Debian Package Tracker

Date: Thu, 07 Mar 2013 01:03:15 +0000
From: Arno Töll <arno@debian.org>
To: <debian-experimental-changes@lists.debian.org> , <debian-devel-changes@lists.debian.org>
Subject: Accepted apache2 2.4.4-1 (source amd64 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 07 Mar 2013 01:24:51 +0100
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.4-1
Distribution: experimental
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Arno Töll <arno@debian.org>
Description: 
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (binary files and modules)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Closes: 666816 671683 681541 681542 682840 691365 691440 693292 701117
Changes: 
 apache2 (2.4.4-1) experimental; urgency=low
 .
   * New upstream release
     - Fixes mod_log_forensic logging spurious '-' characters. Closes: #693292
     - Responds with HTTP/1.0 when talking http to https port. Closes: #701117
     - Fix various XSS flaws in modules (CVE-2012-3499, CVE-2012-4558)
 .
   [ Stefan Fritsch ]
   * Add examples for X-Content-Type-Options and X-Frame-Options to
     security.conf.
   * Make dh_apache2 only accept shell function names as conditional, to avoid
     problems with shell and sed special characters.
   * Add Replaces for the old mpm packages to apache2-bin. Closes: #671683
   * Add transitional package for libapache2-mod-proxy-html. Closes: #666816
     - Override dh_gencontrol so that the package's version sorts later than
       the existing version in Wheezy.
   * Don't ship changelogs in the apache2.2-bin transitional package.
   * CVE-2013-1048: Fix symlink vulnerability when creating /var/lock/apache2
 .
   [ Arno Töll ]
   * Rewrite most parts of the init script to make it more readable and improve
     visual feedback when fancy output is in use.
   * Drop the dbmanage tool from apache2-utils. It is mostly unmaintained and
     outdated. Users of mod_authn_dbm should use htdbm instead.
   * Fix "Default /etc/apache2/mods-available/disk_cache.conf is incompatible
     with ext3" by changing the default to more moderate values. Note, some file
     systems have a hard limit of supported subdirectories (Closes: #682840).
     Ported from our 2.2 tree targeted for Wheezy.
   * Properly check return code of a2query in the apache2_invoke library
     function. This caused reverse dependencies to fail for newly installed
     modules previously.
   * Implement -q (quiet) option for a2query (Closes: #681541).
   * Properly honor -p/-N options as understood by debhelper (Closes: 681542).
     Thanks Russ Allbery for the hint.
   * Be more careful regarding link attacks when for the the cache disk
     directory.
   * Compress the data.tar in binary packages using xz to save some space on
     installation medias (Debian only).
   * Fix "invoke-rc.d apache2 status fails" by merging patch of Jean-Michel
     Vourgère. Thanks! (Closes: #691365)
   * Fix "copyright file missing after upgrade (policy 12.5)" - add link
     manually when necessary in postinst (Closes: #691440)
   * Document APACHE_ARGUMENTS in envvars (ported from our 2.2 branch, reported as #693299)
   * Don't croak about lacking permissions in apache2ctl when the script is
     executed as a non-privileged user
 .
   [ Bernhard R. Link ]
 .
   * Rearrane patches: Move all the patches or parts of patches touching non-itk
     specific files (i.e. those from the upstream tarball) directly in the
     debian/patches/series series.  While this seperates the itk patches into two
     heaps, it makes both more visible what changes happen to the general code (and
     thus are also done to the other servers generated)
Checksums-Sha1: 
 c0587902afe5e0d2862d5ecd8728cd738a1d693e 3014 apache2_2.4.4-1.dsc
 0c5ab7f876aa10fbe8bfab2c34f8dd3dc76db16c 4780289 apache2_2.4.4.orig.tar.bz2
 419e5bfe6424c8dee9818180aee431759e037d26 182803 apache2_2.4.4-1.debian.tar.gz
 73398115e38e11403850b385a06c32b1b26654a3 866 libapache2-mod-proxy-html_2.4+transitional1_amd64.deb
 cca95eb3a40ef2c37f95e834ab221fd6b033ee23 180896 apache2_2.4.4-1_amd64.deb
 803729c5d6722cad4ee742219fb81869fde622c7 151800 apache2-data_2.4.4-1_all.deb
 80f79a8230abdec8b736040cad50bd4957db32bb 942348 apache2-bin_2.4.4-1_amd64.deb
 932050daaa0863ba7cc9bf487c2a595945d61f7c 848 apache2-mpm-worker_2.4.4-1_amd64.deb
 3fb25022d89af6c574144669cd82cf04abda495d 852 apache2-mpm-prefork_2.4.4-1_amd64.deb
 495f672e135b467f463667b81abcd05fe066433d 848 apache2-mpm-event_2.4.4-1_amd64.deb
 26338e7af8f681b08038909c3128c73d19388ce0 844 apache2-mpm-itk_2.4.4-1_amd64.deb
 6eabb8c0a22b717beee349bc04b20268055fd9a6 854 apache2.2-bin_2.4.4-1_amd64.deb
 b95b111668d843ac39706ab3b99d721818fb25b0 175740 apache2-utils_2.4.4-1_amd64.deb
 b7acf442bb158044714061885b2a164332c8f2f7 1388 apache2-suexec_2.4.4-1_amd64.deb
 874564a028cbff0e1837b17545eb4dbec56bd6e6 110214 apache2-suexec-pristine_2.4.4-1_amd64.deb
 a4ec6bbe090ce7e8c5d4451b5908ee331df26cd1 111718 apache2-suexec-custom_2.4.4-1_amd64.deb
 b9c0536cce5f5f806432d5a61e58f310ab0e2005 2560306 apache2-doc_2.4.4-1_all.deb
 b5d7233542b19d31d7cea9f5c5442f16a885ba8c 154906 apache2-dev_2.4.4-1_amd64.deb
 ca255aa1b9d2ec50eb33179be15effcf8f602b6f 2066258 apache2-dbg_2.4.4-1_amd64.deb
Checksums-Sha256: 
 d0f758052646808e612b55d5c36fb3e213a1a3b3b59183d6182f14132b2b6f78 3014 apache2_2.4.4-1.dsc
 92aabddeca76a4ac7330b143df1407bbf35574c7291c15172238ac598d97655c 4780289 apache2_2.4.4.orig.tar.bz2
 2d9906181f96475cc393d70ea4317118c06c6c8fb09a953726ba2a55f317c1ef 182803 apache2_2.4.4-1.debian.tar.gz
 30b212331f9a2d8234a8b775006ecc3c725c20273981aad5b760ccf2659e7bfe 866 libapache2-mod-proxy-html_2.4+transitional1_amd64.deb
 3fab469185e19608820436ef9f852fdc26046900cf03d244c7b7660447ff9fc0 180896 apache2_2.4.4-1_amd64.deb
 c07f0d1e9830088b49c25585c185451bdfe66951a064e37da5e1ec49328f6c65 151800 apache2-data_2.4.4-1_all.deb
 caa9e42b6d72726be46502f396db742592817bd5e427471417ba279b583d633d 942348 apache2-bin_2.4.4-1_amd64.deb
 2abc0b37ec2b8bc59eaa375c7a4e9fb61287872dc0dbfe13d54319cb660e3934 848 apache2-mpm-worker_2.4.4-1_amd64.deb
 3447183a8ffaebe726bcf12b4ae12b2c8264b01c8d5623615efe623e03b24485 852 apache2-mpm-prefork_2.4.4-1_amd64.deb
 31df1cb84b68694dbffb2df439dd0811b5bc7e0ddc47c114c7cd3ad7fde38617 848 apache2-mpm-event_2.4.4-1_amd64.deb
 009721ffecc8bfd12f9091fa267a643a35ab050c98e3a95c3bf632bc4e02a052 844 apache2-mpm-itk_2.4.4-1_amd64.deb
 4ce999d60a3d4178d0c791785700a3d9c23abf55d97abba43511f473f087e757 854 apache2.2-bin_2.4.4-1_amd64.deb
