Publishing details

Removed from disk on 2024-07-04.
Removal requested on 2024-07-04.
Superseded on 2024-07-02 by apache2 - 2.4.60-1+ubuntu22.04.1+deb.sury.org+1
Published on 2024-04-09

Changelog

apache2 (2.4.59-1+ubuntu22.04.1+deb.sury.org+1) jammy; urgency=medium

  * No-change backport to jammy.

apache2 (2.4.59-1) unstable; urgency=medium

  [ Stefan Fritsch ]
  * Remove old transitional packages libapache2-mod-md and
    libapache2-mod-proxy-uwsgi. Closes: #1032628

  [ Yadd ]
  * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564)
  * Refresh patches
  * New upstream version 2.4.59
  * Refresh patches
  * Update patches
  * Update test framework

apache2 (2.4.58-1) unstable; urgency=medium

  [ Bas Couwenberg ]
  * Provide dh-sequence-apache2 (Closes: #1050870)

  [ Yadd ]
  * Drop dependency to obsolete lsb-base
  * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622,
    CVE-2023-45802)
  * Refresh patches

apache2 (2.4.57-3) unstable; urgency=medium

  * Update a2enmod to drop given/when (Closes: #1050458)
  * Restore changes not included in Bookworm (set -e in apache2ctl)

apache2 (2.4.57-2) unstable; urgency=medium

  * Revert debian/* changes (Bookworm freeze)

apache2 (2.4.57-1) unstable; urgency=medium

  * New upstream version 2.4.57
  * Drop 2.4.56-regression patches

apache2 (2.4.56-2) unstable; urgency=medium

  * Fix regression in mod_rewrite introduced in version 2.4.56
    (Closes: #1033284)
  * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408)

apache2 (2.4.56-1) unstable; urgency=medium

  * New upstream version (Closes: #1032476, CVE-2023-27522, CVE-2023-25690)

apache2 (2.4.55-1) unstable; urgency=medium

  [ Hendrik Jäger ]
  * disable ssl session tickets
  * redundant example as already enabled in the default config
  * logrotate indentation
  * Update example how to prevent access to VCS directories

  [ lintian-brush ]
  * Update lintian override info to new format:
    + debian/source/lintian-overrides: line 2, 4-5, 8
    + debian/apache2-data.lintian-overrides: line 2-5
    + debian/apache2-bin.lintian-overrides: line 3
    + debian/apache2-doc.lintian-overrides: line 2
    + debian/apache2.lintian-overrides: line 6
  * Set upstream metadata fields: Repository-Browse.
  * Update standards version to 4.6.2, no changes needed.

  [ Yadd ]
  * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760,
    CVE-2022-37436)

apache2 (2.4.54-5) unstable; urgency=medium

  [ Hendrik Jäger ]
  * fix: one oom-killed thread should not take down the whole service
  * fix: remove modelines
  * fix: update clickjacking protection example
  * fix: use tab for indentation, even in commented examples

  [ Yadd ]
  * Revert "Fix: confusing and impractical naming" (unbreak squid and haproxy
    tests)

apache2 (2.4.54-4) unstable; urgency=medium

  [ Charles Plessy ]
  * Replace mime-support transition package with media-types (Closes: #980275)

  [ Hendrik Jäger ]
  * fix mislead safety precautions: don't hide errors when enabling a module.
    MR !20
  * fix trailing spaces and indentation inconsistencies. MR !19 !21 !22
  * Fix confusing and impractical naming: rename default-ssl.conf into
    000-default-ssl.conf. MR !23
  * Fix confusing keyword: replace _default_ by *. MR !24

apache2 (2.4.54-3) unstable; urgency=medium

  [ Hendrik Jäger ]
  * Do not enable global alias /manual
  * mention not enabling /manual for the docs in the NEWS

apache2 (2.4.54-2) unstable; urgency=medium

  * Move cgid socket into a writeable directory (Closes: #1014056)
  * Update lintian overrides
  * Declare compliance with policy 4.6.1
  * Install NOTICE in each package

apache2 (2.4.54-1) unstable; urgency=medium

  [ Simon Deziel ]
  * Escape literal "." for BrowserMatch directives in setenvif.conf
  * Use non-capturing regex with FilesMatch directive in default-ssl.conf

  [ Ondřej Surý ]
  * New upstream version 2.4.54 (Closes: #1012513, CVE-2022-31813,
    CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404,
    CVE-2022-30522, CVE-2022-30556, CVE-2022-28330)

  [ Yadd ]
  * Fix htcacheclean doc (Closes: #1010455)
  * New upstream version 2.4.54

apache2 (2.4.53-2) unstable; urgency=medium

  * Clean useless Conflicts/Replace
  * apache2-dev: add missing dependency on libpcre2-dev (Closes: #1007254)

apache2 (2.4.53-1) unstable; urgency=medium

  * New upstream version 2.4.53 (Closes: CVE-2022-22719,
    CVE-2022-22720, CVE-2022-22721, CVE-2022-23943)
  * Update copyright
  * Patches:
    + Drop fix-2.4.52-regression.patch, now included in upstream
    + Refresh fhs_compliance.patch
    + Update and disable child_processes_fail_to_start.patch
  * Update test framework
  * Back to unstable

apache2 (2.4.52-3) experimental; urgency=medium

  * Fix autopkgtest with libpcre2 (autopkgtest still fails due to an SSL
    error)
  * Set hardening=+all instead of hardening=+bindnow

apache2 (2.4.52-2) experimental; urgency=medium

  * Build with pcre2 (Closes: #1000114)

 -- Ondřej Surý <email address hidden>  Tue, 09 Apr 2024 13:52:19 +0200

Available diffs

diff from 2.4.58-1+ubuntu22.04.1+deb.sury.org+1 to 2.4.59-1+ubuntu22.04.1+deb.sury.org+1 (515.4 KiB)

Builds

Package files

apache2_2.4.59-1+ubuntu22.04.1+deb.sury.org+1.debian.tar.xz (800.6 KiB)
apache2_2.4.59-1+ubuntu22.04.1+deb.sury.org+1.dsc (3.5 KiB)
apache2_2.4.59.orig.tar.gz (9.4 MiB)
apache2_2.4.59.orig.tar.gz.asc (833 bytes)