Last commit made on 2013-08-09
Get this branch:
git clone -b ubuntu/saucy https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

c376868... by Robie Basak on 2013-08-09

Import patches-unapplied version 2.4.6-2ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 643eb13c084f9a21f161f83ce0b9f44d0fbd1bc5

New changelog entries:
  * d/ask-for-passphrase: mark executable so that apache2 can run it. Fixes
    passphrase prompting for SSL certificates that are passphrase protected.
  * Add dep8 test for SSL passphrase prompting.

643eb13... by Marc Deslauriers on 2013-07-26

Import patches-unapplied version 2.4.6-2ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 93f4781a7b4db26030c42fe8a195315afbbacfde

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/{control, rules}: Enable PIE hardening.
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/control, debian/config-dir/mods-available/ssl.conf,
      debian/ask-for-passphrase, debian/apache2.install: Plymouth aware
      passphrase dialog program ask-for-passphrase.
    - debian/rules: Fix cross-building by passing DEB_{HOST,BUILD}_GNU_TYPE
      to configure.
    - debian/patches/086_svn_cross_compiles: Backport several cross fixes
      from upstream
  * Dropped changes:
    - debian/patches/CVE-2013-1896.patch: upstream
  * Fixed module dependencies (LP: #1205314)
    - debian/config-dir/mods-available/lbmethod_*: properly specify
      proxy_balancer, not mod_proxy_balancer.

93f4781... by Arno Töll <email address hidden> on 2013-07-23

Import patches-unapplied version 2.4.6-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e4cf4dc06e5736da1b50aedd1699172eb206910b

New changelog entries:
  [ Stefan Fritsch ]
  * Fix watch file
  * Don't pass --silent to libtool, allowing blhc to check the compiler
    options in the build logs.
  [ Arno Töll ]
  * Allow third party packages to use triggers if they use them in a
    maintainer script invoking apache2-maintscript-helper (Closes: #717610)

e4cf4dc... by Arno Töll <email address hidden> on 2013-07-21

Import patches-unapplied version 2.4.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7ea20a9890c4495c90af09abb5c1796b0f881702

New changelog entries:
  New upstream release:
  * CVE-2013-1896: mod_dav: Fix a denial of service via MERGE request
    (Closes: #717272)
  * New modules mod_cache_socache, mod_proxy_wstunnel.
  * mod_ssl: Add support for subjectAltName-based host name checking in proxy
    mode (SSLProxyCheckPeerName).
  * mod_lua: Many new functions.
  * mod_auth_basic: Add a generic mechanism to fake basic authentication
    using the ap_expr parser (AuthBasicFake).
  * mod_proxy: New BalancerInherit and ProxyPassInherit options.
  * mod_authnz_ldap: Allow using exec: calls to obtain LDAP bind password.
  [ Arno Töll ]
  * Document our security model in our NEWS file and highlight we do not allow
    access to /srv. Thanks to joeyh for pointing this out.
  * Allow the use of apache2-maintscript-helper from a sub-function. We rely
    on dpkg's arguments supplied in $1, $2 etc. This clashes with function
    arguments supplied to to sh sub-function. Allow manual override in such
  * Mention that the dh_apache2 conditional must be present in postrm too
    (Closes: #716694)
  * Fix "dh_apache2 ignores alternative httpd on conf files" by correctly
    checking the supplied arguments, we were off by one (Closes: #717299).
  * Reinstall index.html also on upgrades as it is removed during upgrades.
  * Add mod_macro transitional package as it was promoted to core and does not
    exist as individual package anymore (Closes: #706962)
  [ Stefan Fritsch ]
  * Don't fail package upgrade or removal just because the configuration is in
    an inconsistent state (Closes: #716921, #717343, LP: #1202653).
  * Improve error output of init script.
  * Fix broken dependency information in several *.load files.
  * Add mod_authn_core as dependency of the mod_auth_* modules.
    (Closes: #717448)

7ea20a9... by Arno Töll <email address hidden> on 2013-06-07

Import patches-unapplied version 2.4.4-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b347b6af82615ca8372a863d9b50baeee57afb5f

