Bug#642956: pu: package apache2/2.2.16-6+squeeze4
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu
Please review apache2/2.2.16-6+squeeze4 for inclusion in s-p-u.
It fixes a minor DoS issue, some bugs in the init script and
adds some docs.
The changelog:
apache2 (2.2.16-6+squeeze4) squeeze; urgency=low
.
* Fix CVE-2011-3348: Possible denial of service in mod_proxy_ajp
if combined with mod_proxy_balancer.
* Make exit code of '/etc/init.d/apache2 status' more LSB compatible.
Closes: #613969
* Fix typo in init script. Closes: #615866
* For multiple instance setups, correctly determine the config dir in the
init script if it is called via a start/stop link. Closes: #627061
* Add hint in README.Debian about 403 error with mod_dav PUT.
Closes: #613438
* Add hint in README.Debian about how to increase max number of open
files. Closes: #615632
* Make it clear in README.multiple-instances that the MPMs are shipped
in the apache2.2-bin package.
* Tweak patch header to fix "dpatch unapply" with unstable's patch/dpatch.
Full debdiff is at
http://people.debian.org/~sf/2.2.16-6+squeeze4.debdiff
debian/README.Debian | 12 ++++++++++
debian/README.multiple-instances | 11 +++++++--
debian/apache2.2-common.apache2.init | 14 +++++++++---
debian/changelog | 19 +++++++++++++++++
debian/patches/00list | 1
debian/patches/034_apxs2_libtool_fixtastic | 2 -
debian/patches/087_mod_proxy_ajp_CVE-2011-3348.dpatch | 20 ++++++++++++++++++
7 files changed, 71 insertions(+), 8 deletions(-)
Thanks.
Reply to: