Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: apac...@packages.debian.org
Control: affects -1 + src:apache2
[ Reason ]
apache2 silently reenable apache2-doc.conf despite having been disabled
(#1018718)
[ Impact ]
This behavior overwrites local changes on upgrade, which is a
release-critical bug as it’s a Policy violation
[ Tests ]
No change
[ Risks ]
No risk here
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
Drop apache2-doc.postinst
[ Other ]
Fixed in testing/Bookworm in version 2.4.54-3.
Cheers,
Yadd
diff --git a/debian/NEWS b/debian/NEWS
new file mode 100644
index ..c048ae45
--- /dev/null
+++ b/debian/NEWS
@@ -0,0 +1,9 @@
+apache2 (2.4.56-1~deb11u2) bullseye; urgency=medium
+
+ This version does not automatically enable the apache2 config snippet for
+ /manual anymore. If you want to have it enabled you will need to do this
+ yourself, e.g. with
+
+/usr/sbin/a2enconf apache2-doc
+
+ -- Yadd Sat, 01 Apr 2023 08:17:08 +0400
diff --git a/debian/apache2-doc.postinst b/debian/apache2-doc.postinst
deleted file mode 100644
index e7e1e5a7..
--- a/debian/apache2-doc.postinst
+++ /dev/null
@@ -1,17 +0,0 @@
-#! /bin/sh
-
-set -e
-
-# conffiles must be moved before invoking rc.d
-#DEBHELPER#
-
-# This code should use dh_apache2 once it is available as build dependency
-
-if [ "$1" = "configure" ] ; then
- if [ -e /usr/share/apache2/apache2-maintscript-helper ] ; then
- . /usr/share/apache2/apache2-maintscript-helper
- apache2_invoke enconf apache2-doc || true
- fi
-fi
-
-exit
diff --git a/debian/changelog b/debian/changelog
index 41c3a7cc..1c0d3659 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+apache2 (2.4.56-1~deb11u2) bullseye; urgency=medium
+
+ [ Hendrik Jäger ]
+ * Don't automatically enable apache2-doc.conf (Closes: #1018718)
+
+ -- Yadd Sat, 01 Apr 2023 08:24:10 +0400
+
apache2 (2.4.56-1~deb11u1) bullseye-security; urgency=medium
* New upstream version (Closes: #1032476, CVE-2023-27522, CVE-2023-25690)