Debian

Available patches from Ubuntu

To see Ubuntu differences wrt. to Debian, write down a grep-dctrl query identifying the packages you're interested in:
grep-dctrl -n -sPackage Sources.Debian
(e.g. -FPackage linux-ntfs or linux-ntfs)

Modified packages are listed below:

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: apache2

apache2 (2.4.41-1ubuntu1) eoan; urgency=medium * Merge with Debian unstable. Remaining changes: - debian/{control, apache2.install, apache2-utils.ufw.profile, apache2.dirs}: Add ufw profiles. - debian/apache2.py, debian/apache2-bin.install: Add apport hook. - debian/patches/086_svn_cross_compiles: Backport several cross fixes from upstream - d/index.html, d/icons/ubuntu-logo.png, d/apache2.postrm: replace Debian with Ubuntu on default page. + d/source/include-binaries: add Ubuntu icon file - d/t/control, d/t/check-http2: add basic test for http2 support * Dropped: - Cherrypick upstream testsuite fix: + r1850941 Skip tests for TLSv1.3 (where there is no "renegotiation" as such). + Similarly use TLSv1.2 for pr12355 and pr43738. [Test suite updated in 2.4.41-1] - Cherrypick upstream test suite fix for buffer. [Included in 2.4.41-1] - d/p/spelling-errors.patch: removed hunks already fixed upstream [Included in 2.4.39-1] - Dropped from Ubuntu delta now (removed from Debian since 2.4.39-1): + d/p/CVE-2019-0196.patch + d/p/CVE-2019-0211.patch + d/p/CVE-2019-0215.patch + d/p/CVE-2019-0217.patch + d/p/CVE-2019-0220-*.patch + d/p/CVE-2019-0197.patch * Added: - d/perl-framework/t/modules/allowmethods.t: disable reset test. This was re-added by mistake in 2.4.41-1 (Closes: #921024) -- Andreas Hasenack <andreas@canonical.com> Wed, 14 Aug 2019 11:36:32 -0300

Modifications :
  1. Download patch debian/tests/control

    --- 2.4.41-1/debian/tests/control 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/tests/control 2019-08-14 14:36:32.000000000 +0000 @@ -23,6 +23,10 @@ Tests: ssl-passphrase Restrictions: needs-root allow-stderr breaks-testbed Depends: apache2, curl, expect, ssl-cert +Tests: check-http2 +Restrictions: needs-root allow-stderr breaks-testbed +Depends: apache2, curl, ssl-cert, nghttp2-client + Tests: chroot Features: no-build-needed Restrictions: needs-root allow-stderr breaks-testbed
  2. Download patch debian/perl-framework/t/modules/allowmethods.t

    --- 2.4.41-1/debian/perl-framework/t/modules/allowmethods.t 2019-08-14 04:37:13.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/perl-framework/t/modules/allowmethods.t 2019-08-14 14:36:32.000000000 +0000 @@ -23,7 +23,6 @@ my @test_cases = ( [ $get, $post, 405 ], [ $head, $post, 405 ], [ $post, $post, 200 ], - [ $get, $post . '/reset', 200 ], ); plan tests => (scalar @test_cases), have_module 'allowmethods';
  3. Download patch debian/control

    --- 2.4.41-1/debian/control 2019-08-12 21:06:28.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/control 2019-08-14 14:36:32.000000000 +0000 @@ -1,5 +1,6 @@ Source: apache2 -Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Uploaders: Stefan Fritsch <sf@debian.org>, Arno Töll <arno@debian.org>, Ondřej Surý <ondrej@debian.org>, @@ -44,7 +45,8 @@ Depends: apache2-bin (= ${binary:Version Recommends: ssl-cert Suggests: apache2-doc, apache2-suexec-pristine | apache2-suexec-custom, - www-browser + www-browser, + ufw Pre-Depends: dpkg (>= 1.17.14) Breaks: libapache2-mod-proxy-uwsgi (<< 2.4.33) Conflicts: apache2.2-bin, Binary files 2.4.41-1/debian/icons/ubuntu-logo.png and 2.4.41-1ubuntu1/debian/icons/ubuntu-logo.png differ
  4. Download patch debian/apache2-bin.install

    --- 2.4.41-1/debian/apache2-bin.install 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2-bin.install 2019-08-14 14:36:32.000000000 +0000 @@ -1,2 +1,3 @@ /usr/lib/apache2/modules/ /usr/sbin/apache2 +debian/apache2.py usr/share/apport/package-hooks
  5. Download patch debian/apache2.py

