ubuntu/+source/apache2:applied/ubuntu/cosmic-devel

Last commit made on 2018-05-15
Get this branch:
git clone -b applied/ubuntu/cosmic-devel https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/cosmic-devel
Repository:
lp:ubuntu/+source/apache2

Recent commits

1d275b5... by Andreas Hasenack on 2018-05-15

Import patches-applied version 2.4.33-3ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 7635cf587aad79ac498d3087b3fdf860cb1e9d61
Unapplied parent: aed4519920ebc0f936b352ef6e155685b47fe5e7

New changelog entries:
  * Merge with Debian unstable (LP: #1770242). Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Drop:
    - SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
      + debian/patches/CVE-2017-15710.patch: fix language long names
        detection as short name in modules/aaa/mod_authnz_ldap.c.
      + CVE-2017-15710
    - SECURITY UPDATE: incorrect <FilesMatch> matching
      + debian/patches/CVE-2017-15715.patch: allow to configure
        global/default options for regexes, like caseless matching or
        extended format in include/ap_regex.h, server/core.c,
        server/util_pcre.c.
      + CVE-2017-15715
    - SECURITY UPDATE: mod_session header manipulation
      + debian/patches/CVE-2018-1283.patch: strip Session header when
        SessionEnv is on in modules/session/mod_session.c.
      + CVE-2018-1283
    - SECURITY UPDATE: DoS via specially-crafted request
      + debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
        terminated on any error, not only on buffer full in
        server/protocol.c.
      + CVE-2018-1301
    - SECURITY UPDATE: mod_cache_socache DoS
      + debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
        to carriage return in modules/cache/mod_cache_socache.c.
      + CVE-2018-1303
    - SECURITY UPDATE: insecure nonce generation
      + debian/patches/CVE-2018-1312.patch: actually use the secret when
        generating nonces in modules/aaa/mod_auth_digest.c.
      + CVE-2018-1312
    - Correct systemd-sysv-generator behavior by customizing some
      parameters:
      + d/apache2-systemd.conf: add a drop-in file to specify some
        parameters for the systemd unit (type=Forking and
        RemainsAfterExit=no), this allow a correct state synchronisation
        between systemctl status and actual state of apache2 daemon.
      + d/apache2.install: place the apache2-systemd.conf file in the
        correct location.
      [type=Forking already in the base systemd service file, and
       RemainsAfterExit=no is the default value, so no need to
       customize these anymore.]
    - Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP #1752683)
      + added debian/patches/util_ldap_cache_lock_fix.patch
      [Already applied upstream]

aed4519... by Andreas Hasenack on 2018-05-15

Pull upstream fixes for autotools for cross-compiling

Gbp-Pq: 086_svn_cross_compiles.

3fa46e1... by Andreas Hasenack on 2018-05-15

mod_http2_mem_usage_32bit.diff

No DEP3 Subject or Description header found

Gbp-Pq: mod_http2_mem_usage_32bit.diff.

bf5ff82... by Andreas Hasenack on 2018-05-15

Make builds reproducible

Gbp-Pq: reproducible_builds.diff.

faec73e... by Andreas Hasenack on 2018-05-15

add suexec-custom to the build system

Gbp-Pq: build_suexec-custom.patch.

f62aec9... by Andreas Hasenack on 2018-05-15

Adapt apxs to Debian specific changes

Gbp-Pq: customize_apxs.patch.

c0f44cd... by Andreas Hasenack on 2018-05-15

Fix race condition with chdir

Gbp-Pq: suexec-CVE-2007-1742.patch.

43f1f4e... by Andreas Hasenack on 2018-05-15

Remove LD_LIBRARY_PATH from envvars-std

Gbp-Pq: no_LD_LIBRARY_PATH.patch.

597bc64... by Andreas Hasenack on 2018-05-15

Fix up FHS file locations for apache2 droppings.

Gbp-Pq: fhs_compliance.patch.

fe2a2bb... by Andreas Hasenack on 2018-05-15

Import patches-unapplied version 2.4.33-3ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: f9135dfca55cef91c3af3074fc3ba3826d3f95d8

New changelog entries:
  * Merge with Debian unstable (LP: #1770242). Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/patches/086_svn_cross_compiles: Backport several cross
      fixes from upstream
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace
      Debian with Ubuntu on default page.
      + d/source/include-binaries: add Ubuntu icon file
    - d/t/control, d/t/check-http2: add basic test for http2 support
  * Drop:
    - SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
      + debian/patches/CVE-2017-15710.patch: fix language long names
        detection as short name in modules/aaa/mod_authnz_ldap.c.
      + CVE-2017-15710
    - SECURITY UPDATE: incorrect <FilesMatch> matching
      + debian/patches/CVE-2017-15715.patch: allow to configure
        global/default options for regexes, like caseless matching or
        extended format in include/ap_regex.h, server/core.c,
        server/util_pcre.c.
      + CVE-2017-15715
    - SECURITY UPDATE: mod_session header manipulation
      + debian/patches/CVE-2018-1283.patch: strip Session header when
        SessionEnv is on in modules/session/mod_session.c.
      + CVE-2018-1283
    - SECURITY UPDATE: DoS via specially-crafted request
      + debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
        terminated on any error, not only on buffer full in
        server/protocol.c.
      + CVE-2018-1301
    - SECURITY UPDATE: mod_cache_socache DoS
      + debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
        to carriage return in modules/cache/mod_cache_socache.c.
      + CVE-2018-1303
    - SECURITY UPDATE: insecure nonce generation
      + debian/patches/CVE-2018-1312.patch: actually use the secret when
        generating nonces in modules/aaa/mod_auth_digest.c.
      + CVE-2018-1312
    - Correct systemd-sysv-generator behavior by customizing some
      parameters:
      + d/apache2-systemd.conf: add a drop-in file to specify some
        parameters for the systemd unit (type=Forking and
        RemainsAfterExit=no), this allow a correct state synchronisation
        between systemctl status and actual state of apache2 daemon.
      + d/apache2.install: place the apache2-systemd.conf file in the
        correct location.
      [type=Forking already in the base systemd service file, and
       RemainsAfterExit=no is the default value, so no need to
       customize these anymore.]
    - Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP #1752683)
      + added debian/patches/util_ldap_cache_lock_fix.patch
      [Already applied upstream]