Last commit made on 2012-07-16
Get this branch:
git clone -b ubuntu/quantal https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

11984c7... by Matthieu Baerts on 2012-07-16

Import patches-unapplied version 2.2.22-6ubuntu2 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 8dbf29704dcbbd8934b8055b59948bc6a6b9b461

New changelog entries:
  * debian/apache2.py
   - Update apport hook for python3 ; thanks to Edward Donovan (LP: #1013171)
   - Check if this directory exists: /etc/apache2/sites-enabled/

8dbf297... by Robie Basak on 2012-06-08

Import patches-unapplied version 2.2.22-6ubuntu1 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 1edd1e44190a4efd3587eb653740e3d1b30efa95

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/{control, rules}: Enable PIE hardening.
    - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
    - debian/apache2.py, debian/apache2.2-common.install: Add apport hook.
    - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
      Plymouth aware passphrase dialog program ask-for-passphrase.
  * Dropped changes:
    - debian/control: Add bzr tag and point it to our tree; this is not
      really required and just increases the delta.

1edd1e4... by Stefan Fritsch on 2012-05-29

Import patches-unapplied version 2.2.22-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 85df2487082b6cd9a9df3a920a5deb65610a217c

New changelog entries:
  [ Stefan Fritsch ]
  * Fix regression causing apache2 to cache "206 partial content" responses,
    and then serving these partial responses when replying to normal requests.
    Closes: #671204
  * Add section to security.conf that shows how to forbid access to VCS
    directories. Closes: #548213
  * Update ssl default cipher config, add alternative speed optimized config.
    Closes: #649020
  * Add "AddCharset" for .brf files in default mod_mime config.
    Closes: #402567
  * Don't create httpd.conf anymore and don't include it in apache2.conf. If
    it contains local modifications, move it to /etc/apache2/conf.d/httpd.conf
  * Port some of the comments in apache2.conf from the 2.4 package.
  * Compile mod_version statically, drop associated module load file.
  * If apache2 is not running, make "/etc/init.d/apache2 reload" skip the
  * Note in README.Debian that future versions of the package will have the
    include statements changed to include only *.conf.
  * Change compiled-in document root to /var/www, to avoid strange error
  * Use "dh --with autotools_dev" instead of patching config.sub/config.guess.
  [ Arno Töll ]
  * Fix apxs to import LDFLAGS from config_vars.mk. Moreover, make it possible
    to override LDFLAGS at compile time by defining LDLAGS in the environment,
    just like it is possible for CFLAGS. This also means, config_vars.mk now
    exports hardening build flags by default.
  * Update doc-base metadata for the apache2-doc package.

85df248... by Stefan Fritsch on 2012-04-30

Import patches-unapplied version 2.2.22-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7147558dbac2faadd910729d3e4e224cc4ef975f

New changelog entries:
  * Make LoadFile and LoadModule look in the standard search paths if the
    dso file name is given as a pure filename. This helps with the multi-arch

7147558... by Stefan Fritsch on 2012-04-15

Import patches-unapplied version 2.2.22-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b8147564f421fb39c2527ad1ff1e16e2a7ca02dd

New changelog entries:
  * CVE-2012-0216: Remove "Alias /doc /usr/share/doc" from the default virtual
    hosts' config files.
    If scripting modules like mod_php or mod_rivet are enabled on systems
    where either 1) some frontend server forwards connections to an apache2
    backend server on the localhost address, or 2) the machine running
    apache2 is also used for web browsing, this could allow a remote
    attacker to execute example scripts stored under /usr/share/doc.
    Depending on the installed packages, this could lead to issues like cross
    site scripting, code execution, or leakage of sensitive data.

b814756... by Arno Töll <email address hidden> on 2012-04-05

Import patches-unapplied version 2.2.22-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d1c6efcab0af78d4eaf130d8f3433fe034adcd71

