ubuntu/+source/apache2:applied/ubuntu/bionic-security

Last commit made on 2018-10-03
Get this branch:
git clone -b applied/ubuntu/bionic-security https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/bionic-security
Repository:
lp:ubuntu/+source/apache2

Recent commits

b81055e... by Marc Deslauriers on 2018-10-03

Import patches-applied version 2.4.29-1ubuntu4.4 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: b1dc81633deaeb602e70296e59533ffb430dfb6b
Unapplied parent: 6a63f35062a52debacf4d7161301c8e6aeec02a6

New changelog entries:
  * SECURITY UPDATE: DoS in HTTP/2 via NULL pointer
    - debian/patches/CVE-2018-1302.patch: remove obsolete stream detach
      code in modules/http2/h2_bucket_beam.c, modules/http2/h2_stream.c,
      modules/http2/h2_stream.h.
    - CVE-2018-1302
  * SECURITY UPDATE: DoS in HTTP/2 via worker exhaustion
    - debian/patches/CVE-2018-1333.patch: always wake up any conditional
      waits when streams are aborted in modules/http2/h2_bucket_beam.c.
    - CVE-2018-1333
  * SECURITY UPDATE: DoS in HTTP/2 via large SETTINGS frames
    - debian/patches/CVE-2018-11763.patch: rework connection IO event
      handling in modules/http2/h2_session.c, modules/http2/h2_session.h,
      modules/http2/h2_version.h.
    - CVE-2018-11763

6a63f35... by Marc Deslauriers on 2018-10-03

[PATCH] Merge r1840010 from trunk:

Gbp-Pq: CVE-2018-11763.patch.

3969fb6... by Marc Deslauriers on 2018-10-03

[PATCH] Merge r1828879 from trunk:

Gbp-Pq: CVE-2018-1333.patch.

4af90cf... by Marc Deslauriers on 2018-10-03

[PATCH] On the trunk:

Gbp-Pq: CVE-2018-1302.patch.

f806cbe... by Marc Deslauriers on 2018-10-03

Provide an RFC1035 compliant version of the hostname

Gbp-Pq: balance-member-long-hostname-part2.patch.

9f58a28... by Marc Deslauriers on 2018-10-03

Too long hostnames and schemes are no longer fatal errors

Gbp-Pq: balance-member-long-hostname-part1.patch.

fb13f4b... by Marc Deslauriers on 2018-10-03

silently ignore a not existent file path with IncludeOptional

Gbp-Pq: includeoptional-ignore-non-existent.patch.

a74c907... by Marc Deslauriers on 2018-10-03

fix insecure nonce generation

Gbp-Pq: CVE-2018-1312.patch.

4e30229... by Marc Deslauriers on 2018-10-03

fix mod_cache_socache DoS

Gbp-Pq: CVE-2018-1303.patch.

e0b559b... by Marc Deslauriers on 2018-10-03

fix DoS via specially-crafted request

Gbp-Pq: CVE-2018-1301.patch.