lp:ubuntu/natty-updates/apache2
- Get this branch:
- bzr branch lp:ubuntu/natty-updates/apache2
Branch merges
Branch information
Recent revisions
- 70. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
directive (LP: #811422)
- debian/patches/ 215_CVE- 2011-3607. dpatch: validate length in
server/util.c.
- CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
- debian/patches/ 216_CVE- 2011-4317. dpatch: validate additional URIs in
modules/mappers/ mod_rewrite. c, modules/ proxy/mod_ proxy.c,
server/protocol. c.
- CVE-2011-4317
* SECURITY UPDATE: denial of service via invalid cookie
- debian/patches/ 217_CVE- 2012-0021. dpatch: check name and value in
modules/loggers/ mod_log_ config. c.
- CVE-2012-0021
* SECURITY UPDATE: denial of service and possible code execution via
type field modification within a scoreboard shared memory segment
- debian/patches/ 218_CVE- 2012-0031. dpatch: check type field in
server/scoreboard. c.
- CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
- debian/patches/ 219_CVE- 2012-0053. dpatch: check lengths in
server/protocol. c.
- CVE-2012-0053 - 69. By Steve Beattie
-
* SECURITY UPDATE: mod_proxy reverse proxy exposure (LP: #877740)
- debian/patches/ 212_CVE- 2011-3368. dpatch: return 400
on invalid requests. (patch courtesy of Michael Jeanson)
- debian/patches/ 214_CVE- 2011-3368_ part2.dpatch: fix same for http
0.9 protocol
- CVE-2011-3368
* SECURITY UPDATE: mod_proxy_ajp denial of service (LP: #871674)
- debian/patches/ 213_CVE- 2011-3348. dpatch: return
HTTP_NOT_IMPLEMENTED when AJP_EBAD_METHOD is requested
- CVE-2011-3348
* SECURITY UPDATE: mpm-itk failure to drop privileges in certain
configurations
- debian/mpm-itk/ patches/ 11-CVE- 2011-1176. patch: merge
configurations correctly
- CVE-2011-1176
* Include additional fixes for regressions introduced by
CVE-2011-3192 fixes
- debian/patches/ 084_CVE- 2011-3192_ regression_ part2.dpatch:
take upstream fixes for byterange_filter.c through the 2.2.21
release except for the added MaxRanges configuration option along
with a fix staged for 2.2.22. - 68. By Steve Beattie
-
* SECURITY UPDATE: Range header DoS vulnerability
- debian/patches/ 083_CVE- 2011-3192. dpatch: filter out large
byte ranges and improve memory efficiency in handling buckets.
(thanks to Debian and upstream)
- CVE-2011-3192
* Include fix for regressions introduced by above patch:
- debian/patches/ 084_CVE- 2011-3192_ regression. dpatch: return 206
and 416 response codes where appropriate (see deban bug 639825) - 67. By Chuck Short
-
* Merge from debian unstable, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common. ufw.profile} : Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree
- debain/apache2.py, debian/apache2. 2-common. isntall: Add apport hook.
- debian/control, debian/ask-for- passphrase, debian/ config- dir/mods- available/ ssl.conf:
Plymouth aware passphrase dialog program ask-for-passphrase. - 66. By Chuck Short
-
debian/rules: Don't use "-fno-strict-
aliasing" since it causes
apache FTBFS on amd64. (LP: #711293) - 64. By Chuck Short
-
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common. ufw.profile} : Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree
- debain/apache2.py, debian/apache2. 2-common. isntall: Add apport hook.
- debian/control, debian/ask-for- passphrase, debian/ config- dir/mods- available/ ssl.conf:
Plymouth aware passphrase dialog program ask-for-passphrase. - 63. By Chuck Short
-
[Clint Byrum]
* Adding plymouth aware passphrase dialog program ask-for-passphrase.
(LP: #582963)
+ debian/control: apache2.2-common depends on bash for ask-for-passphrase
+ debian/config- dir/mods- available/ ssl.conf:
- SSLPassPhraseDialog now uses exec:/usr/share/apache2/ ask-for- passhrase [Chuck Short]
* Add apport hook. (LP: #609177)
+ debian/apache2.py, debian/apache2. 2-common. install - 62. By Chuck Short
-
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common. ufw.profile} : Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree - 61. By Chuck Short
-
* Merge from debian unstable. Remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, apache2.2-common. ufw.profile} : Add ufw profiles.
- debian/control: Add bzr tag and point it to our tree.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/oneiric/apache2