Git : Code : apache2 package : Ubuntu

Ubuntu
apache2 package

View Bazaar branches

Get this repository:: git clone https://git.launchpad.net/ubuntu/+source/apache2

Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name	Last Modified	Last Commit
importer/ubuntu/dsc	2020-04-15 17:14:08 UTC 2020-04-15	DSC file for 2.4.41-4ubuntu3 Author: Ubuntu Git Importer Author Date: 2020-04-15 17:14:08 UTC DSC file for 2.4.41-4ubuntu3
applied/ubuntu/devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
applied/ubuntu/focal-devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/groovy	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/focal-devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/focal	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
applied/ubuntu/groovy	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/focal-proposed	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/groovy-devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
applied/ubuntu/focal	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
applied/ubuntu/focal-proposed	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
ubuntu/devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-unapplied version 2.4.41-4ubuntu3 to ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: 5819437f56ebce2254460911777c85ccd2ad9abf New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
applied/ubuntu/groovy-devel	2020-04-15 16:40:20 UTC 2020-04-15	Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Author: Andreas Hasenack Author Date: 2020-04-13 14:19:17 UTC Import patches-applied version 2.4.41-4ubuntu3 to applied/ubuntu/focal-proposed Imported using git-ubuntu import. Changelog parent: b43608d3df9217e0ca5e2f00910a08bb4a6f59a3 Unapplied parent: 1d24378ec8539363045c92c6bec3284e380f7b33 New changelog entries: [ Timo Aaltonen ] * d/p/buffer-http-request-bodies-for-tlsv13.diff, d/p/tlsv13-add-logno.diff: mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests. Closes: #955348, LP: #1872478
importer/debian/dsc	2020-03-31 10:40:13 UTC 2020-03-31	DSC file for 2.4.43-1 Author: Ubuntu Git Importer Author Date: 2020-03-31 10:40:13 UTC DSC file for 2.4.43-1
applied/debian/sid	2020-03-31 10:27:04 UTC 2020-03-31	Import patches-applied version 2.4.43-1 to applied/debian/sid Author: Xavier Guimard Author Date: 2020-03-31 08:02:12 UTC Import patches-applied version 2.4.43-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: fd99dd13959deb74b1c18e7b0b4c4c52c802f39a Unapplied parent: 7c8e6740fed283039bba4b0893b14b976a728bba New changelog entries: [ Timo Aaltonen ] * mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests (Closes: #955348) [ Moritz Schlarb ] * Fix logrotate script for multi-instance (Closes: #914606) [ Xavier Guimard ] * New upstream version 2.4.43 * Refresh patches
debian/sid	2020-03-31 10:27:04 UTC 2020-03-31	Import patches-unapplied version 2.4.43-1 to debian/sid Author: Xavier Guimard Author Date: 2020-03-31 08:02:12 UTC Import patches-unapplied version 2.4.43-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 2a6a886f328c116cc7dc42032f21cc17f17f3e26 New changelog entries: [ Timo Aaltonen ] * mod_ssl: Add patches to fix TLS 1.3 client cert authentication for POST requests (Closes: #955348) [ Moritz Schlarb ] * Fix logrotate script for multi-instance (Closes: #914606) [ Xavier Guimard ] * New upstream version 2.4.43 * Refresh patches
applied/ubuntu/bionic-devel	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-se... Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 8b129cf47872b2bf3943ab99862e214bc55cc96d Unapplied parent: 4f6429fe8dd84cb07ad7332c5d3d00c48be9a52c New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
applied/ubuntu/bionic-security	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-se... Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 8b129cf47872b2bf3943ab99862e214bc55cc96d Unapplied parent: 4f6429fe8dd84cb07ad7332c5d3d00c48be9a52c New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
applied/ubuntu/bionic-updates	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-se... Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-applied version 2.4.29-1ubuntu4.13 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 8b129cf47872b2bf3943ab99862e214bc55cc96d Unapplied parent: 4f6429fe8dd84cb07ad7332c5d3d00c48be9a52c New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
ubuntu/bionic-devel	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 39aa84ddc5f826ca090b8f0b6c5180b7dc0d03a7 New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
ubuntu/bionic-updates	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 39aa84ddc5f826ca090b8f0b6c5180b7dc0d03a7 New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
ubuntu/bionic-security	2020-03-18 14:03:44 UTC 2020-03-18	Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Author: Marc Deslauriers Author Date: 2020-03-13 08:26:16 UTC Import patches-unapplied version 2.4.29-1ubuntu4.13 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 39aa84ddc5f826ca090b8f0b6c5180b7dc0d03a7 New changelog entries: * Add additional missing commits to TLSv1.3 support. (LP: #1867223) - debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste typos in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-3.patch: fail with 403 if SSL_verify_client_post_handshake fails in modules/ssl/ssl_engine_kernel.c. - debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes post-handshake authentication in modules/ssl/ssl_engine_init.c. - debian/patches/tlsv1.3-support-5.patch: retrieve and set sslconn->client_cert here for both "modern" and classic access control in modules/ssl/ssl_engine_kernel.c.
