[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#642956: pu: package apache2/2.2.16-6+squeeze4

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu

Please review apache2/2.2.16-6+squeeze4 for inclusion in s-p-u.
It fixes a minor DoS issue, some bugs in the init script and
adds some docs.

The changelog:

 apache2 (2.2.16-6+squeeze4) squeeze; urgency=low
 .
   * Fix CVE-2011-3348: Possible denial of service in mod_proxy_ajp
     if combined with mod_proxy_balancer.
   * Make exit code of '/etc/init.d/apache2 status' more LSB compatible.
     Closes: #613969
   * Fix typo in init script. Closes: #615866
   * For multiple instance setups, correctly determine the config dir in the
     init script if it is called via a start/stop link. Closes: #627061
   * Add hint in README.Debian about 403 error with mod_dav PUT.
     Closes: #613438
   * Add hint in README.Debian about how to increase max number of open
     files. Closes: #615632
   * Make it clear in README.multiple-instances that the MPMs are shipped
     in the apache2.2-bin package.
   * Tweak patch header to fix "dpatch unapply" with unstable's patch/dpatch.

Full debdiff is at

http://people.debian.org/~sf/2.2.16-6+squeeze4.debdiff

 debian/README.Debian                                  |   12 ++++++++++
 debian/README.multiple-instances                      |   11 +++++++--
 debian/apache2.2-common.apache2.init                  |   14 +++++++++---
 debian/changelog                                      |   19 +++++++++++++++++
 debian/patches/00list                                 |    1 
 debian/patches/034_apxs2_libtool_fixtastic            |    2 -
 debian/patches/087_mod_proxy_ajp_CVE-2011-3348.dpatch |   20 ++++++++++++++++++
 7 files changed, 71 insertions(+), 8 deletions(-)

Thanks.
Reply to: