Package: apache2 / 2.2.22-13+deb7u6

Metadata

Package Version Patches format
apache2 2.2.22-13+deb7u6 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
004_usr_bin_perl_0wnz_j00 | (download)

docs/cgi-examples/printenv | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
008_make_include_safe | (download)

server/config.c | 31 29 + 2 - 0 !
1 file changed, 29 insertions(+), 2 deletions(-)

---
009_apache2_has_dso | (download)

support/apxs.in | 23 12 + 11 - 0 !
1 file changed, 12 insertions(+), 11 deletions(-)

---
010_fhs_compliance | (download)

config.layout | 6 3 + 3 - 0 !
configure | 6 3 + 3 - 0 !
configure.in | 6 3 + 3 - 0 !
include/ap_config_layout.h.in | 1 1 + 0 - 0 !
include/httpd.h | 2 1 + 1 - 0 !
5 files changed, 11 insertions(+), 10 deletions(-)

---
032_suexec_is_shared | (download)

os/unix/unixd.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
033_dbm_read_hash_or_btree | (download)

support/dbmmanage.in | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

---
038_no_LD_LIBRARY_PATH | (download)

support/envvars-std.in | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

---
045_suexec_log_cloexec | (download)

support/suexec.c | 20 9 + 11 - 0 !
1 file changed, 9 insertions(+), 11 deletions(-)

---
047_fix_usage_message | (download)

server/main.c | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

---
052_logresolve_linelength | (download)

support/logresolve.c | 22 10 + 12 - 0 !
1 file changed, 10 insertions(+), 12 deletions(-)

---
057_disablemods | (download)

acinclude.m4 | 21 13 + 8 - 0 !
configure | 6 5 + 1 - 0 !
2 files changed, 18 insertions(+), 9 deletions(-)

---
058_suexec CVE 2007 1742 | (download)

support/suexec.c | 17 15 + 2 - 0 !
1 file changed, 15 insertions(+), 2 deletions(-)

---
067_fix_segfault_in_ab | (download)

support/ab.c | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

---
071_fix_cacheenable | (download)

modules/cache/cache_util.c | 93 65 + 28 - 0 !
1 file changed, 65 insertions(+), 28 deletions(-)

---
073_mod_dav_trunk_fixes | (download)

modules/dav/fs/lock.c | 97 13 + 84 - 0 !
modules/dav/fs/repos.c | 177 124 + 53 - 0 !
modules/dav/main/mod_dav.c | 26 23 + 3 - 0 !
3 files changed, 160 insertions(+), 140 deletions(-)

---
074_link_support_progs_with_lcrypt | (download)

configure | 4 2 + 2 - 0 !
support/config.m4 | 4 2 + 2 - 0 !
2 files changed, 4 insertions(+), 4 deletions(-)

---
075_mod_rewrite_literal_ipv6_redirect | (download)

modules/mappers/mod_rewrite.c | 21 19 + 2 - 0 !
1 file changed, 19 insertions(+), 2 deletions(-)

---
077_CacheIgnoreURLSessionIdentifiers | (download)

modules/cache/cache_storage.c | 60 46 + 14 - 0 !
1 file changed, 46 insertions(+), 14 deletions(-)

---
079_polish_translation | (download)

docs/error/HTTP_NOT_FOUND.html.var | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
082_ab_num_requests | (download)

support/ab.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

---
083_dlopen_search_path | (download)

modules/mappers/mod_so.c | 77 43 + 34 - 0 !
1 file changed, 43 insertions(+), 34 deletions(-)