applied/debian/stretch	2020-02-08 17:28:33 UTC 2020-02-08	Import patches-applied version 2.4.25-3+deb9u9 to applied/debian/stretch Author: Stefan Fritsch Author Date: 2019-10-13 17:43:54 UTC Import patches-applied version 2.4.25-3+deb9u9 to applied/debian/stretch Imported using git-ubuntu import. Changelog parent: 6d4177a71f1b773bc6c4279c9a5a8086495cd068 Unapplied parent: 772636a30757ee99110c073792054ecead808037 New changelog entries: [ Xavier Guimard ] * Use correct patch for CVE-2019-10092. This fixes a regression in mod_proxy_balancer (Closes: #941202)
debian/stretch	2020-02-08 17:28:33 UTC 2020-02-08	Import patches-unapplied version 2.4.25-3+deb9u9 to debian/stretch Author: Stefan Fritsch Author Date: 2019-10-13 17:43:54 UTC Import patches-unapplied version 2.4.25-3+deb9u9 to debian/stretch Imported using git-ubuntu import. Changelog parent: a4e538ac6919aca336b507be098bedfe67a9c0dd New changelog entries: [ Xavier Guimard ] * Use correct patch for CVE-2019-10092. This fixes a regression in mod_proxy_balancer (Closes: #941202)
applied/ubuntu/bionic-proposed	2020-02-07 17:48:19 UTC 2020-02-07	Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-pr... Author: Marc Deslauriers Author Date: 2019-12-03 10:55:03 UTC Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 53dff1d52d462b9d6ececf3ca5a028ee49ed5cc6 Unapplied parent: 2df6f03b749c787abe4b8da205f9794fe43e112a New changelog entries: * Add TLSv1.3 support. (LP: #1845263) - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit which introduced TLSv1.3 support.
ubuntu/bionic-proposed	2020-02-07 17:48:19 UTC 2020-02-07	Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed Author: Marc Deslauriers Author Date: 2019-12-03 10:55:03 UTC Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 2ad0745ef3eb129d595f582986f2cd5f34ea2534 New changelog entries: * Add TLSv1.3 support. (LP: #1845263) - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit which introduced TLSv1.3 support.
