lp:ubuntu/+source/apache2

Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Repository scan failed

Scanning this repository for changes failed. You can manually rescan if required.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2020-02-07 18:07:33 UTC 2020-02-07
DSC file for 2.4.29-1ubuntu4.12

Author: Ubuntu Git Importer
Author Date: 2020-02-07 18:07:33 UTC

DSC file for 2.4.29-1ubuntu4.12

applied/ubuntu/bionic-proposed 2020-02-07 17:48:19 UTC 2020-02-07
Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-pr...

Author: Marc Deslauriers
Author Date: 2019-12-03 10:55:03 UTC

Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 53dff1d52d462b9d6ececf3ca5a028ee49ed5cc6
Unapplied parent: 2df6f03b749c787abe4b8da205f9794fe43e112a

New changelog entries:
  * Add TLSv1.3 support. (LP: #1845263)
    - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit
      which introduced TLSv1.3 support.

ubuntu/bionic-proposed 2020-02-07 17:48:19 UTC 2020-02-07
Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed

Author: Marc Deslauriers
Author Date: 2019-12-03 10:55:03 UTC

Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 2ad0745ef3eb129d595f582986f2cd5f34ea2534

New changelog entries:
  * Add TLSv1.3 support. (LP: #1845263)
    - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit
      which introduced TLSv1.3 support.

applied/ubuntu/bionic-devel 2020-02-07 17:48:19 UTC 2020-02-07
Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-pr...

Author: Marc Deslauriers
Author Date: 2019-12-03 10:55:03 UTC

Import patches-applied version 2.4.29-1ubuntu4.12 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 53dff1d52d462b9d6ececf3ca5a028ee49ed5cc6
Unapplied parent: 2df6f03b749c787abe4b8da205f9794fe43e112a

New changelog entries:
  * Add TLSv1.3 support. (LP: #1845263)
    - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit
      which introduced TLSv1.3 support.

ubuntu/bionic-devel 2020-02-07 17:48:19 UTC 2020-02-07
Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed

Author: Marc Deslauriers
Author Date: 2019-12-03 10:55:03 UTC

Import patches-unapplied version 2.4.29-1ubuntu4.12 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 2ad0745ef3eb129d595f582986f2cd5f34ea2534

New changelog entries:
  * Add TLSv1.3 support. (LP: #1845263)
    - debian/patches/tlsv1.3-support.patch: backport upstream 2.4 commit
      which introduced TLSv1.3 support.

importer/debian/dsc 2020-02-07 10:34:10 UTC 2020-02-07
DSC file for 2.4.41-4

Author: Ubuntu Git Importer
Author Date: 2020-02-07 10:34:10 UTC

DSC file for 2.4.41-4

debian/sid 2020-02-07 10:27:12 UTC 2020-02-07
Import patches-unapplied version 2.4.41-4 to debian/sid

Author: Xavier Guimard
Author Date: 2020-02-07 06:14:33 UTC

Import patches-unapplied version 2.4.41-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 14c2047fbc5ddafab8fa30e479383e0a5b8fca4b

New changelog entries:
  * Add gcc in chroot autopkgtest (fixes debci)

applied/debian/sid 2020-02-07 10:27:12 UTC 2020-02-07
Import patches-applied version 2.4.41-4 to applied/debian/sid

Author: Xavier Guimard
Author Date: 2020-02-07 06:14:33 UTC

Import patches-applied version 2.4.41-4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 576435cd0ea7af06385b75244f3f8b259ffb39fd
Unapplied parent: 0d6751ff2fe4b1306c01f13d02d98f848927d179

New changelog entries:
  * Add gcc in chroot autopkgtest (fixes debci)

applied/debian/buster 2019-11-16 10:39:07 UTC 2019-11-16
Import patches-applied version 2.4.38-3+deb10u3 to applied/debian/buster

Author: Salvatore Bonaccorso
Author Date: 2019-10-15 19:53:42 UTC

Import patches-applied version 2.4.38-3+deb10u3 to applied/debian/buster

Imported using git-ubuntu import.

Changelog parent: f26caf152756dc59975c5a2b388d4fd8d8612602
Unapplied parent: 5cf53f6ecf6bbfeaee3f7b2e5bbc6c65c807868d

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Annoatate patch for CVE-2019-10092: Add missing APLOGNO's in
    modules/proxy/mod_proxy.c and modules/proxy/mod_proxy_ftp.c
  * Fix CVE-2019-10092 patch (Closes: #941202)

debian/buster 2019-11-16 10:39:07 UTC 2019-11-16
Import patches-unapplied version 2.4.38-3+deb10u3 to debian/buster

Author: Salvatore Bonaccorso
Author Date: 2019-10-15 19:53:42 UTC

Import patches-unapplied version 2.4.38-3+deb10u3 to debian/buster

Imported using git-ubuntu import.