New changelog entries:
  * Fix "FTBFS: mkdir: cannot create directory `debian/build-tree/arch':
    No such file or directory". Do not use internal rules targets which clash
    with build target names ... (Closes: #667069)
  * Drop apache2-dev virtual package. This had virtually no users but breaks our
    experimental package in some cases (e.g. #666793)
  * Push Standards version - no further changes
  * Update my maintainer address

d1c6efc... by Stefan Fritsch on 2012-03-14

Import patches-unapplied version 2.2.22-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 065234ee30b7351aa0a72730a5e57cb0a700c412

New changelog entries:
  [ Arno Töll ]
  * Fix "Incorrect debhelper build dependency" by raising the build-dependency
    of debhelper to 8.9.7 (Closes: #659148)

065234e... by Stefan Fritsch on 2012-02-01

Import patches-unapplied version 2.2.22-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a0b90fd80561d4579a8a70fdb6896eb70cc4fedc

New changelog entries:
  [ Stefan Fritsch ]
  * New upstream release, urgency medium due to security fixes:
    - Fix CVE-2012-0021: mod_log_config: DoS with '%{cookiename}C' log format
    - Fix CVE-2012-0031: Unprivileged child process could cause the parent to
      crash at shutdown
    - Fix CVE-2012-0053: Exposure of "httpOnly" cookies in code 400 error
  * Move httxt2dbm to apache2-utils
  * Adjust debian/control to point to new git repository.
  [ Arno Töll ]
  * Fix "typo in /etc/apache2/apache2.conf" (Closes: #653801)

a0b90fd... by Stefan Fritsch on 2011-12-29

Import patches-unapplied version 2.2.21-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7c45b99783471cacc4c2914b7833c1248ae8acb4

New changelog entries:
  [ Arno Töll ]
  * Fix build failures introduced as regregression by the previous build. Debian
    buildds aren't rebuilding arch:all packages which caused problems for our
    unconditional copying into binary package. I was warned.

7c45b99... by Stefan Fritsch on 2011-12-29

Import patches-unapplied version 2.2.21-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1e352f04e8c7e3b00b710137b2f982cc22256cb4

New changelog entries:
  [ Stefan Fritsch ]
  * Security: Fix broken patch for CVE-2011-3607 (Integer overflow in
  * Optimize debian/rules again to improve build time by doing most work in a
    single parallelized "build-%" target.
  [ Arno Töll ]
  * Fix "Suggest removing DefaultType from apache2.conf" change the DefaultType
    from text/plain to None. This lets the browser guess a proper MIME type
    instead of being forced to treat a given file according to our default type
    (Closes: #440058)
  * Fix "add pre-rotate hook to logrotate script" execute scripts in
    /etc/logrotate.d/httpd-prerotate if available (Closes: #590096).
  * Fix "Hide /icons index" Disables indexes on the icon directory. By upgrading
    to Debian's 3.0/quilt source format also images don't need to be generated
    at build time anymore. Hence, the icon date can no longer lead to
    information disclosure (Closes: #649888).
  * Upgrade package to 3.0/quilt.
    + Remove uuencoded images, keep them in their binary format in debian/icons
    + Upgrade to quilt from dpatch and refresh all patches by keeping all hunks
      unchanged. Remove the `001_branding' patch by supplying -DPLATFORM at
      build time where needed Move the 200_cp_suexec.dpatch patch and
      202_suexec-custom.dpatch patch to debian/rules. 200_cp_suexec.dpatch was a
      script, not a patch which is not supported by quilt.
  * Rewrite debian/rules and base it on dh(1).
    + use overrides where possible, replace some debhelper calls by our own
      implementation where needed. That's required since the Apache package is
      compiled in parts several times for each MPM once.
    + move some install operations to the their respective .install files
    + Support dpkg-buildflags now, which also enables by default hardening
      flags. Thus, remove them from their explicit appearance in debian/rules
    + Remove DEB_BUILD_OPTIONS legacy support. It comes for free when using
  * Push debhelper compatibility to 8
  * Remove unused Lintian overrides for the Debian source package remove and
    redundant priorities in debian/control.
  * Add myself to Uploaders