debian/buster	2019-11-16 10:39:07 UTC 2019-11-16	Import patches-unapplied version 2.4.38-3+deb10u3 to debian/buster Author: Salvatore Bonaccorso Author Date: 2019-10-15 19:53:42 UTC Import patches-unapplied version 2.4.38-3+deb10u3 to debian/buster Imported using git-ubuntu import. Changelog parent: 2d02e89511301c8100398791ef8d65c6a4b07150 New changelog entries: * Non-maintainer upload by the Security Team. * Annoatate patch for CVE-2019-10092: Add missing APLOGNO's in modules/proxy/mod_proxy.c and modules/proxy/mod_proxy_ftp.c * Fix CVE-2019-10092 patch (Closes: #941202)
applied/debian/buster	2019-11-16 10:39:07 UTC 2019-11-16	Import patches-applied version 2.4.38-3+deb10u3 to applied/debian/buster Author: Salvatore Bonaccorso Author Date: 2019-10-15 19:53:42 UTC Import patches-applied version 2.4.38-3+deb10u3 to applied/debian/buster Imported using git-ubuntu import. Changelog parent: f26caf152756dc59975c5a2b388d4fd8d8612602 Unapplied parent: 5cf53f6ecf6bbfeaee3f7b2e5bbc6c65c807868d New changelog entries: * Non-maintainer upload by the Security Team. * Annoatate patch for CVE-2019-10092: Add missing APLOGNO's in modules/proxy/mod_proxy.c and modules/proxy/mod_proxy_ftp.c * Fix CVE-2019-10092 patch (Closes: #941202)
applied/ubuntu/xenial-updates	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr... Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 48dadd9ce07245feee7374709c07faea92877456 Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
ubuntu/xenial-proposed	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7 New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
applied/ubuntu/xenial-proposed	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr... Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 48dadd9ce07245feee7374709c07faea92877456 Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
ubuntu/xenial-updates	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7 New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
applied/ubuntu/xenial-devel	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr... Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 48dadd9ce07245feee7374709c07faea92877456 Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
ubuntu/xenial-devel	2019-10-08 22:03:15 UTC 2019-10-08	Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Author: Jesse Williamson Author Date: 2019-10-08 13:31:25 UTC Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7 New changelog entries: * Backport mod_reqtimeout with handshake support (LP: #1846138) - d/p/0001-mod-reqtimeout-revent-long-response-times.patch - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch
ubuntu/xenial-security	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-unapplied version 2.4.18-2ubuntu3.13 to ubuntu/xenial-security Author: Steve Beattie Author Date: 2019-09-16 13:13:53 UTC Import patches-unapplied version 2.4.18-2ubuntu3.13 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 9753035d2b58c6df6e643f1c86517ba839118265 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
applied/ubuntu/disco-updates	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu... Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
ubuntu/disco-updates	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
ubuntu/disco-security	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
applied/ubuntu/xenial-security	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-applied version 2.4.18-2ubuntu3.13 to applied/ubuntu/xenial-se... Author: Steve Beattie Author Date: 2019-09-16 13:13:53 UTC Import patches-applied version 2.4.18-2ubuntu3.13 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 4ca4b92d9b92febfe12421466d62d353a663602d Unapplied parent: ab6fa7b9c4aad86b94a1b9d075fccb3e7e17f65e New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
ubuntu/disco-devel	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
applied/ubuntu/disco-security	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu... Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
applied/ubuntu/disco-devel	2019-09-17 12:18:12 UTC 2019-09-17	Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu... Author: Steve Beattie Author Date: 2019-09-16 12:36:25 UTC Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security Imported using git-ubuntu import. Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477 New changelog entries: * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
applied/ubuntu/eoan	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772 Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
applied/ubuntu/eoan-proposed	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772 Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
applied/ubuntu/eoan-devel	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772 Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
ubuntu/eoan-devel	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
ubuntu/eoan-proposed	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
ubuntu/eoan	2019-08-15 12:48:33 UTC 2019-08-15	Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Author: Andreas Hasenack Author Date: 2019-08-14 14:36:32 UTC Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed Imported using git-ubuntu import. Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5 New changelog entries: * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-.patch + d/p/CVE-2019-0197.patch Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024)
applied/ubuntu/cosmic-updates	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro... Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0 New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
applied/ubuntu/cosmic-proposed	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro... Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0 New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
ubuntu/cosmic-updates	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 628cf297002077e42ee70d2240dded26209c294d New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
applied/ubuntu/cosmic-devel	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro... Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0 New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
ubuntu/cosmic-devel	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 628cf297002077e42ee70d2240dded26209c294d New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
ubuntu/cosmic-proposed	2019-07-17 17:28:20 UTC 2019-07-17	Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Author: Andreas Hasenack Author Date: 2019-07-16 20:27:06 UTC Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 628cf297002077e42ee70d2240dded26209c294d New changelog entries: * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0 similarly to <0 with openssl 1.1.1 * d/p/clear-retry-flags-before-abort.patch: clear retry flags before aborting on client-initiated reneg (LP: #1836329)
applied/ubuntu/trusty-updates	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec... Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/cosmic-security	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-unapplied version 2.4.34-1ubuntu2.1 to ubuntu/cosmic-security Author: Marc Deslauriers Author Date: 2019-04-03 12:50:09 UTC Import patches-unapplied version 2.4.34-1ubuntu2.1 to ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: c01ee5a6ff12c19ca89f37cf3f112ad04e0d951b New changelog entries: * SECURITY UPDATE: slowloris DoS in mod_http2 - debian/patches/CVE-2018-17189.patch: change cleanup strategy for slave connections in modules/http2/h2_conn.c. - CVE-2018-17189 * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/trusty-security	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec... Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/cosmic-security	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-applied version 2.4.34-1ubuntu2.1 to applied/ubuntu/cosmic-sec... Author: Marc Deslauriers Author Date: 2019-04-03 12:50:09 UTC Import patches-applied version 2.4.34-1ubuntu2.1 to applied/ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: 66cf474c05f5ccc50455c09ae4e45aef8ed1793f Unapplied parent: 245ef397d9af30ddfcda49d53654a760ea7a8e5d New changelog entries: * SECURITY UPDATE: slowloris DoS in mod_http2 - debian/patches/CVE-2018-17189.patch: change cleanup strategy for slave connections in modules/http2/h2_conn.c. - CVE-2018-17189 * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/trusty-security	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/trusty-devel	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/trusty-updates	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/trusty-devel	2019-04-04 15:03:13 UTC 2019-04-04	Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec... Author: Marc Deslauriers Author Date: 2019-04-03 14:37:52 UTC Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21 New changelog entries: * SECURITY UPDATE: mod_session expiry time issue - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions that could not be decoded in modules/session/mod_session.c. - debian/patches/CVE-2018-17199.patch: always decode session attributes early in modules/session/mod_session.c. - CVE-2018-17199 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/disco-proposed	2019-04-04 00:18:14 UTC 2019-04-04	Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed Author: Marc Deslauriers Author Date: 2019-04-03 18:31:46 UTC Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 065c91fc0057a94d466f1f3589984b27fcfbf53c New changelog entries: * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_ssl access control bypass - debian/patches/CVE-2019-0215.patch: restore SSL verify state after PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c. - CVE-2019-0215 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/disco-proposed	2019-04-04 00:18:14 UTC 2019-04-04	Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed Author: Marc Deslauriers Author Date: 2019-04-03 18:31:46 UTC Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: d593a21e22d85e50dc60ffd3e9c13cf039af641d Unapplied parent: 7a185371bbc4fd4f8c2330f18999f124d1483f6c New changelog entries: * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_ssl access control bypass - debian/patches/CVE-2019-0215.patch: restore SSL verify state after PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c. - CVE-2019-0215 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
ubuntu/disco	2019-04-04 00:18:14 UTC 2019-04-04	Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed Author: Marc Deslauriers Author Date: 2019-04-03 18:31:46 UTC Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 065c91fc0057a94d466f1f3589984b27fcfbf53c New changelog entries: * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_ssl access control bypass - debian/patches/CVE-2019-0215.patch: restore SSL verify state after PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c. - CVE-2019-0215 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/disco	2019-04-04 00:18:14 UTC 2019-04-04	Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed Author: Marc Deslauriers Author Date: 2019-04-03 18:31:46 UTC Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: d593a21e22d85e50dc60ffd3e9c13cf039af641d Unapplied parent: 7a185371bbc4fd4f8c2330f18999f124d1483f6c New changelog entries: * SECURITY UPDATE: read-after-free on a string compare in mod_http2 - debian/patches/CVE-2019-0196.patch: disentangelment of stream and request method in modules/http2/h2_request.c. - CVE-2019-0196 * SECURITY UPDATE: privilege escalation from modules' scripts - debian/patches/CVE-2019-0211.patch: bind the bucket number of each child to its slot number in include/scoreboard.h, server/mpm/event/event.c, server/mpm/prefork/prefork.c, server/mpm/worker/worker.c. - CVE-2019-0211 * SECURITY UPDATE: mod_ssl access control bypass - debian/patches/CVE-2019-0215.patch: restore SSL verify state after PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c. - CVE-2019-0215 * SECURITY UPDATE: mod_auth_digest access control bypass - debian/patches/CVE-2019-0217.patch: fix a race condition in modules/aaa/mod_auth_digest.c. - CVE-2019-0217 * SECURITY UPDATE: URL normalization inconsistincy - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in the path in include/http_core.h, include/httpd.h, server/core.c, server/request.c, server/util.c. - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety in server/request.c, server/util.c. - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in server/util.c. - CVE-2019-0220
applied/ubuntu/trusty-proposed	2018-11-28 00:08:17 UTC 2018-11-28	Import patches-applied version 2.4.7-1ubuntu4.21 to applied/ubuntu/trusty-pro... Author: Andreas Hasenack Author Date: 2018-11-23 19:45:20 UTC Import patches-applied version 2.4.7-1ubuntu4.21 to applied/ubuntu/trusty-proposed Imported using git-ubuntu import. Changelog parent: c927cf7dc322d0d42878387def4606c12d83f830 Unapplied parent: 56356e86d2b58595a3e370f8ff50c74ff857c99a New changelog entries: * d/p/AuthzProviderAlias-visibility.patch: Allow <AuthzProviderAlias>'es to be seen from auth stanzas under virtual hosts (LP: #1529355)
ubuntu/trusty-proposed	2018-11-28 00:08:17 UTC 2018-11-28	Import patches-unapplied version 2.4.7-1ubuntu4.21 to ubuntu/trusty-proposed Author: Andreas Hasenack Author Date: 2018-11-23 19:45:20 UTC Import patches-unapplied version 2.4.7-1ubuntu4.21 to ubuntu/trusty-proposed Imported using git-ubuntu import. Changelog parent: b6bc6bdec9edcafb645ba0012ba945909c0a4445 New changelog entries: * d/p/AuthzProviderAlias-visibility.patch: Allow <AuthzProviderAlias>'es to be seen from auth stanzas under virtual hosts (LP: #1529355)
applied/ubuntu/cosmic	2018-10-03 16:53:33 UTC 2018-10-03	Import patches-applied version 2.4.34-1ubuntu2 to applied/ubuntu/cosmic-proposed Author: Marc Deslauriers Author Date: 2018-10-03 13:57:22 UTC Import patches-applied version 2.4.34-1ubuntu2 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 5ee6fd8ed95918bf0ee925dea807050d1eb973de Unapplied parent: 3f7f83fc1fbbeb37142f2b0b6388c60e9e3e8ec0 New changelog entries: * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames - debian/patches/CVE-2018-11763.patch: rework connection IO event handling in modules/http2/h2_session.c, modules/http2/h2_session.h, modules/http2/h2_version.h. - CVE-2018-11763
