[Pkg-apache-commits] r1008 - in /trunk/apache2: changelog config-dir/conf.d/security

sf at alioth.debian.org sf at alioth.debian.org
Wed Jul 29 15:29:22 UTC 2009


Author: sf
Date: Wed Jul 29 15:29:22 2009
New Revision: 1008

URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1008
Log:
Change default for ServerTokens to OS

Modified:
    trunk/apache2/changelog
    trunk/apache2/config-dir/conf.d/security

Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1008&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Wed Jul 29 15:29:22 2009
@@ -20,6 +20,8 @@
     Also add a configuration block for the event MPM in apache2.conf.
   * Fix HTTP PUT with mod_dav failing to detect an aborted connection
     (closes: #451563).
+  * Change default for ServerTokens to 'OS', to not announce the exact module
+    versions to the worls (LP: #205996)
   * Change references to httpd.conf in apache2-doc to apache2.conf
     (closes: #465393).
   * Clarify the recommended permissions for SSL certificates in README.Debian

Modified: trunk/apache2/config-dir/conf.d/security
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/config-dir/conf.d/security?rev=1008&op=diff
==============================================================================
--- trunk/apache2/config-dir/conf.d/security (original)
+++ trunk/apache2/config-dir/conf.d/security Wed Jul 29 15:29:22 2009
@@ -24,7 +24,8 @@
 # where Full conveys the most information, and Prod the least.
 #
 #ServerTokens Minimal
-ServerTokens Full
+ServerTokens OS
+#ServerTokens Full
 
 #
 # Optionally add a line containing the server version and virtual host




More information about the Pkg-apache-commits mailing list