lp:ubuntu/feisty-proposed/apache2
- Get this branch:
- bzr branch lp:ubuntu/feisty-proposed/apache2
Branch merges
Branch information
Recent revisions
- 15. By Mathias Gug
-
debian/
apache2. 2-common. init.d: make sure that /var/lock/apache2 is owned
by www-data. Fixes LP: #129920. - 14. By Mathias Gug
-
* debian/
apache2. 2-common. init.d: make sure that /var/lock/apache2 is owned
by www-data. Fixes LP: #129920.
* debian/control: Set Maintainer to Ubuntu Core Dev and move Debian
maintainer to XSBC-Original-Maintainer. - 12. By Andreas Barth <email address hidden>
-
* Non-maintainer upload.
* 043_ajp_connection_ reuse: Patch from upstream Bugzilla, fixing a critical
issue with regard to connection reuse in mod_proxy_ajp.
Closes: #396265 - 11. By Martin Pitt
-
* Add debian/
patches/ 054_restore_ prefix_ fix:
- Fix autoconf macros to work with autoconf 2.60 (AC_CANONICAL_SYSTEM
overwrites $@ in 2.60, see Debian bug #372179), so that the package
builds again on recent Edgy.
- Thanks to Daniel Schepler <email address hidden> for this patch
(taken from Debian #374160)
- Closes: LP#62242 - 10. By Martin Pitt
-
* SECURITY UPDATE: Remote DoS, potential remote code execution.
* Add debian/patches/ 053_mod_ rewite_ CVE-2006- 3747:
- Fix off-by-one buffer overflow in mod_rewrite's ldap scheme handler.
- Reported by Mark Dowd of McAfee Avert Labs.
- CVE-2006-3747 - 9. By Adam Conrad
-
Include patch from SVN HEAD to make sure LFS works on 64-bit platforms
where sendfile() doesn't like dealing with anything larger than 32-bit
chunks. Yes, Linux 2.6, I'm looking at you (see: launchpad.net/11850) - 8. By Adam Conrad
-
Restore the "a2enmod userdir" that went missing in the "cruft cleaning"
in the last upload, since it's required to sanely configure new setups. - 7. By Adam Conrad
-
* Add 050_mod_
imap_CVE- 2005-3352 to escape untrusted referer headers in
mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
* Add 051_mod_ssl_CVE- 2005-3357 to avoid a remote denial of service in
threaded MPMs when making a non-SSL connection to an SSL-enabled port
on a server with a custom 400 error document defined; see CVE-2005-3357
* Clean up our use of trailing slashes on directories in debian/rules, so
the newer, pickier, obviously very improved coreutils doesn't bite us.
* Remove some cruft from apache2-common's postinst, dealing with upgrade
scenarios from versions older than those released in Sarge or Warty.
* Use "SHELL := sh -e" in debian/rules, so the build will stop on shell
errors, instead of blundering on to later make targets (closes: #340761)
* Recreate /var/run/apache2 and /var/lock/apache2 in our init script, in
case the user has /var/run and /var/lock on tmpfs, which is fasionable.
* Make our init script a /bin/bash script instead of a /bin/sh script, so
we can abuse it with regex globbing (#348189, #347962, #340955, #342008)
* Take patch from Adrian Bridgett to output errors from our config test
in the init script, but only do so when we're VERBOSE (closes: #339323)
* In the spirit of the LSB, make our init script exit 2 when called with
incorrect arguments, and exit 4 when asked for status (closes: #330275)
* Fix the default site to not mix configuration syntax (closes: #345922)
* Mention apxs2 in the apache2-*-dev long descriptions (closes: #307921)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/apache2