    --- 2.4.41-1/debian/apache2.py 1970-01-01 00:00:00.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2.py 2019-08-14 14:36:32.000000000 +0000 @@ -0,0 +1,48 @@ +#!/usr/bin/python + +'''apport hook for apache2 + +(c) 2010 Adam Sommer. +Author: Adam Sommer <asommer@ubuntu.com> + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2 of the License, or (at your +option) any later version. See http://www.gnu.org/copyleft/gpl.html for +the full text of the license. +''' + +from apport.hookutils import * +import os + +SITES_ENABLED_DIR = '/etc/apache2/sites-enabled/' + +def add_info(report, ui): + if os.path.isdir(SITES_ENABLED_DIR): + response = ui.yesno("The contents of your " + SITES_ENABLED_DIR + " directory " + "may help developers diagnose your bug more " + "quickly. However, it may contain sensitive " + "information. Do you want to include it in your " + "bug report?") + + if response == None: # user cancelled + raise StopIteration + + elif response == True: + # Attache config files in /etc/apache2/sites-enabled and listing of files in /etc/apache2/conf.d + for conf_file in os.listdir(SITES_ENABLED_DIR): + attach_file_if_exists(report, SITES_ENABLED_DIR + conf_file, conf_file) + + try: + report['Apache2ConfdDirListing'] = str(os.listdir('/etc/apache2/conf.d')) + except OSError: + report['Apache2ConfdDirListing'] = str(False) + + # Attach default config files if changed. + attach_conffiles(report, 'apache2', conffiles=None) + + # Attach the error.log file. + attach_file(report, '/var/log/apache2/error.log', key='error.log') + + # Get loaded modules. + report['Apache2Modules'] = root_command_output(['/usr/sbin/apachectl', '-D DUMP_MODULES'])
  6. Download patch debian/apache2.dirs

    --- 2.4.41-1/debian/apache2.dirs 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2.dirs 2019-08-14 14:36:32.000000000 +0000 @@ -10,3 +10,4 @@ var/cache/apache2/mod_cache_disk var/lib/apache2 var/log/apache2 var/www/html +/etc/ufw/applications.d/apache2
  7. Download patch debian/index.html

    --- 2.4.41-1/debian/index.html 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/index.html 2019-08-14 14:36:32.000000000 +0000 @@ -1,9 +1,14 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> + <!-- + Modified from the Debian original for Ubuntu + Last updated: 2016-11-16 + See: https://launchpad.net/bugs/1288690 + --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <title>Apache2 Debian Default Page: It works</title> + <title>Apache2 Ubuntu Default Page: It works</title> <style type="text/css" media="screen"> * { margin: 0px 0px 0px 0px; @@ -188,9 +193,9 @@ <body> <div class="main_page"> <div class="page_header floating_element"> - <img src="/icons/openlogo-75.png" alt="Debian Logo" class="floating_element"/> + <img src="/icons/ubuntu-logo.png" alt="Ubuntu Logo" class="floating_element"/> <span class="floating_element"> - Apache2 Debian Default Page + Apache2 Ubuntu Default Page </span> </div> <!-- <div class="table_of_contents floating_element"> @@ -221,7 +226,9 @@ <div class="content_section_text"> <p> This is the default welcome page used to test the correct - operation of the Apache2 server after installation on Debian systems. + operation of the Apache2 server after installation on Ubuntu systems. + It is based on the equivalent page on Debian, from which the Ubuntu Apache + packaging is derived. If you can read this page, it means that the Apache HTTP server installed at this site is working properly. You should <b>replace this file</b> (located at <tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server. @@ -242,9 +249,9 @@ </div> <div class="content_section_text"> <p> - Debian's Apache2 default configuration is different from the + Ubuntu's Apache2 default configuration is different from the upstream default configuration, and split into several files optimized for - interaction with Debian tools. The configuration system is + interaction with Ubuntu tools. The configuration system is <b>fully documented in /usr/share/doc/apache2/README.Debian.gz</b>. Refer to this for the full documentation. Documentation for the web server itself can be @@ -253,7 +260,7 @@ </p> <p> - The configuration layout for an Apache2 web server installation on Debian systems is as follows: + The configuration layout for an Apache2 web server installation on Ubuntu systems is as follows: </p> <pre> /etc/apache2/ @@ -324,7 +331,7 @@ <div class="content_section_text"> <p> - By default, Debian does not allow access through the web browser to + By default, Ubuntu does not allow access through the web browser to <em>any</em> file apart of those located in <tt>/var/www</tt>, <a href="http://httpd.apache.org/docs/2.4/mod/mod_userdir.html" rel="nofollow">public_html</a> directories (when enabled) and <tt>/usr/share</tt> (for web @@ -333,7 +340,7 @@ document root directory in <tt>/etc/apache2/apache2.conf</tt>. </p> <p> - The default Debian document root is <tt>/var/www/html</tt>. You + The default Ubuntu document root is <tt>/var/www/html</tt>. You can make your own virtual hosts under /var/www. This is different to previous releases which provides better security out of the box. </p> @@ -345,9 +352,9 @@ </div> <div class="content_section_text"> <p> - Please use the <tt>reportbug</tt> tool to report bugs in the - Apache2 package with Debian. However, check <a - href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?ordering=normal;archive=0;src=apache2;repeatmerged=0" + Please use the <tt>ubuntu-bug</tt> tool to report bugs in the + Apache2 package with Ubuntu. However, check <a + href="https://bugs.launchpad.net/ubuntu/+source/apache2" rel="nofollow">existing bug reports</a> before reporting a new bug. </p> <p>
  8. Download patch debian/patches/series