Changelog parent: 2d02e89511301c8100398791ef8d65c6a4b07150

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Annoatate patch for CVE-2019-10092: Add missing APLOGNO's in
    modules/proxy/mod_proxy.c and modules/proxy/mod_proxy_ftp.c
  * Fix CVE-2019-10092 patch (Closes: #941202)

ubuntu/xenial-updates 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

ubuntu/xenial-proposed 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

applied/ubuntu/xenial-proposed 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr...

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 48dadd9ce07245feee7374709c07faea92877456
Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

ubuntu/xenial-devel 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-unapplied version 2.4.18-2ubuntu3.14 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 77680cde0c65256b267966a5f34bff41578644a7

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

applied/ubuntu/xenial-updates 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr...

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 48dadd9ce07245feee7374709c07faea92877456
Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

applied/ubuntu/xenial-devel 2019-10-08 22:03:15 UTC 2019-10-08
Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-pr...

Author: Jesse Williamson
Author Date: 2019-10-08 13:31:25 UTC

Import patches-applied version 2.4.18-2ubuntu3.14 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 48dadd9ce07245feee7374709c07faea92877456
Unapplied parent: 454c65e516d2aa5a47f8054620d5d8138df2710f

New changelog entries:
  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

ubuntu/bionic-updates 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.29-1ubuntu4.11 to ubuntu/bionic-security

Author: Steve Beattie
Author Date: 2019-09-16 12:58:48 UTC

Import patches-unapplied version 2.4.29-1ubuntu4.11 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: e7a4a4340e4c6bae39d8f974aab81fdc05518e62

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/bionic-updates 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.29-1ubuntu4.11 to applied/ubuntu/bionic-se...

Author: Steve Beattie
Author Date: 2019-09-16 12:58:48 UTC

Import patches-applied version 2.4.29-1ubuntu4.11 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 663cde922310803ff9961cdc601a23fe15eb7341
Unapplied parent: 73ad3b6ec0f4dd1b01e8f2fb8338149a9c621b78

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/bionic-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.29-1ubuntu4.11 to applied/ubuntu/bionic-se...

Author: Steve Beattie
Author Date: 2019-09-16 12:58:48 UTC

Import patches-applied version 2.4.29-1ubuntu4.11 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 663cde922310803ff9961cdc601a23fe15eb7341
Unapplied parent: 73ad3b6ec0f4dd1b01e8f2fb8338149a9c621b78

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/disco-updates 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu...

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e
Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/disco-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu...

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e
Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

ubuntu/xenial-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.18-2ubuntu3.13 to ubuntu/xenial-security

Author: Steve Beattie
Author Date: 2019-09-16 13:13:53 UTC

Import patches-unapplied version 2.4.18-2ubuntu3.13 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9753035d2b58c6df6e643f1c86517ba839118265

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/disco-devel 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-secu...

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-applied version 2.4.38-2ubuntu2.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 25242b3cad3d3ee96b210866a5daaaafcb46d26e
Unapplied parent: ee6c7961c7c7082eb19fb36bacb17873ce048477

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/ubuntu/xenial-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-applied version 2.4.18-2ubuntu3.13 to applied/ubuntu/xenial-se...

Author: Steve Beattie
Author Date: 2019-09-16 13:13:53 UTC

Import patches-applied version 2.4.18-2ubuntu3.13 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 4ca4b92d9b92febfe12421466d62d353a663602d
Unapplied parent: ab6fa7b9c4aad86b94a1b9d075fccb3e7e17f65e

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

ubuntu/disco-devel 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

ubuntu/disco-updates 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

ubuntu/disco-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-09-16 12:36:25 UTC

Import patches-unapplied version 2.4.38-2ubuntu2.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 327c9ae8953815325ec0f428ce5c36801c16a0f2

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

ubuntu/bionic-security 2019-09-17 12:18:12 UTC 2019-09-17
Import patches-unapplied version 2.4.29-1ubuntu4.11 to ubuntu/bionic-security

Author: Steve Beattie
Author Date: 2019-09-16 12:58:48 UTC

Import patches-unapplied version 2.4.29-1ubuntu4.11 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: e7a4a4340e4c6bae39d8f974aab81fdc05518e62

New changelog entries:
  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

applied/debian/stretch 2019-09-07 17:37:47 UTC 2019-09-07
Import patches-applied version 2.4.25-3+deb9u8 to applied/debian/stretch

Author: Stefan Fritsch
Author Date: 2019-08-19 19:25:31 UTC

Import patches-applied version 2.4.25-3+deb9u8 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 65a8d42349ff8bc1e4dbd704082abb21c7e49395
Unapplied parent: 62f255257947963d7ce1a9f4b155068e147b5af8

New changelog entries:
  [ Xavier Guimard ]
  * Add patch to limit cross-site scripting in mod_proxy (Closes: CVE-2019-10092)
  * Import http2 modules from 2.4.41 (Closes: CVE-2019-9517, CVE-2019-10082, CVE-2019-10081)
  * Add patch to set PCRE_DOTALL by default (Closes: CVE-2019-10098)
  [ Stefan Fritsch ]
  * Add -Werror=implicit-function-declaration to compile options to catch
    problems with backports.

