apache2 2.4.51-2ubuntu1 source package in Ubuntu

Changelog

apache2 (2.4.51-2ubuntu1) jammy; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - debian/{control, apache2.install, apache2-utils.ufw.profile,
      apache2.dirs}: Add ufw profiles.
      (LP 261198)
    - debian/apache2.py, debian/apache2-bin.install: Add apport hook.
      (LP 609177)
    - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm,
      d/s/include-binaries: replace Debian with Ubuntu on default
      page and add Ubuntu icon file.
      (LP 1288690)
    - d/p/support-openssl3-*.patch: Backport various patches from
      https://github.com/apache/httpd/pull/258 in order to fix mod_ssl's
      failure to load when using OpenSSL 3.
      (LP #1951476)
  * Dropped:
    - d/apache2ctl: Also use systemd for graceful if it is in use.
      (LP: 1832182)
      [This introduced a performance regression.]
    - d/apache2ctl: Also use /run/systemd to check for systemd usage.
      (LP 1918209)
      [Not needed]
    - debian/patches/CVE-2021-33193.patch: refactor request parsing in
      include/ap_mmn.h, include/http_core.h, include/http_protocol.h,
      include/http_vhost.h, modules/http2/h2_request.c, server/core.c,
      server/core_filters.c, server/protocol.c, server/vhost.c.
      [Fixed in 2.4.48-4]
    - debian/patches/CVE-2021-34798.patch: add NULL check in
      server/scoreboard.c.
      [Fixed in 2.4.49-1]
    - debian/patches/CVE-2021-36160.patch: fix PATH_INFO setting for
      generic worker in modules/proxy/mod_proxy_uwsgi.c.
      [Fixed in 2.4.49-1]
    - debian/patches/CVE-2021-39275.patch: fix ap_escape_quotes
      substitution logic in server/util.c.
      [Fixed in 2.4.49-1]
    - arbitrary origin server via crafted request uri-path
      + debian/patches/CVE-2021-40438-pre1.patch: faster unix socket path
        parsing in the "proxy:" URL in modules/proxy/mod_proxy.c,
        modules/proxy/proxy_util.c.
      + debian/patches/CVE-2021-40438.patch: add sanity checks on the
        configured UDS path in modules/proxy/proxy_util.c.
      [Fixed in 2.4.49-3]
    - SECURITY REGRESSION: Issues in UDS URIs.  (LP #1945311)
      + debian/patches/CVE-2021-40438-2.patch: Fix UDS unix: scheme for P
        rules in modules/mappers/mod_rewrite.c.
      + debian/patches/CVE-2021-40438-3.patch: Handle UDS URIs with empty
        hostname in modules/mappers/mod_rewrite.c,
        modules/proxy/proxy_util.c.
      [Fixed in 2.4.49-3]

 -- Bryce Harrington <email address hidden>  Thu, 16 Dec 2021 14:09:26 -0800

Upload details

Uploaded by:
Bryce Harrington
Uploaded to:
Jammy
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Jammy release main web

Downloads

File Size SHA-256 Checksum
apache2_2.4.51.orig.tar.gz 9.4 MiB c2cedb0b47666bea633b44d5b3a2ebf3c466e0506955fbc3012a5a9b078ca8b4
apache2_2.4.51-2ubuntu1.debian.tar.xz 889.7 KiB a58778a9591272fc5038598966c76c6db71a47b6059b63d1290ed420a5e3aaaa
apache2_2.4.51-2ubuntu1.dsc 3.3 KiB 5c7c1015898ed23c9d109b2a7258e6568f8ce501bb2ccb2cb8790c8c6bfd49d9

View changes file

Binary packages built by this source

apache2: Apache HTTP Server

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 Installing this package results in a full installation, including the
 configuration files, init scripts and support scripts.

apache2-bin: Apache HTTP Server (modules and other binary files)

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 This package contains the binaries only and does not set up a working
 web-server instance. Install the "apache2" package to get a fully working
 instance.

apache2-bin-dbgsym: debug symbols for apache2-bin
apache2-data: Apache HTTP Server (common files)

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 This package contains architecture-independent common files such as icons,
 error pages and static index files.

apache2-dev: Apache HTTP Server (development headers)

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 This package provides development headers and the apxs2 binary for the Apache
 2 HTTP server, useful to develop and link third party additions to the Debian
 Apache HTTP server package.
 .
 It also provides dh_apache2 and dh sequence addons useful to install various
 Debian Apache2 extensions with debhelper. It supports
  - Apache 2 module configurations and shared objects
  - Site configuration files
  - Global configuration files

apache2-doc: Apache HTTP Server (on-site documentation)

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 This package provides the documentation for the Apache 2 HTTP server. The
 documentation is shipped in HTML format and can be accessed from a local
 running Apache HTTP server instance or by browsing the file system directly.

apache2-ssl-dev: Apache HTTP Server (mod_ssl development headers)

 The Apache HTTP Server Project's goal is to build a secure, efficient and
 extensible HTTP server as standards-compliant open source software. The
 result has long been the number one web server on the Internet.
 .
 This package provides the development header and the dependencies for
 modules that interact with mod_ssl's internal openssl state.

apache2-suexec-custom: Apache HTTP Server configurable suexec program for mod_suexec

 Provides a customizable version of the suexec helper program for mod_suexec.
 This is not the version from upstream, but can be configured with a
 configuration file.
 .
 If you do not need non-standard document root or userdir settings, it is
 recommended that you use the standard suexec helper program from the
 apache2-suexec-pristine package instead.

apache2-suexec-custom-dbgsym: debug symbols for apache2-suexec-custom
apache2-suexec-pristine: Apache HTTP Server standard suexec program for mod_suexec

 Provides the standard suexec helper program for mod_suexec. This version is
 compiled with document root /var/www and userdir suffix public_html. If you
 need different settings, use the package apache2-suexec-custom.

apache2-suexec-pristine-dbgsym: debug symbols for apache2-suexec-pristine
apache2-utils: Apache HTTP Server (utility programs for web servers)

 Provides some add-on programs useful for any web server. These include:
  - ab (Apache benchmark tool)
  - fcgistarter (Start a FastCGI program)
  - logresolve (Resolve IP addresses to hostnames in logfiles)
  - htpasswd (Manipulate basic authentication files)
  - htdigest (Manipulate digest authentication files)
  - htdbm (Manipulate basic authentication files in DBM format, using APR)
  - htcacheclean (Clean up the disk cache)
  - rotatelogs (Periodically stop writing to a logfile and open a new one)
  - split-logfile (Split a single log including multiple vhosts)
  - checkgid (Checks whether the caller can setgid to the specified group)
  - check_forensic (Extract mod_log_forensic output from Apache log files)
  - httxt2dbm (Generate dbm files for use with RewriteMap)

apache2-utils-dbgsym: debug symbols for apache2-utils
libapache2-mod-md: transitional package

 This is a transitional package to apache2 for users of libapache2-mod-md.
 It can be safely removed after the installation is complete.

libapache2-mod-proxy-uwsgi: transitional package

 This is a transitional package to apache2 for users of
 libapache2-mod-proxy-uwsgi.
 It can be safely removed after the installation is complete.