enterprise-support team mailing list archive
-
enterprise-support team
-
Mailing list archive
-
Message #11021
[Bug 2125988] [NEW] Merge apache2 from Debian Unstable for r-series
Public bug reported:
Scheduled-For: ubuntu-25.11
Ubuntu: 2.4.64-1ubuntu3
Debian Unstable: 2.4.65-3
A new release of apache2 is available for merging from Debian Unstable.
If it turns out this needs a sync rather than a merge, please change the
tagging from ['needs-merge', 'upgrade-software-version'] to ['needs-
sync', 'upgrade-software-version'], and (optionally) update the title as
desired.
If this merge pulls in a new upstream version, also consider adding an
entry to the r-series Release Notes:
https://discourse.ubuntu.com/c/project/release/38
### New Debian Changes ###
apache2 (2.4.65-3) unstable; urgency=medium
* Change default LANG in envvars from C to C.UTF-8
(Closes: #787584)
* systemd service apache2 is aliased to httpd
(Closes: #915855)
* document a2* environment files in man page
(Closes: #880421)
* Failing test in its test suite
(Closes: #1107289, LP: #2112429)
* Restart on-abnormal instead of on-abort
(Closes: #1106280)
* Allow triggers to use maintscript helper to restart apache
(LP: #2038912)
-- Bastien Roucariès <rouca@xxxxxxxxxx> Mon, 11 Aug 2025 19:07:56
+0200
apache2 (2.4.65-2) unstable; urgency=high
* Fix SSLProtocol has a duplicate "all"
(Closes: #1109839)
* Warn about misconfigured load balancer following fix of
CVE-2025-23048.
-- Bastien Roucariès <rouca@xxxxxxxxxx> Tue, 29 Jul 2025 19:52:31
+0200
apache2 (2.4.65-1) unstable; urgency=medium
* New upstream version 2.4.65 (Closes: CVE-2025-54090)
* Unfuzz patch
-- Yadd <yadd@xxxxxxxxxx> Wed, 23 Jul 2025 16:05:45 +0200
apache2 (2.4.64-2) UNRELEASED; urgency=medium
* Per RFC 8996 disable by default TLS 1.0 and TLS 1.1
(Closes: #943415)
-- Bastien Roucariès <rouca@xxxxxxxxxx> Thu, 17 Jul 2025 18:03:42
+0200
### Old Ubuntu Delta ###
apache2 (2.4.64-1ubuntu3) questing; urgency=medium
* Rebuild to include updated RISC-V base ISA RVA23
-- Heinrich Schuchardt <heinrich.schuchardt@xxxxxxxxxxxxx> Wed, 03 Sep
2025 14:58:51 +0000
apache2 (2.4.64-1ubuntu2) questing; urgency=medium
* SECURITY UPDATE: incorrect RewriteCond expr handling
- debian/patches/CVE-2025-54090.patch: fix return code in
modules/mappers/mod_rewrite.c.
- CVE-2025-54090
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Wed, 23 Jul 2025
14:22:41 -0400
apache2 (2.4.64-1ubuntu1) questing; urgency=medium
* Merge with Debian Unstable. Remaining changes:
- d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm,
d/source/include-binaries, d/t/check-ubuntu-branding: Replace
Debian with Ubuntu on default homepage (LP: 1966004, LP: 1947459).
- d/apache2.py, d/apache2-bin.install: Add apport hook (LP: 609177).
- d/debhelper/apache2-maintscript-helper: Allow execution when called from
a postinst script through a trigger (i.e., postinst triggered). Thanks
to Roel van Meer (Closes: 1060450, LP: 2038912).
- d/index.html, d/apache2.postrm: Fix HTTPS link to Apache
documentation (LP: 2045055).
- d/perl-framework/t/apache/pr64339.t: Fix tests per upstream testsuite
revisions to address changes in libxml2 changes. (LP: 2112429)
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Wed, 16 Jul 2025
17:30:33 -0400
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Tags: needs-merge upgrade-software-version
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2125988
Title:
Merge apache2 from Debian Unstable for r-series
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/2125988/+subscriptions
Follow ups