ubuntu/cosmic	2018-10-03 16:53:33 UTC 2018-10-03	Import patches-unapplied version 2.4.34-1ubuntu2 to ubuntu/cosmic-proposed Author: Marc Deslauriers Author Date: 2018-10-03 13:57:22 UTC Import patches-unapplied version 2.4.34-1ubuntu2 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 54cf94ea486abd9b821825e9707ccbab064f95a2 New changelog entries: * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames - debian/patches/CVE-2018-11763.patch: rework connection IO event handling in modules/http2/h2_session.c, modules/http2/h2_session.h, modules/http2/h2_version.h. - CVE-2018-11763
debian/jessie	2018-06-23 17:05:20 UTC 2018-06-23	Import patches-unapplied version 2.4.10-10+deb8u12 to debian/jessie Author: Stefan Fritsch Author Date: 2018-03-31 09:31:57 UTC Import patches-unapplied version 2.4.10-10+deb8u12 to debian/jessie Imported using git-ubuntu import. Changelog parent: 2c986900081af76f74ef6d53bd789ecf4497af8e New changelog entries: * CVE-2017-15710: mod_authnz_ldap: Out of bound write in mod_authnz_ldap when using too small Accept-Language values. * CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name. Configure the regular expression engine to match '$' to the end of the input string only, excluding matching the end of any embedded newline characters. Behavior can be changed with new directive 'RegexDefaultOptions'. * CVE-2018-1283: Tampering of mod_session data for CGI applications. * CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request * CVE-2018-1303: Possible out of bound read in mod_cache_socache * CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation
applied/debian/jessie	2018-06-23 17:05:20 UTC 2018-06-23	Import patches-applied version 2.4.10-10+deb8u12 to applied/debian/jessie Author: Stefan Fritsch Author Date: 2018-03-31 09:31:57 UTC Import patches-applied version 2.4.10-10+deb8u12 to applied/debian/jessie Imported using git-ubuntu import. Changelog parent: 00e390572793fa6a05c5e856c4800602946e1a18 Unapplied parent: c4596a9809422583e0b43d77aa93bcc4edb1d15f New changelog entries: * CVE-2017-15710: mod_authnz_ldap: Out of bound write in mod_authnz_ldap when using too small Accept-Language values. * CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name. Configure the regular expression engine to match '$' to the end of the input string only, excluding matching the end of any embedded newline characters. Behavior can be changed with new directive 'RegexDefaultOptions'. * CVE-2018-1283: Tampering of mod_session data for CGI applications. * CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request * CVE-2018-1303: Possible out of bound read in mod_cache_socache * CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation
applied/ubuntu/artful-updates	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro... Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6 New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
ubuntu/artful-proposed	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
ubuntu/artful-devel	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
applied/ubuntu/artful-proposed	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro... Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6 New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
applied/ubuntu/artful-devel	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro... Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6 New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
ubuntu/artful-updates	2018-06-13 14:58:14 UTC 2018-06-13	Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Author: Andreas Hasenack Author Date: 2018-06-07 20:53:23 UTC Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c New changelog entries: * debian/patches/includeoptional-ignore-non-existent.patch: silently ignore a not existent file path with IncludeOptional . Closes LP: #1766186.
applied/ubuntu/artful-security	2018-04-19 12:28:31 UTC 2018-04-19	Import patches-applied version 2.4.27-2ubuntu4.1 to applied/ubuntu/artful-sec... Author: Marc Deslauriers Author Date: 2018-04-18 14:20:05 UTC Import patches-applied version 2.4.27-2ubuntu4.1 to applied/ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 4cbcac15d53554def83f1ce8815ed41072705790 Unapplied parent: c8d6bd075d7b5cd749d1ab0ab8967330d73fbee5 New changelog entries: * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY UPDATE: incorrect <FilesMatch> matching - debian/patches/CVE-2017-15715.patch: allow to configure global/default options for regexes, like caseless matching or extended format in include/ap_regex.h, server/core.c, server/util_pcre.c. - CVE-2017-15715 * SECURITY UPDATE: mod_session header manipulation - debian/patches/CVE-2018-1283.patch: strip Session header when SessionEnv is on in modules/session/mod_session.c. - CVE-2018-1283 * SECURITY UPDATE: DoS via specially-crafted request - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL terminated on any error, not only on buffer full in server/protocol.c. - CVE-2018-1301 * SECURITY UPDATE: mod_cache_socache DoS - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up to carriage return in modules/cache/mod_cache_socache.c. - CVE-2018-1303 * SECURITY UPDATE: insecure nonce generation - debian/patches/CVE-2018-1312.patch: actually use the secret when generating nonces in modules/aaa/mod_auth_digest.c. - CVE-2018-1312
