "$1" = remove ] ; then
+ MD5SUM="`md5sum /var/www/index.html 2>/dev/null | cut -d ' ' -f 1`"
+ case "$MD5SUM" in
+ 5388f60d7695cb57b87c799ee62d20b2|\
+ 21dde95d9d269cbb2fa6560309dca40c)
+ rm -f /var/www/index.html
+ ;;
+ esac
+fi
+
+#DEBHELPER#
--- apache2-2.2.16.orig/debian/setup-instance
+++ apache2-2.2.16/debian/setup-instance
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -eu
+
+if [ $# != 1 ] ; then
+ echo usage: $0 ''
+ exit 1
+fi
+
+# the SUFFIX must not contain spaces or shell meta characters
+SUFFIX=$1
+
+if [ -e /etc/apache2-$SUFFIX ] ; then
+ echo ERROR: /etc/apache2-$SUFFIX already exists
+ exit 2
+fi
+
+echo Setting up /etc/apache2-$SUFFIX ...
+cp -a /etc/apache2 /etc/apache2-$SUFFIX
+
+echo Setting up /etc/init.d/apache2-$SUFFIX ...
+cp /usr/share/doc/apache2.2-common/examples/secondary-init-script /etc/init.d/apache2-$SUFFIX
+# adjust service name (this prevents us from using a simple symlink)
+perl -p -i -e s,XXX,$SUFFIX, /etc/init.d/apache2-$SUFFIX
+chmod 755 /etc/init.d/apache2-$SUFFIX
+
+echo -n Setting up symlinks:
+for a in a2enmod a2dismod a2ensite a2dissite apache2ctl ; do
+ echo -n " $a-$SUFFIX"
+ ln -s /usr/sbin/$a /usr/local/sbin/$a-$SUFFIX
+done
+echo
+
+echo Setting up /etc/logrotate.d/apache2-$SUFFIX and /var/log/apache2-$SUFFIX ...
+cp -a /etc/logrotate.d/apache2 /etc/logrotate.d/apache2-$SUFFIX
+perl -p -i -e s,apache2,apache2-$SUFFIX,g /etc/logrotate.d/apache2-$SUFFIX
+mkdir /var/log/apache2-$SUFFIX
+chmod 750 /var/log/apache2-$SUFFIX
+chown root:adm /var/log/apache2-$SUFFIX
--- apache2-2.2.16.orig/debian/apache2.2-common.preinst
+++ apache2-2.2.16/debian/apache2.2-common.preinst
@@ -0,0 +1,28 @@
+#! /bin/sh -e
+
+mv_conffile() {
+ if [ "`md5sum $1 2>/dev/null | cut -d ' ' -f 1`" = "$2" ] ; then
+ echo Replacing $1 with new version ...
+ mv $1 $1.dpkg-apache2.2-common.old
+ fi
+}
+
+if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.2.4-2; then
+ mv_conffile /etc/default/apache2 9ac83f9132b78c3aa6dd4d7a583bf476
+ mv_conffile /etc/default/apache2 801eb5156368b54d92ecb578ce710836
+ mv_conffile /etc/apache2/ports.conf d5fcefc335117f400d451de47efeca87
+ mv_conffile /etc/apache2/conf.d/charset 641239a7d2d172856cb1413a47d2e142
+fi
+
+if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.2.15-4~ ; then
+ # The definition of other_vhosts_access.log has been moved from
+ # apache2.conf to conf.d/other-vhosts-access-log. If the admin has
+ # removed it from apache2.conf, mark it to be disabled in
+ # conf.d/other-vhosts-access-log in the postinst.
+ if ! egrep -q '^ *CustomLog.*other_vhosts_access.log vhost_combined$' /etc/apache2/apache2.conf
+ then
+ touch /etc/apache2/disable-other-vhost-access-log.dpkg-apache2.2-common
+ fi
+fi
+
+#DEBHELPER#
--- apache2-2.2.16.orig/debian/mpms.preinst
+++ apache2-2.2.16/debian/mpms.preinst
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+
+#Debian preinstall handling for apache2
+# Thom May
+
+if [ "$2" ] && dpkg --compare-versions "$2" lt 2.2; then
+ if [ -x "/etc/init.d/apache2" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ invoke-rc.d apache2 stop || true
+ else
+ /etc/init.d/apache2 stop || true
+ fi
+ fi
+ chmod -x /usr/sbin/apache2
+fi
+
+case "$1" in
+ install)
+ rm -f /var/cache/apache2/reload
+ ;;
+ upgrade)
+ if [ -d /var/cache/apache2 ]; then
+ touch /var/cache/apache2/reload
+ fi
+ ;;
+ *)
+ ;;
+esac
+
+#DEBHELPER#
--- apache2-2.2.16.orig/debian/mpms.postinst
+++ apache2-2.2.16/debian/mpms.postinst
@@ -0,0 +1,48 @@
+#!/bin/sh
+set -e
+
+if [ "$1" != "configure" ]; then
+ exit 0
+fi
+
+P=apache2-mpm-MPMXXX
+if [ $P = apache2-mpm-prefork ] || [ $P = apache2-mpm-itk ]; then
+ CGI_DIS=cgid
+ CGI_EN=cgi
+else
+ CGI_DIS=cgi
+ CGI_EN=cgid
+fi
+
+#enable cgi/cgid, but only on new installs.
+if [ -z "$2" ]; then
+ a2dismod $CGI_DIS >/dev/null || true
+ a2enmod $CGI_EN >/dev/null || echo "It looks like you've deleted /etc/apache2/mods-available/cgid.load, so mod_cgid cannot be enabled. To fix this, please purge and reinstall apache2.2-common."
+fi
+
+# Migrate our kill symlinks, including ones the user may have done an s/S/K/ to:
+for i in `seq 0 6`; do
+ if [ -L /etc/rc"$i".d/K91apache2 ]; then
+ mv /etc/rc"$i".d/K91apache2 \
+ /etc/rc"$i".d/K09apache2
+ fi
+done
+
+if [ -x "/etc/init.d/apache2" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ invoke-rc.d apache2 start ||true
+ else
+ /etc/init.d/apache2 start ||true
+ fi
+fi
+
+if dpkg --compare-versions "$2" lt 2.2.11-5~ ; then
+ DOCDIR=/usr/share/doc/$P
+ if [ ! -h $DOCDIR -a -d $DOCDIR ] ; then
+ rmdir $DOCDIR 2> /dev/null && ln -s apache2.2-common $DOCDIR
+ fi
+fi
+
+#DEBHELPER#
+
+exit 0
--- apache2-2.2.16.orig/debian/convert_docs
+++ apache2-2.2.16/debian/convert_docs
@@ -0,0 +1,96 @@
+#!/usr/bin/perl -w
+
+use strict;
+use File::Path;
+use Fatal qw/mkpath symlink open close/;
+
+scalar @ARGV == 2 or die;
+
+my $SRC=$ARGV[0];
+my $TGT=$ARGV[1];
+
+# list of languages
+my @lang = glob("$SRC/index.html.*") or die;
+map { s{^.*html\.}{} } @lang;
+
+# map "ja.euc-jp" to "ja/", ...
+my %lpath;
+foreach my $l (@lang) {
+ my $t=$l;
+ $t =~ s{\..*$}{};
+ $lpath{$l}="$t/";
+}
+
+
+my @html=`find $SRC -name *.html` or die;
+chomp(@html);
+map { s{^$SRC/}{} } @html;
+
+foreach my $h (@html) {
+ my $dir="";
+ if ($h =~ m{^(.*/)}) {
+ $dir=$1;
+ }
+
+ for my $l (@lang) {
+ my $tdir="$TGT/$lpath{$l}";
+ -d "$tdir$dir" || mkpath("$tdir$dir");
+
+ my $updir=$dir;
+ $updir =~ s{[^/]+}{..}g;
+
+ if ($l eq "en") {
+ conv("$SRC/$h.en", "$tdir$h", $h);
+ }
+ elsif ( -f "$SRC/$h.$l" ) {
+ conv("$SRC/$h.$l", "$tdir$h", $h);
+ }
+ else {
+ symlink("${updir}../en/$h", "$tdir$h");
+ }
+
+ }
+}
+
+open(my $out, ">", "$TGT/index.html");
+print $out '',
+ '',
+ "\n\n";
+foreach my $l (sort values %lpath) {
+ print $out qq{$l |
\n};
+}
+print $out '
';
+
+
+### END
+
+
+sub conv {
+ my ($old, $new, $name) = @_;
+
+ open(my $in, "<", $old);
+ local $/;
+ my $file = <$in>;
+ close($in);
+
+ # /mod/ -> /mod/index.html
+ $file =~ s{href="([^:"]*/)"}{href="${1}index.html"}g;
+
+ # style and images now one level up
+ $file =~ s{(src|href)="../(style|images)}{$1="../../$2}g;
+ $file =~ s{(src|href)="./(style|images)}{$1="../$2}g;
+
+ foreach my $l (values %lpath) {
+ # language directories one level up
+ $file =~ s{href="\.\./$l}{href="../../$l}g;
+ $file =~ s{href="\./$l}{href="../$l}g;
+ }
+
+ # Debian tweaks
+ $file =~ s{/usr/local/apache2/conf/httpd[.]conf}{/etc/apache2/apache2.conf}g;
+ $file =~ s{httpd[.]conf}{apache2.conf}g;
+
+ open(my $out, ">", $new);
+ print $out $file;
+ close($out);
+}
--- apache2-2.2.16.orig/debian/mpms.links
+++ apache2-2.2.16/debian/mpms.links
@@ -0,0 +1,2 @@
+usr/lib/apache2/mpm-MPMXXX/apache2 usr/sbin/apache2
+usr/share/bug/apache2.2-common/script usr/share/bug/apache2-mpm-MPMXXX/script
--- apache2-2.2.16.orig/debian/apache2-threaded-dev.dirs
+++ apache2-2.2.16/debian/apache2-threaded-dev.dirs
@@ -0,0 +1,4 @@
+usr/include/apache2
+usr/bin
+usr/share/apache2/build
+usr/share/man/man8
--- apache2-2.2.16.orig/debian/apache2-doc.postinst
+++ apache2-2.2.16/debian/apache2-doc.postinst
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+
+if [ -x "/etc/init.d/apache2" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ invoke-rc.d apache2 reload ||true
+ else
+ /etc/init.d/apache2 reload ||true
+ fi
+fi
+
+#DEBHELPER#
--- apache2-2.2.16.orig/debian/secondary-init-script
+++ apache2-2.2.16/debian/secondary-init-script
@@ -0,0 +1,19 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: apache2-XXX
+# Required-Start: $local_fs $remote_fs $network $syslog
+# Required-Stop: $local_fs $remote_fs $network $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Start/stop apache2 web server (config /etc/apache2-XXX)
+### END INIT INFO
+
+set -e
+
+#
+# this init script can be installed as /etc/init.d/apache2-XXX
+#
+
+# source original init script to keep $0 and other arguments
+. /etc/init.d/apache2
--- apache2-2.2.16.orig/debian/mpms.dirs
+++ apache2-2.2.16/debian/mpms.dirs
@@ -0,0 +1,4 @@
+usr/sbin
+usr/lib/apache2/mpm-MPMXXX
+usr/share/lintian/overrides
+usr/share/bug/apache2-mpm-MPMXXX
--- apache2-2.2.16.orig/debian/README.multiple-instances
+++ apache2-2.2.16/debian/README.multiple-instances
@@ -0,0 +1,99 @@
+Setup
+=====
+
+The scripts apache2ctl, a2enmod, a2ensite, ... and the init script have some
+support for handling multiple instances of apache2 running on the same machine.
+
+The basic idea is to copy /etc/apache2 to /etc/apache2-xxx. An example script
+that demonstrates what else needs to be done can be found in
+/usr/share/doc/apache2.2-common/examples/setup-instance. Use with:
+
+ sh /usr/share/doc/apache2.2-common/examples/setup-instance xxx
+
+Adjust the configuration in /etc/apache2-xxx, especially the listen ports in
+ports.conf and in the virtual host directives in
+/etc/apache2-xxx/sites-enabled/*.
+
+You can then use a2enmod-xxx, /etc/init.d/apache2-xxx, ... as usual, and they
+will affect the new instance of apache2.
+
+To start the new apache2 instance on boot, use
+- if you use dependency based boot sequence (the default):
+ If you don't have ssl keys with passphrases, you may want to set
+ 'X-Interactive: false' in /etc/init.d/apache2-xxx to reduce boot time.
+ Then execute:
+ insserv apache2-xxx
+- otherwise:
+ ln -s ../init.d/apache2-xxx /etc/rc2.d/S80apache2-xxx
+
+To make 'apache2ctl-xxx status' work, you need to set APACHE_STATUSURL in
+/etc/apache2-xxx/envvars.
+
+
+Upgrades
+========
+
+Since onle the configuration files in /etc/apache2 are in the package, the
+configuration of other instances won't change if the default configuration
+changes. Possibly ways to deal with this are:
+
+- Use symlinks to the files in /etc/apache2 where possible instead of copying
+ the files.
+- Don't modify /etc/apache2 at all but use it to track the default
+ configuration. You can then merge the changes into the /etc/apache2-xxx dirs.
+ It may be a good idea to use a version control system for /etc/apache2 to
+ keep track of the changes. See the package etckeeper for keeping the whole
+ /etc dir under version control.
+ An advanced scheme may be for every /etc/apache2* dir to be a separate git
+ repository so that you can easily pull/push changes from one dir to another.
+
+
+Package removal
+===============
+
+The Apache 2 package will only remove the default configuration files and
+directories.
+
+
+Configuration
+=============
+
+The init script will try to read /etc/defaults/apache2-xxx. If that does not
+exist, it will use /etc/defaults/apache2 instead.
+
+The following environment variables can be used to influence the scripts. The
+default apache2 configuration will make use of them, too. Most can be set in
+/etc/apache2-xxx/envvars. Variables set in /etc/apache2-xxx/envvars must be
+exported.
+
+variable default value
+-------- -------------
+APACHE_CONFDIR /etc/apache2 or /etc/apache2-xxx
+APACHE_ENVVARS $APACHE_CONFDIR/envvars
+APACHE_HTTPD /usr/sbin/apache2
+APACHE_ARGUMENTS empty if $APACHE_CONFDIR = /etc/apache2
+ "-d $APACHE_CONFDIR" otherwise
+
+APACHE_RUN_USER www-data
+APACHE_RUN_GROUP www-data
+
+APACHE_PID_FILE /var/run/apache2.pid or /var/run/apachd2-xxx.pid
+APACHE_RUN_DIR /var/run/apache2 or /var/run/apache2-xxx
+APACHE_LOCK_DIR /var/lock/apache2 or /var/lock/apache2-xxx
+APACHE_LOG_DIR /var/log/apache2 or /var/log/apache2-xxx
+
+APACHE_MODS_AVAILABLE $APACHE_CONFDIR/mods-available
+APACHE_MODS_ENABLED $APACHE_CONFDIR/mods-enabled
+APACHE_SITES_AVAILABLE $APACHE_CONFDIR/sites-available
+APACHE_SITES_ENABLED $APACHE_CONFDIR/sites-enabled
+
+APACHE_LYNX www-browser -dump
+APACHE_STATUSURL http://localhost:80/server-status
+
+
+MPMs
+====
+
+You can use different MPMs for different instances by setting APACHE_HTTPD to
+one of /usr/lib/apache2/mpm-*/apache2. Note that some modules like mod_php only
+work with the non-threaded MPMs (prefork, itk).
--- apache2-2.2.16.orig/debian/a2dissite.8
+++ apache2-2.2.16/debian/a2dissite.8
@@ -0,0 +1 @@
+.so man8/a2ensite.8
--- apache2-2.2.16.orig/debian/apache2-suexec.lintian-overrides
+++ apache2-2.2.16/debian/apache2-suexec.lintian-overrides
@@ -0,0 +1,2 @@
+setuid-binary usr/lib/apache2/suexec 4754 root/www-data
+package-relation-with-self replaces: apache2-suexec
--- apache2-2.2.16.orig/debian/apache2ctl.8
+++ apache2-2.2.16/debian/apache2ctl.8
@@ -0,0 +1,182 @@
+.TH apache2ctl 8 "April 2008"
+.\" The Apache Software License, Version 1.1
+.\"
+.\" Copyright (c) 2000-2002 The Apache Software Foundation. All rights
+.\" reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in
+.\" the documentation and/or other materials provided with the
+.\" distribution.
+.\"
+.\" 3. The end-user documentation included with the redistribution,
+.\" if any, must include the following acknowledgment:
+.\" "This product includes software developed by the
+.\" Apache Software Foundation (http://www.apache.org/)."
+.\" Alternately, this acknowledgment may appear in the software itself,
+.\" if and wherever such third-party acknowledgments normally appear.
+.\"
+.\" 4. The names "Apache" and "Apache Software Foundation" must
+.\" not be used to endorse or promote products derived from this
+.\" software without prior written permission. For written
+.\" permission, please contact apache@apache.org.
+.\"
+.\" 5. Products derived from this software may not be called "Apache",
+.\" nor may "Apache" appear in their name, without prior written
+.\" permission of the Apache Software Foundation.
+.\"
+.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+.\" WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+.\" USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" This software consists of voluntary contributions made by many
+.\" individuals on behalf of the Apache Software Foundation. For more
+.\" information on the Apache Software Foundation, please see
+.\" .
+.\"
+.SH NAME
+apache2ctl \- Apache HTTP server control interface
+.SH SYNOPSIS
+When acting in SysV init mode, apache2ctl takes simple, one-word commands,
+defined below.
+.PP
+.B apachectl
+.I command
+.PP
+.B apache2ctl
+.I command
+.PP
+When acting in pass-through mode, apache2ctl can take all the arguments available
+for the httpd binary.
+.PP
+.B apachectl
+.RI [ httpd-argument ]
+.PP
+.B apache2ctl
+.RI [ httpd-argument ]
+.PP
+.SH DESCRIPTION
+.B apache2ctl
+is a front end to the Apache HyperText Transfer Protocol (HTTP)
+server. It is designed to help the administrator control the
+functioning of the Apache
+.B apache2
+daemon.
+.PP
+.B NOTE:
+The default Debian configuration requires the environment variables
+.BR APACHE_RUN_USER ,
+.BR APACHE_RUN_GROUP ,
+and
+.B APACHE_PID_FILE
+to be set in
+.BR /etc/apache2/envvars .
+.PP
+The
+.B apache2ctl
+script returns a 0 exit value on success, and >0 if an error
+occurs. For more details, view the comments in the script.
+.PP
+.SH OPTIONS
+The \fIcommand\fP can be any one or more of the following options:
+.TP 14
+.BI start
+Start the Apache daemon. Gives an error if it is already running.
+.TP
+.BI stop
+Stops the Apache daemon.
+.TP
+.BI restart
+Restarts the Apache daemon by sending it a SIGHUP. If the daemon
+is not running, it is started.
+This command automatically checks the configuration files via
+.BI configtest
+before initiating the restart to to catch the most obvious errors.
+However, it is still possible for the daemon to die because of problems
+with the configuration.
+.TP
+.BI fullstatus
+Displays a full status report from
+.B mod_status.
+For this to work, you need to have mod_status enabled on your server
+and a text-based browser such as \fIlynx\fP available on your system. The
+URL used to access the status report can be set by setting the
+.B APACHE_STATUSURL
+variable in
+.BR /etc/apache2/envvars .
+.TP
+.BI status
+Displays a brief status report. Similar to the fullstatus option,
+except that the list of requests currently being served is omitted.
+.TP
+.BI graceful
+Gracefully restarts the Apache daemon by sending it a SIGUSR1. If
+the daemon is not running, it is started. This differs from a
+normal restart in that currently open connections are not aborted.
+A side effect is that old log files will not be closed immediately.
+This means that if used in a log rotation script, a substantial delay may be
+necessary to ensure that the old log files are closed before processing them.
+This command automatically checks the configuration files via apache2ctl
+configtest before initiating the restart to to catch the most obvious errors.
+However, it is still possible for the daemon to die because of problems with
+the configuration.
+.TP
+.BI graceful-stop
+Gracefully stops the Apache httpd daemon.
+This differs from a normal stop in that currently open connections are not
+aborted.
+A side effect is that old log files will not be closed immediately.
+.TP
+.BI configtest
+Run a configuration file syntax test. It parses the configuration
+files and either reports
+.B "Syntax Ok"
+or information about the particular syntax error. This test does not catch
+all errors.
+.TP
+.BI help
+Displays a short help message.
+.TP
+The following option was available in earlier versions but has been removed.
+.TP
+.BI startssl
+To start httpd with SSL support, you should edit your configuration file to
+include the relevant directives and then use the normal apache2ctl start.
+.SH ENVIRONMENT
+The behaviour of
+.B apache2ctl
+can be influenced with these environment variables:
+.BR APACHE_HTTPD ,
+.BR APACHE_LYNX ,
+.BR APACHE_STATUSURL ,
+.BR APACHE_ULIMIT_MAX_FILES ,
+.BR APACHE_RUN_DIR ,
+.BR APACHE_LOCK_DIR ,
+.BR APACHE_RUN_USER ,
+.BR APACHE_ARGUMENTS ,
+.BR APACHE_ENVVARS .
+See the comments in the script for details.
+These variables (except
+.BR APACHE_ENVVARS )
+can be set in
+.BR /etc/apache2/envvars .
+.SH SEE ALSO
+.BR apache2(8) ,
+.BR /usr/share/doc/apache2.2-common/README.Debian.gz
+.
--- apache2-2.2.16.orig/debian/apache2.2-common.install
+++ apache2-2.2.16/debian/apache2.2-common.install
@@ -0,0 +1,7 @@
+usr/share/apache2/icons
+usr/share/apache2/error
+usr/sbin/envvars-std usr/share/apache2/build
+etc/apache2 usr/share/doc/apache2.2-common/examples
+debian/config-dir/* etc/apache2
+debian/a2enmod usr/sbin
+debian/apache2ctl usr/sbin
--- apache2-2.2.16.orig/debian/apache2-suexec.install
+++ apache2-2.2.16/debian/apache2-suexec.install
@@ -0,0 +1,2 @@
+usr/sbin/suexec usr/lib/apache2
+usr/share/man/man8/suexec.8
--- apache2-2.2.16.orig/debian/apache2-doc.doc-base
+++ apache2-2.2.16/debian/apache2-doc.doc-base
@@ -0,0 +1,10 @@
+Document: apache2-manual
+Title: Apache HTTP Server Version 2.2 Documentation
+Abstract: This documentation describes the configuration of the Apache Web
+ server and the included modules.
+Section: web
+
+Format: HTML
+Index: /usr/share/doc/apache2-doc/manual/en/index.html
+Files: /usr/share/doc/apache2-doc/manual/*/*.html
+ /usr/share/doc/apache2-doc/manual/*/*/*.html
--- apache2-2.2.16.orig/debian/apache2.monit
+++ apache2-2.2.16/debian/apache2.monit
@@ -0,0 +1,7 @@
+check process apache2 with pidfile /var/run/apache2.pid
+ group www
+ start program = "/etc/init.d/apache2 start"
+ stop program = "/etc/init.d/apache2 stop"
+ if failed host localhost port 80
+ protocol HTTP request "/" then restart
+ if 5 restarts within 5 cycles then timeout
--- apache2-2.2.16.orig/debian/apache2-utils.install
+++ apache2-2.2.16/debian/apache2-utils.install
@@ -0,0 +1,19 @@
+usr/sbin/ab /usr/bin
+usr/share/man/man1/ab.1
+usr/sbin/checkgid
+usr/sbin/dbmmanage usr/bin/
+usr/share/man/man1/dbmmanage.1
+usr/sbin/htdbm usr/bin/
+usr/share/man/man1/htdbm.1
+usr/sbin/htdigest usr/bin/
+usr/share/man/man1/htdigest.1
+usr/sbin/htpasswd usr/bin/
+usr/share/man/man1/htpasswd.1
+usr/sbin/logresolve /usr/bin
+usr/share/man/man1/logresolve.1
+usr/sbin/rotatelogs
+usr/share/man/man8/rotatelogs.8
+usr/sbin/htcacheclean
+usr/share/man/man8/htcacheclean.8
+support/check_forensic usr/sbin
+debian/build-tree/worker/support/split-logfile usr/sbin
--- apache2-2.2.16.orig/debian/watch
+++ apache2-2.2.16/debian/watch
@@ -0,0 +1,2 @@
+version=3
+http://www.apache.org/dist/httpd/httpd-(2\.2.*)\.tar\.gz
--- apache2-2.2.16.orig/debian/compat
+++ apache2-2.2.16/debian/compat
@@ -0,0 +1 @@
+7
--- apache2-2.2.16.orig/debian/apache2.2-common.apache2.default
+++ apache2-2.2.16/debian/apache2.2-common.apache2.default
@@ -0,0 +1,26 @@
+### htcacheclean settings ###
+
+## run htcacheclean: yes, no, auto
+## auto means run if /etc/apache2/mods-enabled/disk_cache.load exists
+## default: auto
+HTCACHECLEAN_RUN=auto
+
+## run mode: cron, daemon
+## run in daemon mode or as daily cron job
+## default: daemon
+HTCACHECLEAN_MODE=daemon
+
+## cache size
+HTCACHECLEAN_SIZE=300M
+
+## interval: if in daemon mode, clean cache every x minutes
+HTCACHECLEAN_DAEMON_INTERVAL=120
+
+## path to cache
+## must be the same as in CacheRoot directive
+HTCACHECLEAN_PATH=/var/cache/apache2/mod_disk_cache
+
+## additional options:
+## -n : be nice
+## -t : remove empty directories
+HTCACHECLEAN_OPTIONS="-n"
--- apache2-2.2.16.orig/debian/apache2.2-common.bug-control
+++ apache2-2.2.16/debian/apache2.2-common.bug-control
@@ -0,0 +1 @@
+package-status: apache2-mpm-prefork apache2-mpm-worker apache2-mpm-event apache2-mpm-itk
--- apache2-2.2.16.orig/debian/apache2.2-common.links
+++ apache2-2.2.16/debian/apache2.2-common.links
@@ -0,0 +1,4 @@
+usr/sbin/a2enmod usr/sbin/a2dismod
+usr/sbin/a2enmod usr/sbin/a2ensite
+usr/sbin/a2enmod usr/sbin/a2dissite
+usr/sbin/apache2ctl usr/sbin/apachectl
--- apache2-2.2.16.orig/debian/apache2-dbg.dirs
+++ apache2-2.2.16/debian/apache2-dbg.dirs
@@ -0,0 +1,5 @@
+usr/lib/debug/usr/sbin
+usr/lib/debug/usr/lib/apache2/mpm-worker
+usr/lib/debug/usr/lib/apache2/mpm-prefork
+usr/lib/debug/usr/lib/apache2/mpm-event
+usr/lib/debug/usr/lib/apache2/mpm-itk
--- apache2-2.2.16.orig/debian/checkgid.8
+++ apache2-2.2.16/debian/checkgid.8
@@ -0,0 +1,36 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH CHECKGID 8 "November 3rd, 2001"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+checkgid \- checks the gid
+.SH SYNOPSIS
+.B checkgid group
+.SH DESCRIPTION
+This manual page documents briefly the
+.B checkgid
+command.
+.PP
+.\" TeX users may be more comfortable with the \fB\fP and
+.\" \fI\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBcheckgid\fP is a program that checks whether it can setgid to the group
+specified. This is to see if it is a valid group for apache2 to use at runtime.
+If the user (should be run as superuser) is in that group, or can setgid to it,
+it will return 0.
+.SH AUTHOR
+This manual page was written by Daniel Stone for the Debian
+GNU/Linux distribution, as the original did not have a manpage.
--- apache2-2.2.16.orig/debian/logrotate
+++ apache2-2.2.16/debian/logrotate
@@ -0,0 +1,13 @@
+/var/log/apache2/*.log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ notifempty
+ create 640 root adm
+ sharedscripts
+ postrotate
+ /etc/init.d/apache2 reload > /dev/null
+ endscript
+}
--- apache2-2.2.16.orig/debian/apache2.bug-control
+++ apache2-2.2.16/debian/apache2.bug-control
@@ -0,0 +1 @@
+Submit-As: apache2.2-common
--- apache2-2.2.16.orig/debian/apache2-doc.conf
+++ apache2-2.2.16/debian/apache2-doc.conf
@@ -0,0 +1,10 @@
+Alias /manual /usr/share/doc/apache2-doc/manual/
+
+