Public bug reported: We already did the Apache2 merge once for kinetic, as version 2.4.53-2ubuntu1. However there is a new merge available from Debian with a new upstream and some security fixes:
apache2 (2.4.54-2) unstable; urgency=medium * Move cgid socket into a writeable directory (Closes: #1014056) * Update lintian overrides * Declare compliance with policy 4.6.1 * Install NOTICE in each package -- Yadd <y...@debian.org> Tue, 05 Jul 2022 15:49:58 +0200 apache2 (2.4.54-1) unstable; urgency=medium [ Simon Deziel ] * Escape literal "." for BrowserMatch directives in setenvif.conf * Use non-capturing regex with FilesMatch directive in default-ssl.conf [ Ondřej Surý ] * New upstream version 2.4.54 (Closes: #1012513, CVE-2022-31813, CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-28330) [ Yadd ] * Fix htcacheclean doc (Closes: #1010455) * New upstream version 2.4.54 -- Yadd <y...@debian.org> Thu, 09 Jun 2022 06:33:53 +0200 No Ubuntu delta gets dropped this time; everything that remains is ubuntu-specific. Security wants this merge included in kinetic since it carries a number of CVEs. So this saves them some patching work that would otherwise be necessary. ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New ** Tags: needs-merge -- You received this bug notification because you are a member of Ubuntu Server/Client Support Team, which is subscribed to apache2 in Ubuntu. Matching subscriptions: Ubuntu Server/Client Support Team https://bugs.launchpad.net/bugs/1982048 Title: Re-merge apache2 for kinetic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1982048/+subscriptions -- Mailing list: https://launchpad.net/~enterprise-support Post to : enterprise-support@lists.launchpad.net Unsubscribe : https://launchpad.net/~enterprise-support More help : https://help.launchpad.net/ListHelp