Last commit made on 2014-03-24
Get this branch:
git clone -b ubuntu/saucy-updates https://git.launchpad.net/ubuntu/+source/apache2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

d557554... by Marc Deslauriers on 2014-03-19

Import patches-unapplied version 2.4.6-2ubuntu2.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 9dc4e123bf5f2b014b86b2a283e7bfcfd642013b

New changelog entries:
  * SECURITY UPDATE: denial of service via mod_dav incorrect end of string
    - debian/patches/CVE-2013-6438.patch: properly calculate correct length
      in modules/dav/main/util.c.
    - CVE-2013-6438
  * SECURITY UPDATE: denial of service via truncated cookie and
    - debian/patches/CVE-2014-0098.patch: properly parse tokens in
    - CVE-2014-0098

9dc4e12... by Robie Basak on 2013-11-28

Import patches-unapplied version 2.4.6-2ubuntu2.1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: c3768683089b7793ec308210d5a24b01fb112c81

New changelog entries:
  * d/p/ignore-quilt-dir, d/p/itk-rerun-configure.patch: adjust build system so
    that it does not use files find inside the .pc directory. This stops a
    double module load causing later havoc, including "ChrootDir" directive
    failure (LP: #1251939). Thanks to Stefan Fritsch.
  * d/tests/chroot: dep8 test for ChrootDir case.

c376868... by Robie Basak on 2013-08-09

Import patches-unapplied version 2.4.6-2ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 643eb13c084f9a21f161f83ce0b9f44d0fbd1bc5

New changelog entries:
  * d/ask-for-passphrase: mark executable so that apache2 can run it. Fixes
    passphrase prompting for SSL certificates that are passphrase protected.
  * Add dep8 test for SSL passphrase prompting.

643eb13... by Marc Deslauriers on 2013-07-26

Import patches-unapplied version 2.4.6-2ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 93f4781a7b4db26030c42fe8a195315afbbacfde

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/{control, rules}: Enable PIE hardening.
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
    - debian/control, debian/config-dir/mods-available/ssl.conf,
      debian/ask-for-passphrase, debian/apache2.install: Plymouth aware
      passphrase dialog program ask-for-passphrase.
    - debian/rules: Fix cross-building by passing DEB_{HOST,BUILD}_GNU_TYPE
      to configure.
    - debian/patches/086_svn_cross_compiles: Backport several cross fixes
      from upstream
  * Dropped changes:
    - debian/patches/CVE-2013-1896.patch: upstream
  * Fixed module dependencies (LP: #1205314)
    - debian/config-dir/mods-available/lbmethod_*: properly specify
      proxy_balancer, not mod_proxy_balancer.

93f4781... by Arno Töll <email address hidden> on 2013-07-23

Import patches-unapplied version 2.4.6-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e4cf4dc06e5736da1b50aedd1699172eb206910b

New changelog entries:
  [ Stefan Fritsch ]
  * Fix watch file
  * Don't pass --silent to libtool, allowing blhc to check the compiler
    options in the build logs.
  [ Arno Töll ]
  * Allow third party packages to use triggers if they use them in a
    maintainer script invoking apache2-maintscript-helper (Closes: #717610)

e4cf4dc... by Arno Töll <email address hidden> on 2013-07-21

Import patches-unapplied version 2.4.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7ea20a9890c4495c90af09abb5c1796b0f881702

New changelog entries:
  New upstream release:
  * CVE-2013-1896: mod_dav: Fix a denial of service via MERGE request
    (Closes: #717272)
  * New modules mod_cache_socache, mod_proxy_wstunnel.
  * mod_ssl: Add support for subjectAltName-based host name checking in proxy
    mode (SSLProxyCheckPeerName).
  * mod_lua: Many new functions.
  * mod_auth_basic: Add a generic mechanism to fake basic authentication
    using the ap_expr parser (AuthBasicFake).
  * mod_proxy: New BalancerInherit and ProxyPassInherit options.
  * mod_authnz_ldap: Allow using exec: calls to obtain LDAP bind password.
  [ Arno Töll ]
  * Document our security model in our NEWS file and highlight we do not allow
    access to /srv. Thanks to joeyh for pointing this out.
  * Allow the use of apache2-maintscript-helper from a sub-function. We rely
    on dpkg's arguments supplied in $1, $2 etc. This clashes with function
    arguments supplied to to sh sub-function. Allow manual override in such
  * Mention that the dh_apache2 conditional must be present in postrm too
    (Closes: #716694)
  * Fix "dh_apache2 ignores alternative httpd on conf files" by correctly
    checking the supplied arguments, we were off by one (Closes: #717299).
  * Reinstall index.html also on upgrades as it is removed during upgrades.
  * Add mod_macro transitional package as it was promoted to core and does not
    exist as individual package anymore (Closes: #706962)
  [ Stefan Fritsch ]
  * Don't fail package upgrade or removal just because the configuration is in
    an inconsistent state (Closes: #716921, #717343, LP: #1202653).
  * Improve error output of init script.
  * Fix broken dependency information in several *.load files.
  * Add mod_authn_core as dependency of the mod_auth_* modules.
    (Closes: #717448)

7ea20a9... by Arno Töll <email address hidden> on 2013-06-07

Import patches-unapplied version 2.4.4-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b347b6af82615ca8372a863d9b50baeee57afb5f