ubuntu/artful-security	2018-04-19 12:28:31 UTC 2018-04-19	Import patches-unapplied version 2.4.27-2ubuntu4.1 to ubuntu/artful-security Author: Marc Deslauriers Author Date: 2018-04-18 14:20:05 UTC Import patches-unapplied version 2.4.27-2ubuntu4.1 to ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: c7c79f29748d24bb5f9fbc71b131aef8cc4117c2 New changelog entries: * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY UPDATE: incorrect <FilesMatch> matching - debian/patches/CVE-2017-15715.patch: allow to configure global/default options for regexes, like caseless matching or extended format in include/ap_regex.h, server/core.c, server/util_pcre.c. - CVE-2017-15715 * SECURITY UPDATE: mod_session header manipulation - debian/patches/CVE-2018-1283.patch: strip Session header when SessionEnv is on in modules/session/mod_session.c. - CVE-2018-1283 * SECURITY UPDATE: DoS via specially-crafted request - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL terminated on any error, not only on buffer full in server/protocol.c. - CVE-2018-1301 * SECURITY UPDATE: mod_cache_socache DoS - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up to carriage return in modules/cache/mod_cache_socache.c. - CVE-2018-1303 * SECURITY UPDATE: insecure nonce generation - debian/patches/CVE-2018-1312.patch: actually use the secret when generating nonces in modules/aaa/mod_auth_digest.c. - CVE-2018-1312
importer/debian/pristine-tar	2018-03-31 04:34:04 UTC 2018-03-31	pristine-tar data for apache2_2.4.33.orig.tar.bz2 Author: Ubuntu Git Importer Author Date: 2018-03-31 04:34:04 UTC pristine-tar data for apache2_2.4.33.orig.tar.bz2
applied/ubuntu/bionic	2018-03-29 13:13:40 UTC 2018-03-29	Import patches-applied version 2.4.29-1ubuntu4 to applied/ubuntu/bionic-proposed Author: Rafael David Tinoco Author Date: 2018-03-02 02:19:31 UTC Import patches-applied version 2.4.29-1ubuntu4 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: e6a5ba316444c6a85aad977dc10a7ed7b1e830e3 Unapplied parent: 5f28e42a84d851b044f2aa09adaa6e79ea98871d New changelog entries: * Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP: #1752683) - added debian/patches/util_ldap_cache_lock_fix.patch
ubuntu/bionic	2018-03-29 13:13:40 UTC 2018-03-29	Import patches-unapplied version 2.4.29-1ubuntu4 to ubuntu/bionic-proposed Author: Rafael David Tinoco Author Date: 2018-03-02 02:19:31 UTC Import patches-unapplied version 2.4.29-1ubuntu4 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 37630b8cc1dfd80c1b632f3e56c6a507e68d17be New changelog entries: * Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP: #1752683) - added debian/patches/util_ldap_cache_lock_fix.patch
importer/ubuntu/pristine-tar	2018-03-07 17:08:01 UTC 2018-03-07	pristine-tar data for apache2_2.4.29.orig.tar.gz Author: Ubuntu Git Importer Author Date: 2018-03-07 17:08:01 UTC pristine-tar data for apache2_2.4.29.orig.tar.gz
ubuntu/zesty-updates	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
applied/ubuntu/zesty-devel	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2 Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3 New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
ubuntu/zesty-devel	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
ubuntu/zesty-security	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
applied/ubuntu/zesty-updates	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2 Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3 New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
applied/ubuntu/zesty-security	2017-09-19 17:24:04 UTC 2017-09-19	Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-18 15:08:28 UTC Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2 Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3 New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
ubuntu/artful	2017-09-18 16:54:16 UTC 2017-09-18	Import patches-unapplied version 2.4.27-2ubuntu3 to ubuntu/artful-proposed Author: Marc Deslauriers Author Date: 2017-09-18 15:05:48 UTC Import patches-unapplied version 2.4.27-2ubuntu3 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: f09ecdf404a45f84d3f6706d7415653f3faa38d7 New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