 ac8589dd3fa301d456a4ad213bd95164700796a69215470e382aafdfa462b729 175740 apache2-utils_2.4.4-1_amd64.deb
 7ccfe1ea37131eaf24eba1dd835fe70713526bb519eb5c7cdf29e45512ce4a19 1388 apache2-suexec_2.4.4-1_amd64.deb
 73158ae6f923efd7033b9717fd9f6e2f95ef1959669b68288da4a935015688dd 110214 apache2-suexec-pristine_2.4.4-1_amd64.deb
 06b4f589fd2b8b5908379e1d8c440ff100ccd265915854c2ee16763d3c47ccf1 111718 apache2-suexec-custom_2.4.4-1_amd64.deb
 5d927baff5b136e915b507dfc3241871cc77d2a7b4337a3a1c402d9da68f9588 2560306 apache2-doc_2.4.4-1_all.deb
 c77d4812c5b6c433c0615b75df62699217e2077525f7c72a2b6f2b9f28398209 154906 apache2-dev_2.4.4-1_amd64.deb
 11e901a051403706ced57c41a2b6dde2330749e7dd6a104bf9c410bf71023e90 2066258 apache2-dbg_2.4.4-1_amd64.deb
Files: 
 e65f36613d95025d5b7acdc41b38cf76 3014 httpd optional apache2_2.4.4-1.dsc
 0e712ee2119cd798c8ae39d5f11a9206 4780289 httpd optional apache2_2.4.4.orig.tar.bz2
 898d7b89aa65aeab72d63eb1167ca429 182803 httpd optional apache2_2.4.4-1.debian.tar.gz
 8a38ed79c868e9b461d054b43a698c38 866 oldlibs extra libapache2-mod-proxy-html_2.4+transitional1_amd64.deb
 b82f31e54ac129dfbc25d9aeb94c0c5c 180896 httpd optional apache2_2.4.4-1_amd64.deb
 eea1aab7e0d86d9a5390c0ff1f7493ac 151800 httpd optional apache2-data_2.4.4-1_all.deb
 2103c45138f9fd17ba911509571b6663 942348 httpd optional apache2-bin_2.4.4-1_amd64.deb
 ef6eed285688ef14065cc8b87ffdb5d1 848 oldlibs extra apache2-mpm-worker_2.4.4-1_amd64.deb
 a6e7ef52836a8d6eb9886f764313eeb5 852 oldlibs extra apache2-mpm-prefork_2.4.4-1_amd64.deb
 1dcb49cd76df969e6a8f48cddcc459b2 848 oldlibs extra apache2-mpm-event_2.4.4-1_amd64.deb
 169791f6e7af64c46f6a5eb201bc8c0a 844 oldlibs extra apache2-mpm-itk_2.4.4-1_amd64.deb
 03a58f91b2276058cb7e7c653020fdd9 854 oldlibs extra apache2.2-bin_2.4.4-1_amd64.deb
 ce2d09e36c064743d4d5bebea98e2beb 175740 httpd optional apache2-utils_2.4.4-1_amd64.deb
 ee90718991ea0c11f159bb75790c0de2 1388 oldlibs extra apache2-suexec_2.4.4-1_amd64.deb
 964023436aa853acf0be872f64d6da5f 110214 httpd optional apache2-suexec-pristine_2.4.4-1_amd64.deb
 b18ed9180b3d2f76c7a80b462c27a4e9 111718 httpd extra apache2-suexec-custom_2.4.4-1_amd64.deb
 741dbe4d312d154ceeb8256c5540f461 2560306 doc optional apache2-doc_2.4.4-1_all.deb
 f9a5b9451dc43b353652c049aa227ec6 154906 httpd optional apache2-dev_2.4.4-1_amd64.deb
 db4a1311c11b51ede71109a7e30b1d5f 2066258 debug extra apache2-dbg_2.4.4-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJRN+K0AAoJEMcrUe6dgPNtG2YP/AyKCRw2Dz9Qvqf00oAmiizp
ArQrwqYGw/FWfF4W6Btnk1pzCBkl7FaAFbFOTXSUFJYa3rl2uaT6kUt9dvVimU8o
8ceMKKgDEkj+fbVBF6qoH/H797XwFl2CRW3fQ8m3rHH2LkRkXNuCutuyL/FegxO/
ltoOr8h4FC7B2YjIaAAKUPgtGlP9OayTdNV+n81NjKqGfLtHSR3x5124tNQP/o54
VVfgHYO/L0aj7pTmYgYAZD0y+9aFKqDaYelLMV1Yt9xr25VV2LEu5ZYtSdaS+qO1
fgoNIyNJzKnoN/IZwyV3di4akcl+2QF2fg7eq+nKQLGkMuWgaBhuFLVHroi0OvES
KaVHJVD+cA7sObV5j7cvsRD807fsM5Z/4z5K0V0chT04XKPlgxnmOXekBA8eH3kR
HG23oCwHqSYu3UyXmReEqP32ol5j3QcXTWlUSV9nHR0sMbjBDlOrdvlX0Y0bOIjt
IrjWaJZQm1bhQD5tr0ptAcVGUCCTn88ue8B7TIt5tPTRWYXIAHRwnXI02BMJL9f6
Qylg+7RDROUe0zA1lSn945ZmCqY+BqIMVEW9IO4+A1p613vbx3sOVI9ID0Yrjcyz
8lUiYgUf+UmlonS9DOG71wkTVCHZUpAKxXyDjigK3zcoFMRaruAp9zMlg5664piU
IanWORDrv2UMU//NZKbf
=NYFt
-----END PGP SIGNATURE-----
News for package apache2