debian/stretch 2019-09-07 17:37:47 UTC 2019-09-07
Import patches-unapplied version 2.4.25-3+deb9u8 to debian/stretch

Author: Stefan Fritsch
Author Date: 2019-08-19 19:25:31 UTC

Import patches-unapplied version 2.4.25-3+deb9u8 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: affacb033dd1f0938497d8551999d33159a0694a

New changelog entries:
  [ Xavier Guimard ]
  * Add patch to limit cross-site scripting in mod_proxy (Closes: CVE-2019-10092)
  * Import http2 modules from 2.4.41 (Closes: CVE-2019-9517, CVE-2019-10082, CVE-2019-10081)
  * Add patch to set PCRE_DOTALL by default (Closes: CVE-2019-10098)
  [ Stefan Fritsch ]
  * Add -Werror=implicit-function-declaration to compile options to catch
    problems with backports.

applied/ubuntu/focal-devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/focal 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

applied/ubuntu/focal 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/eoan-proposed 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

applied/ubuntu/eoan 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

applied/ubuntu/eoan-devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/eoan-devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/eoan 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/focal-devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

applied/ubuntu/eoan-proposed 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-unapplied version 2.4.41-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 7e8193f3f2538a444b296255c5cfd09a62df47e5

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

applied/ubuntu/devel 2019-08-15 12:48:33 UTC 2019-08-15
Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Author: Andreas Hasenack
Author Date: 2019-08-14 14:36:32 UTC

Import patches-applied version 2.4.41-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 738314937cb384178bed5bd0bc11616b3a3b0772
Unapplied parent: 17fe60028b548d5021225c9c76b5467da4eba2a4

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Dropped:
    - Cherrypick upstream testsuite fix:
      + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation"
      as such).
      + Similarly use TLSv1.2 for pr12355 and pr43738.
        [Test suite updated in 2.4.41-1]
    - Cherrypick upstream test suite fix for buffer.
      [Included in 2.4.41-1]
    - d/p/spelling-errors.patch: removed hunks already fixed upstream
      [Included in 2.4.39-1]
    - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1):
      + d/p/CVE-2019-0196.patch
      + d/p/CVE-2019-0211.patch
      + d/p/CVE-2019-0215.patch
      + d/p/CVE-2019-0217.patch
      + d/p/CVE-2019-0220-*.patch
      + d/p/CVE-2019-0197.patch
  * Added:
    - d/perl-framework/t/modules/allowmethods.t: disable reset test. This
      was re-added by mistake in 2.4.41-1 (Closes: #921024)

ubuntu/cosmic-devel 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 628cf297002077e42ee70d2240dded26209c294d

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

applied/ubuntu/cosmic-devel 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro...

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf
Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

applied/ubuntu/cosmic-updates 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro...

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf
Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

ubuntu/cosmic-updates 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 628cf297002077e42ee70d2240dded26209c294d

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

applied/ubuntu/cosmic-proposed 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-pro...

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-applied version 2.4.34-1ubuntu2.3 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 32cb159b352f035f936df9a1a3a33c02a40767cf
Unapplied parent: 775362fc338dbd167bfb8686533e436623f6cda0

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

ubuntu/cosmic-proposed 2019-07-17 17:28:20 UTC 2019-07-17
Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2019-07-16 20:27:06 UTC

Import patches-unapplied version 2.4.34-1ubuntu2.3 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 628cf297002077e42ee70d2240dded26209c294d

New changelog entries:
  * d/p/ssl-read-rc-value-openssl-1.1.1.patch: Handle SSL_read() return code 0
    similarly to <0 with openssl 1.1.1
  * d/p/clear-retry-flags-before-abort.patch: clear retry flags before
    aborting on client-initiated reneg (LP: #1836329)

ubuntu/cosmic-security 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-unapplied version 2.4.34-1ubuntu2.1 to ubuntu/cosmic-security

Author: Marc Deslauriers
Author Date: 2019-04-03 12:50:09 UTC

Import patches-unapplied version 2.4.34-1ubuntu2.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: c01ee5a6ff12c19ca89f37cf3f112ad04e0d951b

New changelog entries:
  * SECURITY UPDATE: slowloris DoS in mod_http2
    - debian/patches/CVE-2018-17189.patch: change cleanup strategy for
      slave connections in modules/http2/h2_conn.c.
    - CVE-2018-17189
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

ubuntu/trusty-updates 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/trusty-security 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e
Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/cosmic-security 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-applied version 2.4.34-1ubuntu2.1 to applied/ubuntu/cosmic-sec...