    --- 2.4.41-1/debian/patches/series 2019-08-12 20:46:53.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/patches/series 2019-08-14 14:36:32.000000000 +0000 @@ -8,3 +8,6 @@ reproducible_builds.diff # This patch is applied manually #suexec-custom.patch spelling-errors.patch + +# Patches added by Ubuntu +086_svn_cross_compiles
  9. Download patch debian/apache2.install

    --- 2.4.41-1/debian/apache2.install 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2.install 2019-08-14 14:36:32.000000000 +0000 @@ -8,3 +8,4 @@ debian/config-dir/*.conf /etc/apache2 debian/config-dir/envvars /etc/apache2 debian/config-dir/magic /etc/apache2 debian/debhelper/apache2-maintscript-helper /usr/share/apache2/ +debian/apache2-utils.ufw.profile /etc/ufw/applications.d/
  10. Download patch debian/apache2.postrm

    --- 2.4.41-1/debian/apache2.postrm 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2.postrm 2019-08-14 14:36:32.000000000 +0000 @@ -33,6 +33,7 @@ is_default_index_html () { 776221a94e5a174dc2396c0f3f6b6a74 c481228d439cbb54bdcedbaec5bbb11a e2620d4a5a0f8d80dd4b16de59af981f + 3526531ccd6c6a1d2340574a305a18f8 EOF }
  11. Download patch debian/tests/check-http2

    --- 2.4.41-1/debian/tests/check-http2 1970-01-01 00:00:00.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/tests/check-http2 2019-08-14 14:36:32.000000000 +0000 @@ -0,0 +1,41 @@ +#!/bin/sh +set -uxe + +# http2 is rather new, check that it at least generally works +# Author: Christian Ehrhardt <christian.ehrhardt@canonical.com> + +a2enmod http2 +a2enmod ssl +a2ensite default-ssl +# Enable globally +echo "Protocols h2c h2 http/1.1" >> /etc/apache2/apache2.conf +service apache2 restart + +# Use curl here. wget doesn't work on Debian, even with --no-check-certificate +# wget on Debian gives me: +# GnuTLS: A TLS warning alert has been received. +# Unable to establish SSL connection. +# Presumably this is due to the self-signed certificate, but I'm not sure how +# to skip the warning with wget. curl will do for now. +echo "Hello, world!" > /var/www/html/hello.txt + +testapache () { + cmd="${1}" + result=$(${cmd}) + + if [ "$result" != "Hello, world!" ]; then + echo "Unexpected result: ${result}" >&2 + exit 1 + else + echo OK + fi +} + +# https shall not affect http +testapache "curl -s -k http://localhost/hello.txt" +# https shall not affect https +testapache "curl -s -k https://localhost/hello.txt" +#plain http2 +testapache "nghttp --no-verify-peer https://localhost/hello.txt" +#http2 upgrade +testapache "nghttp -u --no-verify-peer http://localhost/hello.txt"
  12. Download patch debian/apache2-utils.ufw.profile

