apache2 2.2.8-1 source package in Ubuntu

Changelog

apache2 (2.2.8-1) unstable; urgency=low

  * New upstream version:
    - Fixes cross-site scripting issues in
      o mod_imagemap (CVE-2007-5000)
      o mod_status (CVE-2007-6388)
      o mod_proxy_balancer's balancer manager (CVE-2007-6421)
    - Fixes a denial of service issue in mod_proxy_balancer's balancer manager
      (CVE-2007-6422).
    - Fixes mod_proxy URL encoding in error messages (closes: #337325).
    - Adds explicit charset to the output of various modules to work around
      possible cross-site scripting flaws affecting web browsers that do not
      derive the response character set as required by RFC2616. For
      mod_proxy_ftp there is now the new ProxyFtpDirCharset directive to
      specify something else than ISO-8859-1 (CVE-2008-0005).
    - Adds mod_substitute which performs inline response content pattern
      matching (including regex) and substitution (like mod_line_edit).
    - Adds "DefaultType none" option.
    - Adds new "B" option to RewriteRule to suppress URL unescaping.
    - Adds an "if" directive for mod_include to test whether an URL is
      accessible, and if so, conditionally display content.
    - Adds support for mod_ssl to the event MPM.
  * Move the configuration of User, Group, and PidFile to
    /etc/apache2/envvars. This makes it easier to use these settings in
    scripts. /etc/apache2/envvars can now also be used to influence apache2ctl
    (inspired by Marc Haber's patch).  (Closes: #349709, #460105, #458085)
  * Make apache2ctl check the configuration syntax before trying to restart
    apache, to match the behaviour documented in the man page.
    (Closes: #459236)
  * Convert docs to be directly viewable with a browser (and not use content
    negotiation).
  * Add doc-base entry for the documentation. (closes: #311269)
  * Don't ship default files in /var/www, but copy a sample file to
    /var/www/index.html on new installs. Also remove the now unneeded
    RedirectMatch line from sites-available/default.
    (Closes: #411774, #458093)
  * Add some information to README.Debian (Apache wiki, default virtual host)
  * Build with LDFLAGS=-Wl,--as-needed to drop a lot of unnecessary
    dependencies, easing library transitions (closes: #458857).
  * Add icons for OpenDocuments, add sharutils to Build-Depends for uudecode.
    Patch by Nicolas Valcárcel. (Closes: #436441)
  * Add reportbug script to list enabled modules.
  * Fix some lintian warnings:
    - Pass --no-start to dh_installinit instead of omitting the debhelper token
      in various maintainer scripts. Also move the update-rc.d call to
      apache2.2-common.
    - Add Short-Description to init script.
  * Remove unused apache2-mpm-prefork.prerm from source package and clean up
    debian/rules a bit.
  * Don't ship NEWS.Debian with apache2-utils, as the contents are only
    relevant for the server.

 -- Mathias Gug <email address hidden>   Fri,  01 Feb 2008 16:24:43 +0000

Upload details

Uploaded by:
Mathias Gug on 2008-02-02
Uploaded to:
Hardy
Original maintainer:
Debian Apache Maintainers
Component:
main
Architectures:
any
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hardy release on 2008-02-02 main web

Downloads

File Size MD5 Checksum
apache2_2.2.8.orig.tar.gz 5.8 MiB 39a755eb0f584c279336387b321e3dfc
apache2_2.2.8-1.diff.gz 125.5 KiB 405c7118ef0f2e8ee36253e94b9cc5cf
apache2_2.2.8-1.dsc 1.2 KiB c2f8c4852c9f6b851552901f7765e344

View changes file

Binary packages built by this source

apache2: Next generation, scalable, extendable web server

 Apache v2 is the next generation of the omnipresent Apache web server. This
 version - a total rewrite - introduces many new improvements, such as
 threading, a new API, IPv6 support, request/response filtering, and more.

apache2-doc: documentation for apache2

 This is the documentation for apache2, see the apache2 package description
  for more details.

apache2-mpm-event: Event driven model for Apache HTTPD

 The event Multi-Processing Module (MPM) is designed to allow more
 requests to be served simultaneously by passing off some processing
 work to supporting threads, freeing up the main threads to work on
 new requests.
 .
 This MPM is especially suitable for sites that see extensive KeepAlive traffic

apache2-mpm-perchild: Transitional package - please remove

 This is a transitional package to upgrade apache2-mpm-perchild to
 apache2-mpm-worker.

apache2-mpm-prefork: Traditional model for Apache HTTPD

 This Multi-Processing Module (MPM) implements a non-threaded,
 pre-forking web server that handles requests in a manner similar to
 Apache 1.3. It is appropriate for sites that need to avoid threading for
 compatibility with non-thread-safe libraries. It is also the best MPM
 for isolating each request, so that a problem with a single request will
 not affect any other.
 .
 It is not as fast, but is considered to be more stable.

apache2-mpm-worker: High speed threaded model for Apache HTTPD

 The worker MPM provides a threaded implementation for Apache HTTPD. It is
 considerably faster than the traditional model, and is the recommended MPM.
 .
 Worker generally is a good choice for high-traffic servers because it
 has a smaller memory footprint than the prefork MPM.

apache2-prefork-dev: development headers for apache2

 This package provides the development headers and apxs2 binary for
 apache2-mpm-prefork; see the apache2 package description for more details.
 .
 This should only be used when you absolutely *have* to have a non-threaded
 environment, ie for PHP4.

apache2-src: Apache source code

 This package includes the complete and patched source code for the
 Apache HTTPD. It is useful for other packages to build-depend on in
 order to build custom MPMs.

apache2-threaded-dev: development headers for apache2

 This package provides the development headers and apxs2 binary for
 threaded versions of apache2; see the apache2 package description
 for more details.

apache2-utils: utility programs for webservers

 Provides some add-on programs useful for any webserver. These include:
  - ab (Apache benchmark tool)
  - logresolve (Resolve IP addresses to hostname in logfiles)
  - htpasswd (Manipulate basic authentication files)
  - htdigest (Manipulate digest authentication files)
  - dbmmanage (Manipulate basic authentication files in DBM format, using perl)
  - htdbm (Manipulate basic authentication files in DBM format, using APR)
  - rotatelogs (Periodically stop writing to a logfile and open a new one)
  - split-logfile (Split a single log including multiple vhosts)
  - checkgid (Checks whether the caller can setgid to the specified group)
  - check_forensic (Extract mod_log_forensic output from apache log files)

apache2.2-common: Next generation, scalable, extendable web server

 Apache v2 is the next generation of the omnipresent Apache web server. This
 version - a total rewrite - introduces many new improvements, such as
 threading, a new API, IPv6 support, request/response filtering, and more.
 .
 It is also considerably faster, and can be easily extended to provide services
 other than http.
 .
 This package contains all the standard apache2 modules, including SSL support.
 However, it does *not* include the server itself; for this you need to
 install one of the apache2-mpm-* packages; such as worker or prefork.