[Bug 126641] Re: sync apache2 (2.2.4-2) debian sid main

Tue, 24 Jul 2007 18:10:16 -0700 

Michael Bienia requested a complete sync request for this package in bug
127537.  I have marked it as a duplicate and included his notes in this
comment.

Binary package hint: apache2

Please sync request apache2 (2.2.4-2) from Debian unstable (main).

The current package has no Ubuntu changes.

Thanks.

Changelog:

apache2 (2.2.4-2) unstable; urgency=low

  * Modularize config: Move module specific configuration from apache2.conf
    to mods-available/*conf (Closes: #338472)
  * Remove the NO_START kludge. Now you have to use rc*.d symlinks to disable
    apache2. (Closes: #408462, #275561)
  * Create run and lock directores in apache2ctl to make it work on fresh
    installations before the first call of the init script. Together with
    the previous item, this closes: #418499
  * Disable AddDefaultCharset again (Closes: #397886)
  * Make ports.conf, conf.d/charset, and /etc/default/apache2 conffiles
    managed by dpkg
  * Listen on port 443 by default if mod_ssl is loaded (Closes: #404598)
  * Add logic to start htcacheclean as daemon or cronjob. The configuration
    is in /etc/default/apache2
  * Fix security issues:
    - CVE-2007-3304: prevent parent process to send SIGUSR1 to arbitrary
      processes
    - CVE-2006-5752: XSS in mod_status
  * Add init.d dependency info from insserv overrides to /etc/init.d/apache2
  * Replace apachectl with apache2ctl in docs (Closes: #164493)
  * Add usage message to apache2ctl (Closes: #359008)
  * Make -dev packages priority extra
  * Add secure example cipher/protocol configuration to ssl.conf
  * Update watch file (Closes: #433552)
  * Bump dh_compat to 5
  * Add new package apache2-dbg with debugging symbols
  * Fix mod_cache returning 304 instead of 200 on HEAD requests

 -- Stefan Fritsch <[EMAIL PROTECTED]> Tue, 03 Jul 2007 21:23:40 +0200

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2006-5752

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-3304

-- 
sync apache2 (2.2.4-2) debian sid main
https://bugs.launchpad.net/bugs/126641
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to