Author: Marc Deslauriers
Author Date: 2019-04-03 12:50:09 UTC

Import patches-applied version 2.4.34-1ubuntu2.1 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 66cf474c05f5ccc50455c09ae4e45aef8ed1793f
Unapplied parent: 245ef397d9af30ddfcda49d53654a760ea7a8e5d

New changelog entries:
  * SECURITY UPDATE: slowloris DoS in mod_http2
    - debian/patches/CVE-2018-17189.patch: change cleanup strategy for
      slave connections in modules/http2/h2_conn.c.
    - CVE-2018-17189
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/trusty-updates 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e
Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

ubuntu/trusty-devel 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

ubuntu/trusty-security 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-unapplied version 2.4.7-1ubuntu4.22 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 0b650c8ba19c535d768b044a174fd3f34c865882

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/trusty-devel 2019-04-04 15:03:13 UTC 2019-04-04
Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-04-03 14:37:52 UTC

Import patches-applied version 2.4.7-1ubuntu4.22 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: dd6ba45dddfe265a828be6fbc0a1cc26339c9a5e
Unapplied parent: 0e68b70f753dfa4a40d2a603a27163b26ddeaa21

New changelog entries:
  * SECURITY UPDATE: mod_session expiry time issue
    - debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
      that could not be decoded in modules/session/mod_session.c.
    - debian/patches/CVE-2018-17199.patch: always decode session attributes
      early in modules/session/mod_session.c.
    - CVE-2018-17199
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

ubuntu/disco 2019-04-04 00:18:14 UTC 2019-04-04
Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-04-03 18:31:46 UTC

Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 065c91fc0057a94d466f1f3589984b27fcfbf53c

New changelog entries:
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_ssl access control bypass
    - debian/patches/CVE-2019-0215.patch: restore SSL verify state after
      PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c.
    - CVE-2019-0215
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

ubuntu/disco-proposed 2019-04-04 00:18:14 UTC 2019-04-04
Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-04-03 18:31:46 UTC

Import patches-unapplied version 2.4.38-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 065c91fc0057a94d466f1f3589984b27fcfbf53c

New changelog entries:
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_ssl access control bypass
    - debian/patches/CVE-2019-0215.patch: restore SSL verify state after
      PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c.
    - CVE-2019-0215
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/disco-proposed 2019-04-04 00:18:14 UTC 2019-04-04
Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-04-03 18:31:46 UTC

Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: d593a21e22d85e50dc60ffd3e9c13cf039af641d
Unapplied parent: 7a185371bbc4fd4f8c2330f18999f124d1483f6c

New changelog entries:
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_ssl access control bypass
    - debian/patches/CVE-2019-0215.patch: restore SSL verify state after
      PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c.
    - CVE-2019-0215
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/disco 2019-04-04 00:18:14 UTC 2019-04-04
Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-04-03 18:31:46 UTC

Import patches-applied version 2.4.38-2ubuntu2 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: d593a21e22d85e50dc60ffd3e9c13cf039af641d
Unapplied parent: 7a185371bbc4fd4f8c2330f18999f124d1483f6c

New changelog entries:
  * SECURITY UPDATE: read-after-free on a string compare in mod_http2
    - debian/patches/CVE-2019-0196.patch: disentangelment of stream and
      request method in modules/http2/h2_request.c.
    - CVE-2019-0196
  * SECURITY UPDATE: privilege escalation from modules' scripts
    - debian/patches/CVE-2019-0211.patch: bind the bucket number of each
      child to its slot number in include/scoreboard.h,
      server/mpm/event/event.c, server/mpm/prefork/prefork.c,
      server/mpm/worker/worker.c.
    - CVE-2019-0211
  * SECURITY UPDATE: mod_ssl access control bypass
    - debian/patches/CVE-2019-0215.patch: restore SSL verify state after
      PHA failure in TLSv1.3 in modules/ssl/ssl_engine_kernel.c.
    - CVE-2019-0215
  * SECURITY UPDATE: mod_auth_digest access control bypass
    - debian/patches/CVE-2019-0217.patch: fix a race condition in
      modules/aaa/mod_auth_digest.c.
    - CVE-2019-0217
  * SECURITY UPDATE: URL normalization inconsistincy
    - debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
      the path in include/http_core.h, include/httpd.h, server/core.c,
      server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
      in server/request.c, server/util.c.
    - debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
      server/util.c.
    - CVE-2019-0220

applied/ubuntu/trusty-proposed 2018-11-28 00:08:17 UTC 2018-11-28
Import patches-applied version 2.4.7-1ubuntu4.21 to applied/ubuntu/trusty-pro...

Author: Andreas Hasenack
Author Date: 2018-11-23 19:45:20 UTC

Import patches-applied version 2.4.7-1ubuntu4.21 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: c927cf7dc322d0d42878387def4606c12d83f830
Unapplied parent: 56356e86d2b58595a3e370f8ff50c74ff857c99a

New changelog entries:
  * d/p/AuthzProviderAlias-visibility.patch: Allow <AuthzProviderAlias>'es
    to be seen from auth stanzas under virtual hosts (LP: #1529355)

ubuntu/trusty-proposed 2018-11-28 00:08:17 UTC 2018-11-28
Import patches-unapplied version 2.4.7-1ubuntu4.21 to ubuntu/trusty-proposed

