~ahasenack/ubuntu/+source/apache2:cosmic-apache-ssl-regression-1836329

Last commit made on 2019-07-16
Get this branch:
git clone -b cosmic-apache-ssl-regression-1836329 https://git.launchpad.net/~ahasenack/ubuntu/+source/apache2
Only Andreas Hasenack can upload to this branch. If you are Andreas Hasenack please log in for upload directions.

Branch merges

Branch information

Name:
cosmic-apache-ssl-regression-1836329
Repository:
lp:~ahasenack/ubuntu/+source/apache2

Recent commits

0b18250... by Andreas Hasenack

changelog

000a019... by Andreas Hasenack

  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

7c16991... by Andreas Hasenack

  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1

628cf29... by Andreas Hasenack

Import patches-unapplied version 2.4.34-1ubuntu2.2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: f5c83c8c9ea5c79365025eb930c52bcd7fffc6fd

New changelog entries:
  * d/p/disable-ssl-1.1.1-auto-retry.patch: fix client certificate
    authentication when built with openssl 1.1.1 (LP: #1833039)

f5c83c8... by Marc Deslauriers

Import patches-unapplied version 2.4.34-1ubuntu2.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: c01ee5a6ff12c19ca89f37cf3f112ad04e0d951b

New changelog entries:
  * SECURITY UPDATE: slowloris DoS in mod_http2
    - debian/patches/CVE-2018-17189.patch: change cleanup strategy for
      slave connections in modules/http2/h2_conn.c.
    - CVE-2018-17189
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

c01ee5a... by Marc Deslauriers

Import patches-unapplied version 2.4.34-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 54cf94ea486abd9b821825e9707ccbab064f95a2

New changelog entries:
  * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames
    - debian/patches/CVE-2018-11763.patch: rework connection IO event
      handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
      modules/http2/h2_version.h.
    - CVE-2018-11763

54cf94e... by Andreas Hasenack

Import patches-unapplied version 2.4.34-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ef5d2450201d96722e86ff11a816bf14e3b9cfca

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
    - d/control, d/rules, d/config-dir/mods-available/md.load: don't build
      libapache2-mod-md, as that makes apache2-bin pull in libcurl4 which
      cannot be coinstalled with libcurl3. That situation breaks the
      installation of libapache2-mod-shib2. See
      https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1770242/comments/1
      for details.

ef5d245... by Stefan Fritsch

Import patches-unapplied version 2.4.34-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f9135dfca55cef91c3af3074fc3ba3826d3f95d8

New changelog entries:
  [ Ondřej Surý ]
  * New upstream version 2.4.34
    Security fixes:
    - CVE-2018-1333: Denial of service in mod_http2. Closes: #904106
    - CVE-2018-8011: Denial of service in mod_md. Closes: #904107
  * Refresh patches for Apache2 2.4.34 release
  * Update the suexec-custom.patch for 2.4.34 release
  [ Stefan Fritsch ]
  * Remove load order dependency introduced in mod_lbmethod_* in 2.4.34
  * Remove debian/gbp.conf. Closes: #904641
  * Fix typo in apache2_switch_mpm() in apache2-maintscript-helper.
    Closes: #904150

f9135df... by Stefan Fritsch

Import patches-unapplied version 2.4.33-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b13a69a4c7ec1ab4ee90a70d5dff9e013a2d26d0

New changelog entries:
  * Add Breaks for libapache2-mod-proxy-uwsgi and libapache2-mod-md, too.
    Closes: #894785
  * mod_http2: Avoid high memory usage with large files, causing crashes on
    32bit archs. Closes: #897218
  * Migrate from alioth to salsa.

b13a69a... by Stefan Fritsch

Import patches-unapplied version 2.4.33-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3e69ee740b7685d9d4399b12bf8aa5f4b7e23e36

New changelog entries:
  * Add Replaces: and transitional packages for libapache2-mod-proxy-uwsgi
    and libapache2-mod-md.
    Closes: #894760, #894761, #894785