incorrect module dependencies
Bug #1205314 reported by
Marc Deslauriers
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Debian) |
Fix Released
|
Unknown
|
|||
apache2 (Ubuntu) |
Fix Released
|
Medium
|
Marc Deslauriers |
Bug Description
Apache 2.4.4-6ubuntu5 and 2.4.6-2 has an incorrect module dependency in the lbmethod_* module files:
# Depends: mod_proxy_balancer
should be:
# Depends: proxy_balancer
CVE References
Changed in apache2 (Ubuntu): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
Changed in apache2 (Debian): | |
status: | Unknown → New |
Changed in apache2 (Debian): | |
status: | New → Fix Committed |
Changed in apache2 (Debian): | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This bug was fixed in the package apache2 - 2.4.6-2ubuntu1
---------------
apache2 (2.4.6-2ubuntu1) saucy; urgency=low
* Merge from Debian unstable. Remaining changes: utils.ufw. profile, dirs}: Add ufw profiles. apache2- bin.install: Add apport hook. config- dir/mods- available/ ssl.conf, ask-for- passphrase, debian/ apache2. install: Plymouth aware BUILD}_ GNU_TYPE patches/ 086_svn_ cross_compiles: Backport several cross fixes patches/ CVE-2013- 1896.patch: upstream config- dir/mods- available/ lbmethod_ *: properly specify balancer, not mod_proxy_balancer.
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, apache2.install, apache2-
apache2.
- debian/apache2.py, debian/
- debian/control, debian/
debian/
passphrase dialog program ask-for-passphrase.
- debian/rules: Fix cross-building by passing DEB_{HOST,
to configure.
- debian/
from upstream
* Dropped changes:
- debian/
* Fixed module dependencies (LP: #1205314)
- debian/
proxy_
apache2 (2.4.6-2) unstable; urgency=low
[ Stefan Fritsch ]
* Fix watch file
* Don't pass --silent to libtool, allowing blhc to check the compiler
options in the build logs.
[ Arno Töll ] maintscript- helper (Closes: #717610)
* Allow third party packages to use triggers if they use them in a
maintainer script invoking apache2-
apache2 (2.4.6-1) unstable; urgency=low
New upstream release: based host name checking in proxy eerName) .
* CVE-2013-1896: mod_dav: Fix a denial of service via MERGE request
(Closes: #717272)
* New modules mod_cache_socache, mod_proxy_wstunnel.
* mod_ssl: Add support for subjectAltName-
mode (SSLProxyCheckP
* mod_lua: Many new functions.
* mod_auth_basic: Add a generic mechanism to fake basic authentication
using the ap_expr parser (AuthBasicFake).
* mod_proxy: New BalancerInherit and ProxyPassInherit options.
* mod_authnz_ldap: Allow using exec: calls to obtain LDAP bind password.
[ Arno Töll ] maintscript- helper from a sub-function. We rely
* Document our security model in our NEWS file and highlight we do not allow
access to /srv. Thanks to joeyh for pointing this out.
* Allow the use of apache2-
on dpkg's arguments supplied in $1, $2 etc. This clashes with function
arguments supplied to to sh sub-function. Allow manual override in such
cases.
* Mention that the dh_apache2 conditional must be present in postrm too
(Closes: #716694)
* Fix "dh_apache2 ignores alternative httpd on conf files" by correctly
checking the supplied arguments, we were off by one (Closes: #717299).
* Reinstall index.html also on upgrades as it is removed during upgrades.
* Add mod_macro transitional package as it was promoted to core and does not
exist as individual package anymore (Closes: #706962)
[ Stefan Fritsch ]
* Don't fail package upgrade or removal just because the configuration is in
an inconsistent state (Closes: #716921, #717343, LP: #1202653).
* Improve error output of init script.
* Fix broken dependency information in several *.load files.
* Add mod_authn_core as dependency of the mod_auth_* modules.
(Closes: #717448)
-- Marc Desla...