backport mod_reqtimeout with handshake support

The attachment "apache2_modreqtimeout.debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

Originally I was a bit confused since I didn't see the changes as being part of any -security updates for disco and bionic. But when looking at the source for both series, the changes seemed to be there. I guess it might be included in their upstream releases then.

Hello Jesse, or anyone else affected,

Accepted apache2 into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apache2/2.4.18-2ubuntu3.14 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

[VERIFICATION XENIAL]

* Feedback #1:

From an impacted user:
"
They confirmed that from their perspective the test is OK, and the apache2 packages are delivering expected result
"

* Feedback #2:
From SustEng Mauricio (mfo):
"
The backport in xenial-proposed worked exactly as eoan
(with the AcceptFilter bits mentioned in previous comment)
...
"

[VERIFICATION XENIAL - Part 2]
* Feedback #3:
"
I also tested and now it works perfectly, I can count the seconds which I configure for the handshake timeout and the connection is terminated exactly when the handshake timeout expires

Great job!
"

This bug was fixed in the package apache2 - 2.4.18-2ubuntu3.14

---------------
apache2 (2.4.18-2ubuntu3.14) xenial; urgency=medium

  * Backport mod_reqtimeout with handshake support (LP: #1846138)
    - d/p/0001-mod-reqtimeout-revent-long-response-times.patch
    - d/p/0002-mod_reqtimeout-fix-body-timeout-disabling-for-CONNECT-request.patch
    - d/p/0003-mod_reqtimeout-Merge-r1853901-r1853906-r1853908-r1853929-r1853935-r.patch

 -- Jesse Williamson <email address hidden> Tue, 08 Oct 2019 13:31:25 +0000

The verification of the Stable Release Update for apache2 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.