Author: Andreas Hasenack
Author Date: 2018-11-23 19:45:20 UTC

Import patches-unapplied version 2.4.7-1ubuntu4.21 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: b6bc6bdec9edcafb645ba0012ba945909c0a4445

New changelog entries:
  * d/p/AuthzProviderAlias-visibility.patch: Allow <AuthzProviderAlias>'es
    to be seen from auth stanzas under virtual hosts (LP: #1529355)

ubuntu/cosmic 2018-10-03 16:53:33 UTC 2018-10-03
Import patches-unapplied version 2.4.34-1ubuntu2 to ubuntu/cosmic-proposed

Author: Marc Deslauriers
Author Date: 2018-10-03 13:57:22 UTC

Import patches-unapplied version 2.4.34-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 54cf94ea486abd9b821825e9707ccbab064f95a2

New changelog entries:
  * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames
    - debian/patches/CVE-2018-11763.patch: rework connection IO event
      handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
      modules/http2/h2_version.h.
    - CVE-2018-11763

applied/ubuntu/cosmic 2018-10-03 16:53:33 UTC 2018-10-03
Import patches-applied version 2.4.34-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Marc Deslauriers
Author Date: 2018-10-03 13:57:22 UTC

Import patches-applied version 2.4.34-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 5ee6fd8ed95918bf0ee925dea807050d1eb973de
Unapplied parent: 3f7f83fc1fbbeb37142f2b0b6388c60e9e3e8ec0

New changelog entries:
  * SECURITY UPDATE: denial of service in HTTP/2 via large SETTINGS frames
    - debian/patches/CVE-2018-11763.patch: rework connection IO event
      handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
      modules/http2/h2_version.h.
    - CVE-2018-11763

applied/debian/jessie 2018-06-23 17:05:20 UTC 2018-06-23
Import patches-applied version 2.4.10-10+deb8u12 to applied/debian/jessie

Author: Stefan Fritsch
Author Date: 2018-03-31 09:31:57 UTC

Import patches-applied version 2.4.10-10+deb8u12 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 00e390572793fa6a05c5e856c4800602946e1a18
Unapplied parent: c4596a9809422583e0b43d77aa93bcc4edb1d15f

New changelog entries:
  * CVE-2017-15710: mod_authnz_ldap: Out of bound write in mod_authnz_ldap
    when using too small Accept-Language values.
  * CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file
    name.
    Configure the regular expression engine to match '$' to the end of
    the input string only, excluding matching the end of any embedded
    newline characters. Behavior can be changed with new directive
    'RegexDefaultOptions'.
  * CVE-2018-1283: Tampering of mod_session data for CGI applications.
  * CVE-2018-1301: Possible out of bound access after failure in reading the
    HTTP request
  * CVE-2018-1303: Possible out of bound read in mod_cache_socache
  * CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation

debian/jessie 2018-06-23 17:05:20 UTC 2018-06-23
Import patches-unapplied version 2.4.10-10+deb8u12 to debian/jessie

Author: Stefan Fritsch
Author Date: 2018-03-31 09:31:57 UTC

Import patches-unapplied version 2.4.10-10+deb8u12 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 2c986900081af76f74ef6d53bd789ecf4497af8e

New changelog entries:
  * CVE-2017-15710: mod_authnz_ldap: Out of bound write in mod_authnz_ldap
    when using too small Accept-Language values.
  * CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file
    name.
    Configure the regular expression engine to match '$' to the end of
    the input string only, excluding matching the end of any embedded
    newline characters. Behavior can be changed with new directive
    'RegexDefaultOptions'.
  * CVE-2018-1283: Tampering of mod_session data for CGI applications.
  * CVE-2018-1301: Possible out of bound access after failure in reading the
    HTTP request
  * CVE-2018-1303: Possible out of bound read in mod_cache_socache
  * CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation

applied/ubuntu/artful-updates 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro...

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb
Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

ubuntu/artful-devel 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

ubuntu/artful-updates 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

applied/ubuntu/artful-proposed 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro...

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb
Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

applied/ubuntu/artful-devel 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-pro...

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-applied version 2.4.27-2ubuntu4.2 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: fd5338f20b378326a61beb4dbbc6e669e496b4bb
Unapplied parent: 642df2d682545baf86a0432c70bf133875b1f9c6

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

ubuntu/artful-proposed 2018-06-13 14:58:14 UTC 2018-06-13
Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2018-06-07 20:53:23 UTC

Import patches-unapplied version 2.4.27-2ubuntu4.2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: cbc32000dfcc49bf646d2453fa1b15f7c2075c8c

New changelog entries:
  * debian/patches/includeoptional-ignore-non-existent.patch: silently
    ignore a not existent file path with IncludeOptional . Closes LP:
    #1766186.

applied/ubuntu/artful-security 2018-04-19 12:28:31 UTC 2018-04-19
Import patches-applied version 2.4.27-2ubuntu4.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-04-18 14:20:05 UTC

Import patches-applied version 2.4.27-2ubuntu4.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 4cbcac15d53554def83f1ce8815ed41072705790
Unapplied parent: c8d6bd075d7b5cd749d1ab0ab8967330d73fbee5

New changelog entries:
  * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
    - debian/patches/CVE-2017-15710.patch: fix language long names
      detection as short name in modules/aaa/mod_authnz_ldap.c.
    - CVE-2017-15710
  * SECURITY UPDATE: incorrect <FilesMatch> matching
    - debian/patches/CVE-2017-15715.patch: allow to configure
      global/default options for regexes, like caseless matching or
      extended format in include/ap_regex.h, server/core.c,
      server/util_pcre.c.
    - CVE-2017-15715
  * SECURITY UPDATE: mod_session header manipulation
    - debian/patches/CVE-2018-1283.patch: strip Session header when
      SessionEnv is on in modules/session/mod_session.c.
    - CVE-2018-1283
  * SECURITY UPDATE: DoS via specially-crafted request
    - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
      terminated on any error, not only on buffer full in
      server/protocol.c.
    - CVE-2018-1301
  * SECURITY UPDATE: mod_cache_socache DoS
    - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
      to carriage return in modules/cache/mod_cache_socache.c.
    - CVE-2018-1303
  * SECURITY UPDATE: insecure nonce generation
    - debian/patches/CVE-2018-1312.patch: actually use the secret when
      generating nonces in modules/aaa/mod_auth_digest.c.
    - CVE-2018-1312

ubuntu/artful-security 2018-04-19 12:28:31 UTC 2018-04-19
Import patches-unapplied version 2.4.27-2ubuntu4.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-04-18 14:20:05 UTC

Import patches-unapplied version 2.4.27-2ubuntu4.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: c7c79f29748d24bb5f9fbc71b131aef8cc4117c2

New changelog entries:
  * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
    - debian/patches/CVE-2017-15710.patch: fix language long names
      detection as short name in modules/aaa/mod_authnz_ldap.c.
    - CVE-2017-15710
  * SECURITY UPDATE: incorrect <FilesMatch> matching
    - debian/patches/CVE-2017-15715.patch: allow to configure
      global/default options for regexes, like caseless matching or
      extended format in include/ap_regex.h, server/core.c,
      server/util_pcre.c.
    - CVE-2017-15715
  * SECURITY UPDATE: mod_session header manipulation
    - debian/patches/CVE-2018-1283.patch: strip Session header when
      SessionEnv is on in modules/session/mod_session.c.
    - CVE-2018-1283
  * SECURITY UPDATE: DoS via specially-crafted request
    - debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
      terminated on any error, not only on buffer full in
      server/protocol.c.
    - CVE-2018-1301
  * SECURITY UPDATE: mod_cache_socache DoS
    - debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
      to carriage return in modules/cache/mod_cache_socache.c.
    - CVE-2018-1303
  * SECURITY UPDATE: insecure nonce generation
    - debian/patches/CVE-2018-1312.patch: actually use the secret when
      generating nonces in modules/aaa/mod_auth_digest.c.
    - CVE-2018-1312

importer/debian/pristine-tar 2018-03-31 04:34:04 UTC 2018-03-31
pristine-tar data for apache2_2.4.33.orig.tar.bz2

Author: Ubuntu Git Importer
Author Date: 2018-03-31 04:34:04 UTC

pristine-tar data for apache2_2.4.33.orig.tar.bz2

applied/ubuntu/bionic 2018-03-29 13:13:40 UTC 2018-03-29
Import patches-applied version 2.4.29-1ubuntu4 to applied/ubuntu/bionic-proposed

Author: Rafael David Tinoco
Author Date: 2018-03-02 02:19:31 UTC

Import patches-applied version 2.4.29-1ubuntu4 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: e6a5ba316444c6a85aad977dc10a7ed7b1e830e3
Unapplied parent: 5f28e42a84d851b044f2aa09adaa6e79ea98871d

New changelog entries:
  * Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP: #1752683)
    - added debian/patches/util_ldap_cache_lock_fix.patch

ubuntu/bionic 2018-03-29 13:13:40 UTC 2018-03-29
Import patches-unapplied version 2.4.29-1ubuntu4 to ubuntu/bionic-proposed

Author: Rafael David Tinoco
Author Date: 2018-03-02 02:19:31 UTC

Import patches-unapplied version 2.4.29-1ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 37630b8cc1dfd80c1b632f3e56c6a507e68d17be

New changelog entries:
  * Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP: #1752683)
    - added debian/patches/util_ldap_cache_lock_fix.patch

importer/ubuntu/pristine-tar 2018-03-07 17:08:01 UTC 2018-03-07
pristine-tar data for apache2_2.4.29.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-07 17:08:01 UTC

pristine-tar data for apache2_2.4.29.orig.tar.gz

ubuntu/zesty-security 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

ubuntu/zesty-updates 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

applied/ubuntu/zesty-updates 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2
Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

applied/ubuntu/zesty-security 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2
Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

applied/ubuntu/zesty-devel 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-applied version 2.4.25-3ubuntu2.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: e391d728f15d6a2fa6a4ddde7cf4121ccca6d9d2
Unapplied parent: 4c6e6ab90f12f4ef7f1a84ab40c605c925d42ab3