applied/ubuntu/artful	2017-09-18 16:54:16 UTC 2017-09-18	Import patches-applied version 2.4.27-2ubuntu3 to applied/ubuntu/artful-proposed Author: Marc Deslauriers Author Date: 2017-09-18 15:05:48 UTC Import patches-applied version 2.4.27-2ubuntu3 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: a9d928beb04c919f0eb42bddd3574598261d3b03 Unapplied parent: b854305b2d29d662ed441f6a66952ab5649ed634 New changelog entries: * SECURITY UPDATE: optionsbleed information leak - debian/patches/CVE-2017-9798.patch: disallow method registration at run time in server/core.c. - CVE-2017-9798
debian/experimental	2017-08-09 04:27:50 UTC 2017-08-09	Import patches-unapplied version 2.4.27-4 to debian/experimental Author: Stefan Fritsch Author Date: 2017-08-08 19:59:37 UTC Import patches-unapplied version 2.4.27-4 to debian/experimental Imported using git-ubuntu import. Changelog parent: f7ef7e92d24d60f681df739f05081350a628d775 New changelog entries: * Use 'invoke-rc.d' instead of init script in logrotate script. Closes: #857607 * Make the apache-htcacheclean init script actually look into /etc/default/apache-htcacheclean for its config. LP: #1691495 * mime.conf: Guard AddOutputFilter INCLUDES with proper <IfModule>. LP: #1675184 * Use 'service' instead of init script in monit example config. * Bump Standards-Version to 4.0.1. Other changes: - change package priorities from extra to optional * Use libprotocol-http2-perl in autopkgtest. * Update test suite to svn r1804214. * Various tweaks to the test suite autopkgtest to avoid having to skip any test. * Also remove -DBUILD_DATETIME and -fdebug-prefix-map from config_vars.mk to avoid them being used by apxs. * deflate.conf: Remove mention of MSIE6
applied/debian/experimental	2017-08-09 04:27:50 UTC 2017-08-09	Import patches-applied version 2.4.27-4 to applied/debian/experimental Author: Stefan Fritsch Author Date: 2017-08-08 19:59:37 UTC Import patches-applied version 2.4.27-4 to applied/debian/experimental Imported using git-ubuntu import. Changelog parent: de4d68c17b6c366eaed7527386ac0b365b227b8c Unapplied parent: 750c574d225db8c1f1c796236fc6674648ca780c New changelog entries: * Use 'invoke-rc.d' instead of init script in logrotate script. Closes: #857607 * Make the apache-htcacheclean init script actually look into /etc/default/apache-htcacheclean for its config. LP: #1691495 * mime.conf: Guard AddOutputFilter INCLUDES with proper <IfModule>. LP: #1675184 * Use 'service' instead of init script in monit example config. * Bump Standards-Version to 4.0.1. Other changes: - change package priorities from extra to optional * Use libprotocol-http2-perl in autopkgtest. * Update test suite to svn r1804214. * Various tweaks to the test suite autopkgtest to avoid having to skip any test. * Also remove -DBUILD_DATETIME and -fdebug-prefix-map from config_vars.mk to avoid them being used by apxs. * deflate.conf: Remove mention of MSIE6
ubuntu/yakkety-security	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679
ubuntu/yakkety-devel	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679
applied/ubuntu/yakkety-updates	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se... Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679
applied/ubuntu/yakkety-devel	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se... Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679
applied/ubuntu/yakkety-security	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se... Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679
ubuntu/yakkety-updates	2017-06-26 17:13:38 UTC 2017-06-26	Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-06-26 11:57:04 UTC Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7 New changelog entries: * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw() - debian/patches/CVE-2017-3167.patch: deprecate and replace ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h, server/protocol.c, server/request.c. - CVE-2017-3167 * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection() - debian/patches/CVE-2017-3169.patch: fix ctx passed to ssl_io_filter_error() in modules/ssl/ssl_engine_io.c. - CVE-2017-3169 * SECURITY UPDATE: denial of service and possible incorrect value return in HTTP strict parsing changes - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in server/util.c. - CVE-2017-7668 * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in modules/http/mod_mime.c. - CVE-2017-7679

Other repositories

Name	Last Modified
lp:ubuntu/+source/apache2	2020-05-26
lp:~ahasenack/ubuntu/+source/apache2	2020-04-13
lp:~ddstreet/ubuntu/+source/apache2	2019-10-16
lp:~paelzer/ubuntu/+source/apache2	2019-09-09
lp:~nacc/ubuntu/+source/apache2	2017-07-27
lp:~evarlast/ubuntu/+source/apache2	2016-11-30

You can't create new repositories for apache2 in Ubuntu.