---
084_customize_apxs.patch | (download)

support/apxs.in | 142 37 + 105 - 0 !
1 file changed, 37 insertions(+), 105 deletions(-)

 adapt apxs to debian specific changes
 - Make apxs2 use a2enmod and /etc/apache2/mods-available
 - Make libtool happier
 - Use LDFLAGS from config_vars.mk, allow to override them
085_mod_cache_partial_content 2.2.x.patch | (download)

modules/cache/mod_cache.c | 6 5 + 1 - 0 !
modules/cache/mod_disk_cache.c | 8 8 + 0 - 0 !
modules/cache/mod_mem_cache.c | 8 8 + 0 - 0 !
3 files changed, 21 insertions(+), 1 deletion(-)

---
086_upstream_trunk_bugfixes.patch | (download)

modules/debug/mod_dumpio.c | 1 1 + 0 - 0 !
modules/proxy/mod_proxy_ajp.c | 22 4 + 18 - 0 !
server/util_script.c | 5 4 + 1 - 0 !
3 files changed, 9 insertions(+), 19 deletions(-)

---
087_mod_negotiation_CVE 2012 2687.patch | (download)

modules/mappers/mod_negotiation.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---
201_build_suexec custom | (download)

Makefile.in | 2 1 + 1 - 0 !
support/Makefile.in | 6 5 + 1 - 0 !
2 files changed, 6 insertions(+), 2 deletions(-)

---
dbmmanage perl 510.patch | (download)

support/dbmmanage.in | 14 9 + 5 - 0 !
1 file changed, 9 insertions(+), 5 deletions(-)

 make use of builtin sha1 perl routines in perl 5.10
SSLProtocol tls11 12.2.patch | (download)

modules/ssl/mod_ssl.c | 8 4 + 4 - 0 !
modules/ssl/ssl_engine_config.c | 8 8 + 0 - 0 !
modules/ssl/ssl_engine_init.c | 29 29 + 0 - 0 !
modules/ssl/ssl_private.h | 13 11 + 2 - 0 !
4 files changed, 52 insertions(+), 6 deletions(-)

 support tlsv1.1 and tlsv1.2 in sslprotocol directive
disable ssl compression.patch | (download)

modules/ssl/mod_ssl.c | 3 3 + 0 - 0 !
modules/ssl/ssl_engine_config.c | 23 23 + 0 - 0 !
modules/ssl/ssl_engine_init.c | 12 12 + 0 - 0 !
modules/ssl/ssl_private.h | 9 9 + 0 - 0 !
4 files changed, 47 insertions(+)

 allow mod_ssl to disable ssl compression

Patch submitted upstream, merged into 2.2.24. This patch adds a "Compression
on|off" directive to mod_ssl.

CVE 2012 3499_CVE 2012 4558_XSS.patch | (download)

modules/generators/mod_info.c | 3 2 + 1 - 0 !
modules/generators/mod_status.c | 3 2 + 1 - 0 !
modules/ldap/util_ldap_cache_mgr.c | 2 1 + 1 - 0 !
modules/mappers/mod_imagemap.c | 38 24 + 14 - 0 !
modules/proxy/mod_proxy_balancer.c | 8 5 + 3 - 0 !
modules/proxy/mod_proxy_ftp.c | 4 3 + 1 - 0 !
6 files changed, 37 insertions(+), 21 deletions(-)

---
mod_log_forensic_693292.patch | (download)

modules/loggers/mod_log_forensic.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
mod_rewrite CVE 2013 1862.patch | (download)

modules/mappers/mod_rewrite.c | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

---
CVE 2013 1896.patch | (download)

modules/dav/main/mod_dav.c | 11 6 + 5 - 0 !
1 file changed, 6 insertions(+), 5 deletions(-)

---
mod_dav_crash_PR_52559.patch | (download)

modules/dav/fs/dbm.c | 14 13 + 1 - 0 !
modules/dav/main/props.c | 8 4 + 4 - 0 !
2 files changed, 17 insertions(+), 5 deletions(-)

---
mod_dav CVE 2013 6438.patch | (download)

modules/dav/main/util.c | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

---
cookie logging CVE 2014 0098.diff | (download)

modules/loggers/mod_log_config.c | 25 18 + 7 - 0 !
1 file changed, 18 insertions(+), 7 deletions(-)

