Ubuntu
apache2 package

lp:ubuntu/oneiric-security/apache2

  1. Oneiric (11.10)
  2. oneiric-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/oneiric-security/apache2
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

72. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
  directive (LP: #811422)
  - debian/patches/215_CVE-2011-3607.dpatch: validate length in
    server/util.c.
  - CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
  - debian/patches/216_CVE-2011-4317.dpatch: validate additional URIs in
    modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
    server/protocol.c.
  - CVE-2011-4317
* SECURITY UPDATE: denial of service via invalid cookie
  - debian/patches/217_CVE-2012-0021.dpatch: check name and value in
    modules/loggers/mod_log_config.c.
  - CVE-2012-0021
* SECURITY UPDATE: denial of service and possible code execution via
  type field modification within a scoreboard shared memory segment
  - debian/patches/218_CVE-2012-0031.dpatch: check type field in
    server/scoreboard.c.
  - CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
  - debian/patches/219_CVE-2012-0053.dpatch: check lengths in
    server/protocol.c.
  - CVE-2012-0053

71. By Steve Beattie

* SECURITY UPDATE: mod_proxy reverse proxy exposure (LP: #877740)
  - debian/patches/212_CVE-2011-3368.dpatch: return 400
    on invalid requests. (patch courtesy of Michael Jeanson)
  - CVE-2011-3368
* SECURITY UPDATE: mod_proxy_ajp denial of service (LP: #871674)
  - debian/patches/213_CVE-2011-3348.dpatch: return
    HTTP_NOT_IMPLEMENTED when AJP_EBAD_METHOD is requested
  - CVE-2011-3348
* Include additional fixes for regressions introduced by
  CVE-2011-3192 fixes
  - debian/patches/214_CVE-2011-3192_regression.dpatch:
    take upstream fixes for byterange_filter.c through the 2.2.21
    release except for the added MaxRanges configuration option, along
    with a staged fix for the 2.2.22 release.

70. By Steve Beattie

* Merge from debian unstable to fix CVE-2011-3192 (LP: #837991).
  Remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debian/apache2.py, debian/apache2.2-common.install: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

69. By Andres Rodriguez

* Merge from debian unstable (LP: #787013). Remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debian/apache2.py, debian/apache2.2-common.install: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

68. By Chuck Short

* Merge from debian unstable. Remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debain/apache2.py, debian/apache2.2-common.isntall: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

67. By Chuck Short

* Merge from debian unstable, remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debain/apache2.py, debian/apache2.2-common.isntall: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

66. By Chuck Short

debian/rules: Don't use "-fno-strict-aliasing" since it causes
apache FTBFS on amd64. (LP: #711293)

65. By Chuck Short

debian/rules: Use "-fno-strict-aliasing" to work around a gcc bug.
(LP: #697105)

64. By Chuck Short

* Merge from debian unstable. Remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debain/apache2.py, debian/apache2.2-common.isntall: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

63. By Chuck Short

[Clint Byrum]
* Adding plymouth aware passphrase dialog program ask-for-passphrase.
  (LP: #582963)
  + debian/control: apache2.2-common depends on bash for ask-for-passphrase
  + debian/config-dir/mods-available/ssl.conf:
    - SSLPassPhraseDialog now uses exec:/usr/share/apache2/ask-for-passhrase

[Chuck Short]
* Add apport hook. (LP: #609177)
  + debian/apache2.py, debian/apache2.2-common.install

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/precise/apache2
This branch contains Public information 
Everyone can see this information.

Subscribers