[apache2] 03/03: Import 2.4.10
Arno Töll
atoell-guest at moszumanska.debian.org
Sun Jul 20 17:29:20 UTC 2014
This is an automated email from the git hooks/post-receive script.
atoell-guest pushed a commit to branch master
in repository apache2.
commit b1559e3d0bc731fce529dd300f5635c122f26491
Author: Arno Töll <arno at debian.org>
Date: Sun Jul 20 06:28:29 2014 -1100
Import 2.4.10
---
debian/changelog | 13 +++++++++++--
debian/patches/fhs_compliance.patch | 30 +++++++++++++++++++-----------
2 files changed, 30 insertions(+), 13 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 7224e3c..65172be 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,14 @@
-apache2 (2.4.9-3) UNRELEASED; urgency=medium
+apache2 (2.4.10-1) UNRELEASED; urgency=medium
+ * New upstream version
+ + Refresh debian/patches/fhs_compliance.patch
+ + Security Fixes:
+ - CVE-2014-0117 mod_proxy: Fix DoS that could cause a crash
+ - CVE-2014-0226 Fix a race condition resulting in a heap overflow in
+ scoreboard handling
+ - CVE-2014-0118 mod_deflate: The DEFLATE input filter now limits the
+ length and compression ratio of inflated request to mitigate a possible DoS
+ - CVE-2014-0231 mod_cgid: Fix a denial of service against CGI scripts
* Warn users if they try to disable modules that we consider essential for
operation of the Apache web server (Closes: #709461)
* Drop libcap from our build-dependencies. That was needed for itk which we
@@ -14,7 +23,7 @@ apache2 (2.4.9-3) UNRELEASED; urgency=medium
force-removed by dpkg during the upgrade. Hopefully we catch all of them
with the Breaks relation coming along (Closes: #716880, #752922, #711925)
- -- Arno Töll <arno at debian.org> Sun, 20 Jul 2014 04:55:03 -1100
+ -- Arno Töll <arno at debian.org> Sun, 20 Jul 2014 06:24:54 -1100
apache2 (2.4.9-2) unstable; urgency=medium
diff --git a/debian/patches/fhs_compliance.patch b/debian/patches/fhs_compliance.patch
index 46827cd..af5125a 100644
--- a/debian/patches/fhs_compliance.patch
+++ b/debian/patches/fhs_compliance.patch
@@ -2,9 +2,11 @@ Description: Fix up FHS file locations for apache2 droppings.
Forwarded: not-needed
Author: Adam Conrad <adconrad at 0c3.net>
Last-Update: 2012-02-25
---- a/configure
-+++ b/configure
-@@ -32725,17 +32725,17 @@
+Index: apache2/configure
+===================================================================
+--- apache2.orig/configure
++++ apache2/configure
+@@ -33031,17 +33031,17 @@ ap_prefix="${ap_cur}"
cat >>confdefs.h <<_ACEOF
@@ -25,9 +27,11 @@ Last-Update: 2012-02-25
_ACEOF
---- a/configure.in
-+++ b/configure.in
-@@ -823,11 +823,11 @@
+Index: apache2/configure.in
+===================================================================
+--- apache2.orig/configure.in
++++ apache2/configure.in
+@@ -826,11 +826,11 @@ rm -f modules.c
echo $MODLIST | $AWK -f $srcdir/build/build-modules-c.awk > modules.c
APR_EXPAND_VAR(ap_prefix, $prefix)
@@ -42,8 +46,10 @@ Last-Update: 2012-02-25
[Location of the MIME types config file, relative to the Apache root directory])
perlbin=`$ac_aux_dir/PrintPath perl`
---- a/include/ap_config_layout.h.in
-+++ b/include/ap_config_layout.h.in
+Index: apache2/include/ap_config_layout.h.in
+===================================================================
+--- apache2.orig/include/ap_config_layout.h.in
++++ apache2/include/ap_config_layout.h.in
@@ -60,5 +60,6 @@
#define DEFAULT_REL_LOGFILEDIR "@rel_logfiledir@"
#define DEFAULT_EXP_PROXYCACHEDIR "@exp_proxycachedir@"
@@ -51,9 +57,11 @@ Last-Update: 2012-02-25
+#define DEFAULT_PIDLOG "/var/run/apache2.pid"
#endif /* AP_CONFIG_LAYOUT_H */
---- a/include/httpd.h
-+++ b/include/httpd.h
-@@ -109,7 +109,7 @@
+Index: apache2/include/httpd.h
+===================================================================
+--- apache2.orig/include/httpd.h
++++ apache2/include/httpd.h
+@@ -109,7 +109,7 @@ extern "C" {
#define DOCUMENT_LOCATION HTTPD_ROOT "/docs"
#else
/* Set default for non OS/2 file system */
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list