[Pkg-apache-commits] r1163 - in /trunk/apache2: NEWS changelog
sf at alioth.debian.org
sf at alioth.debian.org
Sun Mar 7 22:18:20 UTC 2010
Author: sf
Date: Sun Mar 7 22:18:20 2010
New Revision: 1163
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1163
Log:
Add NEWS entry and rearrange changelog
Modified:
trunk/apache2/NEWS
trunk/apache2/changelog
Modified: trunk/apache2/NEWS
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/NEWS?rev=1163&op=diff
==============================================================================
--- trunk/apache2/NEWS (original)
+++ trunk/apache2/NEWS Sun Mar 7 22:18:20 2010
@@ -1,3 +1,14 @@
+apache2 (2.2.15-1) unstable; urgency=low
+
+ * This release adds and enables mod_reqtimeout, which limits the time
+ Apache waits for a client to send a complete request. This helps to
+ mitigate against certain denial of service attacks. In case of problems
+ with slow clients, the timeout values can be adjusted in
+ /etc/apache2/mods-available/reqtimeout.conf , or the module can be
+ disabled with "a2dismod reqtimeout".
+
+ -- Stefan Fritsch <sf at debian.org> Sun, 07 Mar 2010 23:09:30 +0100
+
apache2 (2.2.14-6) unstable; urgency=low
* Apache now uses the environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR,
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1163&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Sun Mar 7 22:18:20 2010
@@ -6,14 +6,14 @@
prefix injection attack.
- CVE-2010-0434: mod_headers: Fix potential information leak with threaded
MPMs.
+ - mod_reqtimeout: New module limiting the time waiting for receiving
+ a request from the client. This is a (partial) mitigation against
+ slowloris-type resource exhaustion attacks. The module is enabled by
+ default. Closes: #533661
- mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure
renegotiation with clients which do not yet support the secure
renegotiation protocol. As this requires openssl 0.9.8m, bump
build dependency accordingly.
- - mod_reqtimeout: New module limiting the time waiting for receiving
- a request from the client. This is a (partial) mitigation against
- slowloris-type resource exhaustion attacks. The module is enabled by
- default. Closes: #533661
* Fix bash completion for a2ensite if the site name contains 'conf' or
'load'. Closes: #572232
* Do a configcheck in the init script before doing a non-graceful restart.
More information about the Pkg-apache-commits
mailing list