New changelog entries:
  * Denote exact versions breaking gnome-user-share now that Gnome maintainers
    have a fixed version in the works. That makes Gnome installable again.
  * Update our gbp.conf for our big merge next -> master. The eagle has
    landed, 2.4 is here.
  * Push Standards version to 3.9.4 - no changes needed.
  * Fix spelling errors in man pages.
  * Update the git VCS pointer to its canonical location for anonymous
  * Boost the description for the LSB init script to appease Lintian.
  * Fix spurious warnings in the Apache2 bug report script (Closes: #711121,
  * Strip off file extensions from arguments to a2(en|dis)(site|conf|mod) so
    that "a2ensite 000-default.conf" works, as well as "a2ensite 000-default"
    (Closes: #711494)
  * Fix "apache2-dev: dh-apache2 does not strip .conf extension" for modules
    relying on the install heuristic, instead of writing an *.apache2 conf
    file (Closes: #711483)
  * Apply patch submitted by Robert Luberda and redirect all output of
    apache2-maintscript-helper to stderr (Closes: #711478)
  * Tell about essential operations in the init script (Closes: #711120)
  * Fix indentation mess in the init script, and add modelines
  * Make sure /etc/init.d/apache2 reload does not always return. Thanks to
    Thorsten Glaser for suggesting a patch (Closes: #711117)
  * Make apache2-maintscript-helper usable when sourced from weird
    environments (e.g. Perl maintainer scripts). Thanks to Robert Luberda
    for doing unexpected things, and providing patches for it, and to Axel
    Beckert for demangling shell specifics (Closes: #711479)
  * Fix "copyright file missing after upgrade (policy 12.5)" and add these for
    MPM transitional packages (Closes: #710914)
  * Fix "apache2.2-bin transitional package (binaries only) should not
    depend on apache2 package (which runs a system daemon)". This happened by
    accident added by debhelper since we are linking docs. We do to
    apache2-bin instead (Closes: #711127)
  * Refresh "upstream-fixes" patch
  * Fix "Disabling strtoul violates C89 and C99 and is unnecessary" by
    removing the symbol override in httpd.h(Closes: #711534)

b347b6a... by Stefan Fritsch on 2013-05-31

Import patches-unapplied version 2.4.4-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 54e32de31710cdb66d42eb9f4b95f72adce63ed2

New changelog entries:
  [ Arno Töll ]
  * Fix compile issue on kfreebsd.

54e32de... by Stefan Fritsch on 2013-05-30

Import patches-unapplied version 2.4.4-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8e23a18e81083e1813ed8351070d455c52276dcd

New changelog entries:
  [ Stefan Fritsch ]
  * Upload to unstable.
  * Fix FTBFS on hurd caused by mpm-itk linking fix.
  * Fix some lintian warnings:
    - fix pod error
    - add overrides for hardening-no-fortify-functions
    - don't use /lib/init/vars.sh in init script
  * Add note to README.Debian about CVE-2013-0966 if the document root is
    on HFS+ or on ZFS with filename normalization.
  * Add a note to README.Debian about how to change the max file limit.
    Make apache2ctl print a message pointing to README.Debian if setting
    the limit fails. (Closes: #706822)
  [ Arno Töll ]
  * Correct maintainer scripts by removing forgotten left-overs of our Squeeze
    -> Wheezy renaming

8e23a18... by Stefan Fritsch on 2013-05-28

Import patches-unapplied version 2.4.4-3 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: f3353f4a01a5fa3ac44a508f23bbbd39092c819e

New changelog entries:
  [ Arno Töll ]
  * libapache2-mod-proxy-html is included in Apache 2.4 and not packaged
    separately anymore. Thus, we are using the most recent version available
    now (Closes: #695482).
  * Fix "typo in mpm_event.load" by applying the patch provided by Bastian
    Triller. Thanks (Closes: #704639)
  * Replace some occurrences of "Squeeze" in our scripts. It's Wheezy time.
  * Changes in dh_apache2:
    + Add -e|--noenable option to dh_apache2 (Closes: #681544)
    + Disable scripts in prerm, not postrm (Closes: #681546)
    + However, still hook into postrm and purge state when required
    + Call the postinst code always, not only during configure
      (Closes: #681545)
    + Fix "dh_apache2 postinst code needs to reload more" and reload the
      web-server in postinst when upgrading (Closes: #702929)
  * Let a2enmod purge state when calling -p for already disabled
  * Fix "don't assume apache2 is running 24 hours a day when rotating
    logs": Only restart the webserver when it was previously running
    (Closes: #707892)
  * Properly return the conf/site configuration fragments enabled for Apache
    when queried from a2query (Closes: #683212)
  * Fix "/etc/init.d/apache2 start and restart need to wait until really
    started" (Closes: #645460)
  * Fix "apxs2 outputs "uninitialized value" warnings" by removing the double
    declaration of variables in apxs. This problem was harmless, but noisy
    (Closes: #707109)
  * Make the DEBIAN_VERSION parsing in debian/rules more robust. Thanks to
    Ondřej Surý for noticing and providing a patch.
  * Fix "copyright file missing after upgrade (policy 12.5)" by linking to the
    apache2 doc-dir when upgrading (Closes: #707795)
  [ Stefan Fritsch ]
  * Backport various fixes from upstream svn branch '2.4.x'.
  * Remove paragraph about MaxMemFree in README.Debian. The issue should be
    fixed in 2.4.
  * Enable mod_authn_core when upgrading from wheezy (Closes: #702866)
  * Bump libaprutil1-dev build dependency to get support for bcrypt password
  * Fix mod_mpm_itk.so not being linked to libcap.so (Closes: #702475)
  * Make apache2-dev not depend on apache2.

f3353f4... by Arno Töll <email address hidden> on 2013-03-09

Import patches-unapplied version 2.4.4-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 8bc1c65ae1e53615983c5a044b3a5eb0c38f0d56

New changelog entries:
  * The "let's shorten up this discussion" release, and strip changelogs which
    are not a direct ancestor of the 2.4 branch.
  * Restart the server on upgrades. We need to make sure the new binary is
    loading all symbols from the core again to make sure, upgrades don't break
    the server.

8bc1c65... by Arno Töll <email address hidden> on 2013-03-07

Import patches-unapplied version 2.4.4-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 896ed7979e3d5d82c80e7d11616ebe2f8654ab21

New changelog entries:
  * New upstream release
    - Fixes mod_log_forensic logging spurious '-' characters. Closes: #693292
    - Responds with HTTP/1.0 when talking http to https port. Closes: #701117
    - Fix various XSS flaws in modules (CVE-2012-3499, CVE-2012-4558)
  [ Stefan Fritsch ]
  * Add examples for X-Content-Type-Options and X-Frame-Options to
  * Make dh_apache2 only accept shell function names as conditional, to avoid
    problems with shell and sed special characters.
  * Add Replaces for the old mpm packages to apache2-bin. Closes: #671683
  * Add transitional package for libapache2-mod-proxy-html. Closes: #666816
    - Override dh_gencontrol so that the package's version sorts later than
      the existing version in Wheezy.
  * Don't ship changelogs in the apache2.2-bin transitional package.
  * CVE-2013-1048: Fix symlink vulnerability when creating /var/lock/apache2
  [ Arno Töll ]
  * Rewrite most parts of the init script to make it more readable and improve
    visual feedback when fancy output is in use.
  * Drop the dbmanage tool from apache2-utils. It is mostly unmaintained and
    outdated. Users of mod_authn_dbm should use htdbm instead.
  * Fix "Default /etc/apache2/mods-available/disk_cache.conf is incompatible
    with ext3" by changing the default to more moderate values. Note, some file
    systems have a hard limit of supported subdirectories (Closes: #682840).
    Ported from our 2.2 tree targeted for Wheezy.
  * Properly check return code of a2query in the apache2_invoke library
    function. This caused reverse dependencies to fail for newly installed
    modules previously.
  * Implement -q (quiet) option for a2query (Closes: #681541).
  * Properly honor -p/-N options as understood by debhelper (Closes: 681542).
    Thanks Russ Allbery for the hint.
  * Be more careful regarding link attacks when for the the cache disk
  * Compress the data.tar in binary packages using xz to save some space on
    installation medias (Debian only).
  * Fix "invoke-rc.d apache2 status fails" by merging patch of Jean-Michel
    Vourgère. Thanks! (Closes: #691365)
  * Fix "copyright file missing after upgrade (policy 12.5)" - add link
    manually when necessary in postinst (Closes: #691440)
  * Document APACHE_ARGUMENTS in envvars (ported from our 2.2 branch, reported as #693299)
  * Don't croak about lacking permissions in apache2ctl when the script is
    executed as a non-privileged user
  [ Bernhard R. Link ]
  * Rearrane patches: Move all the patches or parts of patches touching non-itk
    specific files (i.e. those from the upstream tarball) directly in the
    debian/patches/series series. While this seperates the itk patches into two
    heaps, it makes both more visible what changes happen to the general code (and
    thus are also done to the other servers generated)