New changelog entries:
  * Denote exact versions breaking gnome-user-share now that Gnome maintainers
    have a fixed version in the works. That makes Gnome installable again.
  * Update our gbp.conf for our big merge next -> master. The eagle has
    landed, 2.4 is here.
  * Push Standards version to 3.9.4 - no changes needed.
  * Fix spelling errors in man pages.
  * Update the git VCS pointer to its canonical location for anonymous
  * Boost the description for the LSB init script to appease Lintian.
  * Fix spurious warnings in the Apache2 bug report script (Closes: #711121,
  * Strip off file extensions from arguments to a2(en|dis)(site|conf|mod) so
    that "a2ensite 000-default.conf" works, as well as "a2ensite 000-default"
    (Closes: #711494)
  * Fix "apache2-dev: dh-apache2 does not strip .conf extension" for modules
    relying on the install heuristic, instead of writing an *.apache2 conf
    file (Closes: #711483)
  * Apply patch submitted by Robert Luberda and redirect all output of
    apache2-maintscript-helper to stderr (Closes: #711478)
  * Tell about essential operations in the init script (Closes: #711120)
  * Fix indentation mess in the init script, and add modelines
  * Make sure /etc/init.d/apache2 reload does not always return. Thanks to
    Thorsten Glaser for suggesting a patch (Closes: #711117)
  * Make apache2-maintscript-helper usable when sourced from weird
    environments (e.g. Perl maintainer scripts). Thanks to Robert Luberda
    for doing unexpected things, and providing patches for it, and to Axel
    Beckert for demangling shell specifics (Closes: #711479)
  * Fix "copyright file missing after upgrade (policy 12.5)" and add these for
    MPM transitional packages (Closes: #710914)
  * Fix "apache2.2-bin transitional package (binaries only) should not
    depend on apache2 package (which runs a system daemon)". This happened by
    accident added by debhelper since we are linking docs. We do to
    apache2-bin instead (Closes: #711127)
  * Refresh "upstream-fixes" patch
  * Fix "Disabling strtoul violates C89 and C99 and is unnecessary" by
    removing the symbol override in httpd.h(Closes: #711534)

b347b6a... by Stefan Fritsch on 2013-05-31

Import patches-unapplied version 2.4.4-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 54e32de31710cdb66d42eb9f4b95f72adce63ed2

New changelog entries:
  [ Arno Töll ]
  * Fix compile issue on kfreebsd.

54e32de... by Stefan Fritsch on 2013-05-30

Import patches-unapplied version 2.4.4-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8e23a18e81083e1813ed8351070d455c52276dcd

New changelog entries:
  [ Stefan Fritsch ]
  * Upload to unstable.
  * Fix FTBFS on hurd caused by mpm-itk linking fix.
  * Fix some lintian warnings:
    - fix pod error
    - add overrides for hardening-no-fortify-functions
    - don't use /lib/init/vars.sh in init script
  * Add note to README.Debian about CVE-2013-0966 if the document root is
    on HFS+ or on ZFS with filename normalization.
  * Add a note to README.Debian about how to change the max file limit.
    Make apache2ctl print a message pointing to README.Debian if setting
    the limit fails. (Closes: #706822)
  [ Arno Töll ]
  * Correct maintainer scripts by removing forgotten left-overs of our Squeeze
    -> Wheezy renaming

8e23a18... by Stefan Fritsch on 2013-05-28

Import patches-unapplied version 2.4.4-3 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: f3353f4a01a5fa3ac44a508f23bbbd39092c819e

New changelog entries:
  [ Arno Töll ]
  * libapache2-mod-proxy-html is included in Apache 2.4 and not packaged
    separately anymore. Thus, we are using the most recent version available
    now (Closes: #695482).
  * Fix "typo in mpm_event.load" by applying the patch provided by Bastian
    Triller. Thanks (Closes: #704639)
  * Replace some occurrences of "Squeeze" in our scripts. It's Wheezy time.
  * Changes in dh_apache2:
    + Add -e|--noenable option to dh_apache2 (Closes: #681544)
    + Disable scripts in prerm, not postrm (Closes: #681546)
    + However, still hook into postrm and purge state when required
    + Call the postinst code always, not only during configure
      (Closes: #681545)
    + Fix "dh_apache2 postinst code needs to reload more" and reload the
      web-server in postinst when upgrading (Closes: #702929)
  * Let a2enmod purge state when calling -p for already disabled
  * Fix "don't assume apache2 is running 24 hours a day when rotating
    logs": Only restart the webserver when it was previously running
    (Closes: #707892)
  * Properly return the conf/site configuration fragments enabled for Apache
    when queried from a2query (Closes: #683212)
  * Fix "/etc/init.d/apache2 start and restart need to wait until really
    started" (Closes: #645460)
  * Fix "apxs2 outputs "uninitialized value" warnings" by removing the double
    declaration of variables in apxs. This problem was harmless, but noisy
    (Closes: #707109)
  * Make the DEBIAN_VERSION parsing in debian/rules more robust. Thanks to
    Ondřej Surý for noticing and providing a patch.
  * Fix "copyright file missing after upgrade (policy 12.5)" by linking to the
    apache2 doc-dir when upgrading (Closes: #707795)
  [ Stefan Fritsch ]
  * Backport various fixes from upstream svn branch '2.4.x'.
  * Remove paragraph about MaxMemFree in README.Debian. The issue should be
    fixed in 2.4.
  * Enable mod_authn_core when upgrading from wheezy (Closes: #702866)
  * Bump libaprutil1-dev build dependency to get support for bcrypt password
  * Fix mod_mpm_itk.so not being linked to libcap.so (Closes: #702475)
  * Make apache2-dev not depend on apache2.