enterprise-support team mailing list archive
-
enterprise-support team
-
Mailing list archive
-
Message #10391
[Bug 2064376] [NEW] Merge apache2 from Debian unstable for oracular
Public bug reported:
Upstream: 2.4.59
Debian: 2.4.59-2
Ubuntu: 2.4.58-1ubuntu8
Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.
If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.
If this merge pulls in a new upstream version, also consider adding an
entry to the Oracular Release Notes:
https://discourse.ubuntu.com/c/release/38
### New Debian Changes ###
apache2 (2.4.59-2) unstable; urgency=medium
* Breaks against fossil due to CVE-2024-24795 follows up
-- Bastien Roucariès <rouca@xxxxxxxxxx> Mon, 29 Apr 2024 21:55:28
+0000
apache2 (2.4.59-1) unstable; urgency=medium
[ Stefan Fritsch ]
* Remove old transitional packages libapache2-mod-md and
libapache2-mod-proxy-uwsgi. Closes: #1032628
[ Yadd ]
* mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564)
* Refresh patches
* New upstream version 2.4.59
(Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709)
* Refresh patches
* Update patches
* Update test framework
-- Yadd <yadd@xxxxxxxxxx> Fri, 05 Apr 2024 08:08:11 +0400
apache2 (2.4.58-1) unstable; urgency=medium
[ Bas Couwenberg ]
* Provide dh-sequence-apache2 (Closes: #1050870)
[ Yadd ]
* Drop dependency to obsolete lsb-base
* New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622,
CVE-2023-45802)
* Refresh patches
-- Yadd <yadd@xxxxxxxxxx> Thu, 19 Oct 2023 14:56:29 +0400
apache2 (2.4.57-3) unstable; urgency=medium
* Update a2enmod to drop given/when (Closes: #1050458)
* Restore changes not included in Bookworm (set -e in apache2ctl)
-- Yadd <yadd@xxxxxxxxxx> Tue, 29 Aug 2023 11:39:32 +0400
apache2 (2.4.57-2) unstable; urgency=medium
* Revert debian/* changes (Bookworm freeze)
-- Yadd <yadd@xxxxxxxxxx> Thu, 13 Apr 2023 07:26:51 +0400
apache2 (2.4.57-1) unstable; urgency=medium
* New upstream version 2.4.57
* Drop 2.4.56-regression patches
-- Yadd <yadd@xxxxxxxxxx> Sat, 08 Apr 2023 06:57:16 +0400
apache2 (2.4.56-2) unstable; urgency=medium
* Fix regression in mod_rewrite introduced in version 2.4.56
(Closes: #1033284)
* Fix regression in http2 introduced by 2.4.56 (Closes: #1033408)
-- Yadd <yadd@xxxxxxxxxx> Sun, 02 Apr 2023 06:54:25 +0400
apache2 (2.4.56-1) unstable; urgency=medium
* New upstream version (Closes: #1032476, CVE-2023-27522,
CVE-2023-25690)
-- Yadd <yadd@xxxxxxxxxx> Wed, 08 Mar 2023 06:44:05 +0400
apache2 (2.4.55-1) unstable; urgency=medium
[ Hendrik Jäger ]
* disable ssl session tickets
* redundant example as already enabled in the default config
* logrotate indentation
* Update example how to prevent access to VCS directories
[ lintian-brush ]
* Update lintian override info to new format:
+ debian/source/lintian-overrides: line 2, 4-5, 8
+ debian/apache2-data.lintian-overrides: line 2-5
+ debian/apache2-bin.lintian-overrides: line 3
+ debian/apache2-doc.lintian-overrides: line 2
+ debian/apache2.lintian-overrides: line 6
* Set upstream metadata fields: Repository-Browse.
* Update standards version to 4.6.2, no changes needed.
[ Yadd ]
* New upstream version (Closes: CVE-2006-20001, CVE-2022-36760,
CVE-2022-37436)
-- Yadd <yadd@xxxxxxxxxx> Wed, 18 Jan 2023 07:41:55 +0400
apache2 (2.4.54-5) unstable; urgency=medium
[ Hendrik Jäger ]
* fix: one oom-killed thread should not take down the whole service
* fix: remove modelines
* fix: update clickjacking protection example
### Old Ubuntu Delta ###
apache2 (2.4.58-1ubuntu8) noble; urgency=medium
* No-change rebuild against libapr1t64
-- Steve Langasek <steve.langasek@xxxxxxxxxx> Sun, 07 Apr 2024
07:02:29 +0000
apache2 (2.4.58-1ubuntu7) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@xxxxxxxxxx> Sun, 31 Mar 2024
08:37:28 +0000
apache2 (2.4.58-1ubuntu6) noble; urgency=medium
* d/debhelper/apache2-maintscript-helper: Allow execution when called from a
postinst script through a trigger (i.e., postinst triggered).
Thanks to Roel van Meer. (LP: #2038912) (Closes: #1060450)
-- Athos Ribeiro <athos.ribeiro@xxxxxxxxxxxxx> Mon, 18 Mar 2024
09:35:36 -0300
apache2 (2.4.58-1ubuntu5) noble; urgency=medium
* No-change rebuild against libcurl4t64
-- Steve Langasek <steve.langasek@xxxxxxxxxx> Sat, 16 Mar 2024
06:05:04 +0000
apache2 (2.4.58-1ubuntu4) noble; urgency=medium
* No-change rebuild against libaprutil1t64
-- Zixing Liu <zixing.liu@xxxxxxxxxxxxx> Sat, 09 Mar 2024 23:05:43
-0700
apache2 (2.4.58-1ubuntu3) noble; urgency=medium
* No-change rebuild against libssl3t64
-- Steve Langasek <steve.langasek@xxxxxxxxxx> Mon, 04 Mar 2024
17:21:46 +0000
apache2 (2.4.58-1ubuntu2) noble; urgency=medium
* d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add
dolphin and Konqueror/5 careful redirection so that directories can be
deleted via webdav.
(LP: #1927742)
-- Bryce Harrington <bryce@xxxxxxxxxxxxx> Wed, 24 Jan 2024 14:00:03
-0800
apache2 (2.4.58-1ubuntu1) noble; urgency=medium
* Merge with Debian unstable (LP: #2040357). Remaining changes:
- d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm,
d/source/include-binaries, d/t/check-ubuntu-branding: Replace
Debian with Ubuntu on default homepage.
(LP #1966004, LP #1947459)
- d/apache2.py, d/apache2-bin.install: Add apport hook
(LP #609177)
- d/control, d/apache2.install, d/apache2-utils.ufw.profile,
d/apache2.dirs: Add ufw profiles
(LP #261198)
- d/control: Upgrade lua build dependency to 5.4
-- Bryce Harrington <bryce@xxxxxxxxxxxxx> Thu, 14 Dec 2023 23:52:39
-0800
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: Invalid
** Tags: needs-merge upgrade-software-version
** Changed in: apache2 (Ubuntu)
Milestone: None => ubuntu-24.07
** Changed in: apache2 (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2064376
Title:
Merge apache2 from Debian unstable for oracular
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/2064376/+subscriptions