---
SSL ECC.patch | (download)

modules/ssl/mod_ssl.c | 3 3 + 0 - 0 !
modules/ssl/ssl_engine_init.c | 99 95 + 4 - 0 !
modules/ssl/ssl_engine_kernel.c | 21 21 + 0 - 0 !
modules/ssl/ssl_private.h | 18 18 + 0 - 0 !
modules/ssl/ssl_toolkit_compat.h | 6 6 + 0 - 0 !
modules/ssl/ssl_util.c | 14 14 + 0 - 0 !
6 files changed, 157 insertions(+), 4 deletions(-)

---
mod_proxy crash PR_50335.patch | (download)

modules/proxy/mod_proxy_http.c | 10 8 + 2 - 0 !
1 file changed, 8 insertions(+), 2 deletions(-)

---
CVE 2014 0226_scoreboard.patch | (download)

include/scoreboard.h | 17 17 + 0 - 0 !
modules/generators/mod_status.c | 4 2 + 2 - 0 !
server/scoreboard.c | 15 15 + 0 - 0 !
3 files changed, 34 insertions(+), 2 deletions(-)

---
CVE 2014 0231_mod_cgid DoS.patch | (download)

modules/generators/mod_cgid.c | 57 55 + 2 - 0 !
1 file changed, 55 insertions(+), 2 deletions(-)

---
CVE 2014 0118_mod_deflate DoS.patch | (download)

modules/filters/mod_deflate.c | 147 146 + 1 - 0 !
1 file changed, 146 insertions(+), 1 deletion(-)

---
CVE 2013 5704_trailers.patch | (download)

include/http_core.h | 4 4 + 0 - 0 !
include/httpd.h | 5 5 + 0 - 0 !
modules/http/http_filters.c | 65 51 + 14 - 0 !
modules/http/http_request.c | 4 4 + 0 - 0 !
modules/loggers/mod_log_config.c | 29 26 + 3 - 0 !
modules/proxy/mod_proxy_http.c | 15 15 + 0 - 0 !
modules/proxy/proxy_util.c | 3 3 + 0 - 0 !
server/core.c | 16 16 + 0 - 0 !
server/protocol.c | 8 7 + 1 - 0 !
9 files changed, 131 insertions(+), 18 deletions(-)

---
SNI_case_insensitve.diff | (download)

modules/ssl/ssl_engine_kernel.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
mod_ssl_SSL_CLIENT_S_DN_UID.diff | (download)

modules/ssl/ssl_engine_vars.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
DH SSLCertificateFile.patch | (download)

docs/manual/mod/mod_ssl.html.en | 77 58 + 19 - 0 !
docs/manual/ssl/ssl_faq.html.en | 37 36 + 1 - 0 !
modules/ssl/mod_ssl.c | 9 0 + 9 - 0 !
modules/ssl/ssl_engine_config.c | 2 0 + 2 - 0 !
modules/ssl/ssl_engine_dh.c | 626 601 + 25 - 0 !
modules/ssl/ssl_engine_init.c | 209 49 + 160 - 0 !
modules/ssl/ssl_engine_kernel.c | 129 30 + 99 - 0 !
modules/ssl/ssl_private.h | 30 7 + 23 - 0 !
modules/ssl/ssl_util_ssl.c | 4 2 + 2 - 0 !
modules/ssl/ssl_util_ssl.h | 4 2 + 2 - 0 !
10 files changed, 785 insertions(+), 342 deletions(-)

---
CVE 2015 3183.patch | (download)

modules/http/http_filters.c | 661 316 + 345 - 0 !
1 file changed, 316 insertions(+), 345 deletions(-)

 fix request smuggling via chunked transfer encoding
SSL_CTX_use_certificate_clear_errors.diff | (download)

modules/ssl/ssl_engine_init.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---