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

ubuntu/zesty-devel 2017-09-19 17:24:04 UTC 2017-09-19
Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-18 15:08:28 UTC

Import patches-unapplied version 2.4.25-3ubuntu2.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 8840cd42bf40a2c00ee0748841c259cc96f7a7df

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

ubuntu/artful 2017-09-18 16:54:16 UTC 2017-09-18
Import patches-unapplied version 2.4.27-2ubuntu3 to ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-18 15:05:48 UTC

Import patches-unapplied version 2.4.27-2ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f09ecdf404a45f84d3f6706d7415653f3faa38d7

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

applied/ubuntu/artful 2017-09-18 16:54:16 UTC 2017-09-18
Import patches-applied version 2.4.27-2ubuntu3 to applied/ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-18 15:05:48 UTC

Import patches-applied version 2.4.27-2ubuntu3 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: a9d928beb04c919f0eb42bddd3574598261d3b03
Unapplied parent: b854305b2d29d662ed441f6a66952ab5649ed634

New changelog entries:
  * SECURITY UPDATE: optionsbleed information leak
    - debian/patches/CVE-2017-9798.patch: disallow method registration
      at run time in server/core.c.
    - CVE-2017-9798

debian/experimental 2017-08-09 04:27:50 UTC 2017-08-09
Import patches-unapplied version 2.4.27-4 to debian/experimental

Author: Stefan Fritsch
Author Date: 2017-08-08 19:59:37 UTC

Import patches-unapplied version 2.4.27-4 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: f7ef7e92d24d60f681df739f05081350a628d775

New changelog entries:
  * Use 'invoke-rc.d' instead of init script in logrotate script.
    Closes: #857607
  * Make the apache-htcacheclean init script actually look into
    /etc/default/apache-htcacheclean for its config. LP: #1691495
  * mime.conf: Guard AddOutputFilter INCLUDES with proper <IfModule>.
    LP: #1675184
  * Use 'service' instead of init script in monit example config.
  * Bump Standards-Version to 4.0.1. Other changes:
    - change package priorities from extra to optional
  * Use libprotocol-http2-perl in autopkgtest.
  * Update test suite to svn r1804214.
  * Various tweaks to the test suite autopkgtest to avoid having to skip
    any test.
  * Also remove -DBUILD_DATETIME and -fdebug-prefix-map from config_vars.mk
    to avoid them being used by apxs.
  * deflate.conf: Remove mention of MSIE6

applied/debian/experimental 2017-08-09 04:27:50 UTC 2017-08-09
Import patches-applied version 2.4.27-4 to applied/debian/experimental

Author: Stefan Fritsch
Author Date: 2017-08-08 19:59:37 UTC

Import patches-applied version 2.4.27-4 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: de4d68c17b6c366eaed7527386ac0b365b227b8c
Unapplied parent: 750c574d225db8c1f1c796236fc6674648ca780c

New changelog entries:
  * Use 'invoke-rc.d' instead of init script in logrotate script.
    Closes: #857607
  * Make the apache-htcacheclean init script actually look into
    /etc/default/apache-htcacheclean for its config. LP: #1691495
  * mime.conf: Guard AddOutputFilter INCLUDES with proper <IfModule>.
    LP: #1675184
  * Use 'service' instead of init script in monit example config.
  * Bump Standards-Version to 4.0.1. Other changes:
    - change package priorities from extra to optional
  * Use libprotocol-http2-perl in autopkgtest.
  * Update test suite to svn r1804214.
  * Various tweaks to the test suite autopkgtest to avoid having to skip
    any test.
  * Also remove -DBUILD_DATETIME and -fdebug-prefix-map from config_vars.mk
    to avoid them being used by apxs.
  * deflate.conf: Remove mention of MSIE6

applied/ubuntu/yakkety-devel 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b
Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

ubuntu/yakkety-security 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

ubuntu/yakkety-updates 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

applied/ubuntu/yakkety-security 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b
Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

ubuntu/yakkety-devel 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-unapplied version 2.4.18-2ubuntu4.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 0f872b4a1d471912b5ed65424bd22f3e11b801d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

applied/ubuntu/yakkety-updates 2017-06-26 17:13:38 UTC 2017-06-26
Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-06-26 11:57:04 UTC

Import patches-applied version 2.4.18-2ubuntu4.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 59181d55c088186b8fdbac93ebfecb6ecb77799b
Unapplied parent: 20f84083a9f4578ac55e63b09549b1abce1b36d7

New changelog entries:
  * SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
    - debian/patches/CVE-2017-3167.patch: deprecate and replace
      ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
      server/protocol.c, server/request.c.
    - CVE-2017-3167
  * SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
    - debian/patches/CVE-2017-3169.patch: fix ctx passed to
      ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
    - CVE-2017-3169
  * SECURITY UPDATE: denial of service and possible incorrect value return
    in HTTP strict parsing changes
    - debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
      server/util.c.
    - CVE-2017-7668
  * SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
    - debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
      modules/http/mod_mime.c.
    - CVE-2017-7679

ubuntu/zesty 2017-02-10 17:03:26 UTC 2017-02-10
Import patches-unapplied version 2.4.25-3ubuntu2 to ubuntu/zesty-proposed

Author: Nish Aravamudan
Author Date: 2017-02-10 16:53:43 UTC

Import patches-unapplied version 2.4.25-3ubuntu2 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: f110b98a2e759a131e5fa7b6b13c58d73f6c1550

New changelog entries:
  * Undrop (LP 1658469):
    - Don't build experimental http2 module for LTS:
      + debian/control: removed libnghttp2-dev Build-Depends (in universe).
      + debian/config-dir/mods-available/http2.load: removed.
      + debian/rules: removed proxy_http2 from configure.
      + debian/apache2.maintscript: remove http2 conffile.

ubuntu/zesty-proposed 2017-02-10 17:03:26 UTC 2017-02-10
Import patches-unapplied version 2.4.25-3ubuntu2 to ubuntu/zesty-proposed

Author: Nish Aravamudan
Author Date: 2017-02-10 16:53:43 UTC

Import patches-unapplied version 2.4.25-3ubuntu2 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: f110b98a2e759a131e5fa7b6b13c58d73f6c1550

New changelog entries:
  * Undrop (LP 1658469):
    - Don't build experimental http2 module for LTS:
      + debian/control: removed libnghttp2-dev Build-Depends (in universe).
      + debian/config-dir/mods-available/http2.load: removed.
      + debian/rules: removed proxy_http2 from configure.
      + debian/apache2.maintscript: remove http2 conffile.

applied/ubuntu/zesty-proposed 2017-02-10 17:03:26 UTC 2017-02-10
Import patches-applied version 2.4.25-3ubuntu2 to applied/ubuntu/zesty-proposed

Author: Nish Aravamudan
Author Date: 2017-02-10 16:53:43 UTC

Import patches-applied version 2.4.25-3ubuntu2 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c104dcc49e7323e1d3aca5e7aefae424c3cbd16f
Unapplied parent: 76f1c069823774bac311b0800f8910f2bf6c8124

New changelog entries:
  * Undrop (LP 1658469):
    - Don't build experimental http2 module for LTS:
      + debian/control: removed libnghttp2-dev Build-Depends (in universe).
      + debian/config-dir/mods-available/http2.load: removed.
      + debian/rules: removed proxy_http2 from configure.
      + debian/apache2.maintscript: remove http2 conffile.

applied/ubuntu/zesty 2017-02-10 17:03:26 UTC 2017-02-10
Import patches-applied version 2.4.25-3ubuntu2 to applied/ubuntu/zesty-proposed

Author: Nish Aravamudan
Author Date: 2017-02-10 16:53:43 UTC

Import patches-applied version 2.4.25-3ubuntu2 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c104dcc49e7323e1d3aca5e7aefae424c3cbd16f
Unapplied parent: 76f1c069823774bac311b0800f8910f2bf6c8124

New changelog entries:
  * Undrop (LP 1658469):
    - Don't build experimental http2 module for LTS:
      + debian/control: removed libnghttp2-dev Build-Depends (in universe).
      + debian/config-dir/mods-available/http2.load: removed.
      + debian/rules: removed proxy_http2 from configure.
      + debian/apache2.maintscript: remove http2 conffile.

applied/ubuntu/trusty-backports 2016-08-31 16:24:27 UTC 2016-08-31
Import patches-applied version 2.4.10-1ubuntu1.1~ubuntu14.04.2 to applied/ubu...

Author: Mike Gerow
Author Date: 2016-07-21 21:53:00 UTC

Import patches-applied version 2.4.10-1ubuntu1.1~ubuntu14.04.2 to applied/ubuntu/trusty-backports

Imported using git-ubuntu import.

Changelog parent: 46aa6c92efb0b769d76ae9b1fe9cee8bbc0b0593
Unapplied parent: 9cb03113c76117fb38daca7051c91db25f8f1584

New changelog entries:
  * CVE-2016-5387 (LP: #1604209)

ubuntu/trusty-backports 2016-08-31 16:24:27 UTC 2016-08-31
Import patches-unapplied version 2.4.10-1ubuntu1.1~ubuntu14.04.2 to ubuntu/tr...

Author: Mike Gerow
Author Date: 2016-07-21 21:53:00 UTC

Import patches-unapplied version 2.4.10-1ubuntu1.1~ubuntu14.04.2 to ubuntu/trusty-backports

Imported using git-ubuntu import.

Changelog parent: 3921bce3edba179bfd690db4379555e796b54371

New changelog entries:
  * CVE-2016-5387 (LP: #1604209)

1100 of 308 results
This repository contains Public information 
Everyone can see this information.