Created by James Westby on 2009-11-06 and last modified on 2009-11-06
Get this branch:
bzr branch lp:ubuntu/edgy/apache2
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

11. By Martin Pitt on 2006-09-27

* Add debian/patches/054_restore_prefix_fix:
  - Fix autoconf macros to work with autoconf 2.60 (AC_CANONICAL_SYSTEM
    overwrites $@ in 2.60, see Debian bug #372179), so that the package
    builds again on recent Edgy.
  - Thanks to Daniel Schepler <email address hidden> for this patch
    (taken from Debian #374160)
  - Closes: LP#62242

10. By Martin Pitt on 2006-07-26

* SECURITY UPDATE: Remote DoS, potential remote code execution.
* Add debian/patches/053_mod_rewite_CVE-2006-3747:
  - Fix off-by-one buffer overflow in mod_rewrite's ldap scheme handler.
  - Reported by Mark Dowd of McAfee Avert Labs.
  - CVE-2006-3747

9. By Adam Conrad on 2006-05-26

Include patch from SVN HEAD to make sure LFS works on 64-bit platforms
where sendfile() doesn't like dealing with anything larger than 32-bit
chunks. Yes, Linux 2.6, I'm looking at you (see: launchpad.net/11850)

8. By Adam Conrad on 2006-05-22

Restore the "a2enmod userdir" that went missing in the "cruft cleaning"
in the last upload, since it's required to sanely configure new setups.

7. By Adam Conrad on 2005-11-26

* Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
  mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
* Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
  threaded MPMs when making a non-SSL connection to an SSL-enabled port
  on a server with a custom 400 error document defined; see CVE-2005-3357
* Clean up our use of trailing slashes on directories in debian/rules, so
  the newer, pickier, obviously very improved coreutils doesn't bite us.
* Remove some cruft from apache2-common's postinst, dealing with upgrade
  scenarios from versions older than those released in Sarge or Warty.
* Use "SHELL := sh -e" in debian/rules, so the build will stop on shell
  errors, instead of blundering on to later make targets (closes: #340761)
* Recreate /var/run/apache2 and /var/lock/apache2 in our init script, in
  case the user has /var/run and /var/lock on tmpfs, which is fasionable.
* Make our init script a /bin/bash script instead of a /bin/sh script, so
  we can abuse it with regex globbing (#348189, #347962, #340955, #342008)
* Take patch from Adrian Bridgett to output errors from our config test
  in the init script, but only do so when we're VERBOSE (closes: #339323)
* In the spirit of the LSB, make our init script exit 2 when called with
  incorrect arguments, and exit 4 when asked for status (closes: #330275)
* Fix the default site to not mix configuration syntax (closes: #345922)
* Mention apxs2 in the apache2-*-dev long descriptions (closes: #307921)

6. By Matthias Klose on 2005-11-24

Rebuild for libstdc++ allocator change

5. By Adam Conrad on 2005-10-24

Brown paper bag release: Tidy up CFLAGS and APR configure call to make
sure that what we link to agrees with what apu-config tells others to do.

4. By Adam Conrad on 2005-10-04

Add 047_ssl_reneg_with_body, which adds a (bounded) buffer of request
body data to provide a limited but safe fix for the mod_ssl renegotiation
vs requests-with-bodies bug, as occurs with POST and SVN (Ubuntu #14991)

3. By Adam Conrad on 2005-04-01

Fix the init script to not exit with an error when asked to
stop a daemon that isn't running (Was the root cause of #8374)

2. By Thom May on 2004-10-13

Security Release. Patch from upstream for the following:
CAN-2004-0885SSLCypherSuite can be bypassed during renegotiation.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.