    --- 2.4.41-1/debian/apache2-utils.ufw.profile 1970-01-01 00:00:00.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/apache2-utils.ufw.profile 2019-08-14 14:36:32.000000000 +0000 @@ -0,0 +1,14 @@ +[Apache] +title=Web Server +description=Apache v2 is the next generation of the omnipresent Apache web server. +ports=80/tcp + +[Apache Secure] +title=Web Server (HTTPS) +description=Apache v2 is the next generation of the omnipresent Apache web server. +ports=443/tcp + +[Apache Full] +title=Web Server (HTTP,HTTPS) +description=Apache v2 is the next generation of the omnipresent Apache web server. +ports=80,443/tcp
  13. Download patch debian/source/include-binaries

    --- 2.4.41-1/debian/source/include-binaries 2019-04-02 21:13:44.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/source/include-binaries 2019-08-14 14:36:32.000000000 +0000 @@ -17,6 +17,7 @@ debian/icons/odf6otp-20x22.png debian/icons/odf6ots-20x22.png debian/icons/odf6ott-20x22.png debian/icons/openlogo-75.png +debian/icons/ubuntu-logo.png debian/perl-framework/t/htdocs/apache/acceptpathinfo/index.shtml debian/perl-framework/t/htdocs/apache/acceptpathinfo/info.php debian/perl-framework/t/htdocs/apache/acceptpathinfo/off/index.shtml
  14. Download patch debian/patches/086_svn_cross_compiles

    --- 2.4.41-1/debian/patches/086_svn_cross_compiles 1970-01-01 00:00:00.000000000 +0000 +++ 2.4.41-1ubuntu1/debian/patches/086_svn_cross_compiles 2019-08-14 14:36:32.000000000 +0000 @@ -0,0 +1,69 @@ +Description: Pull upstream fixes for autotools for cross-compiling +Author: Adam Conrad <adconrad@ubuntu.com> +Origin: upstream, http://svn.eu.apache.org/viewvc?view=revision&revision=1328445 +Origin: upstream, http://svn.eu.apache.org/viewvc?view=revision&revision=1327907 +Origin: upstream, http://svn.eu.apache.org/viewvc?view=revision&revision=1328390 +Origin: upstream, http://svn.eu.apache.org/viewvc?view=revision&revision=1328714 +Forwarded: not-needed +Last-Update: 2019-02-03 + +Index: apache2-2.4.29/acinclude.m4 +=================================================================== +--- apache2-2.4.29.orig/acinclude.m4 2017-11-10 10:56:51.488205250 -0500 ++++ apache2-2.4.29/acinclude.m4 2017-11-10 10:56:51.484205199 -0500 +@@ -55,6 +55,8 @@ AC_DEFUN([APACHE_GEN_CONFIG_VARS],[ + APACHE_SUBST(CPPFLAGS) + APACHE_SUBST(CFLAGS) + APACHE_SUBST(CXXFLAGS) ++ APACHE_SUBST(CC_FOR_BUILD) ++ APACHE_SUBST(CFLAGS_FOR_BUILD) + APACHE_SUBST(LTFLAGS) + APACHE_SUBST(LDFLAGS) + APACHE_SUBST(LT_LDFLAGS) +@@ -697,7 +699,7 @@ int main(void) + { + return sizeof(void *) < sizeof(long); + }], [ap_cv_void_ptr_lt_long=no], [ap_cv_void_ptr_lt_long=yes], +- [ap_cv_void_ptr_lt_long=yes])]) ++ [ap_cv_void_ptr_lt_long="cross compile - not checked"])]) + + if test "$ap_cv_void_ptr_lt_long" = "yes"; then + AC_MSG_ERROR([Size of "void *" is less than size of "long"]) +Index: apache2-2.4.29/configure.in +=================================================================== +--- apache2-2.4.29.orig/configure.in 2017-11-10 10:56:51.488205250 -0500 ++++ apache2-2.4.29/configure.in 2017-11-10 10:56:51.488205250 -0500 +@@ -206,6 +206,14 @@ AC_PROG_CPP + dnl Try to get c99 support for variadic macros + ifdef([AC_PROG_CC_C99], [AC_PROG_CC_C99]) + ++dnl In case of cross compilation we set CC_FOR_BUILD to cc unless ++dnl we got already CC_FOR_BUILD from environment. ++if test "x${build_alias}" != "x${host_alias}"; then ++ if test "x${CC_FOR_BUILD}" = "x"; then ++ CC_FOR_BUILD=cc ++ fi ++fi ++ + if test "x${cache_file}" = "x/dev/null"; then + # Likewise, ensure that CC and CPP are passed through to the pcre + # configure script iff caching is disabled (the autoconf 2.5x default). +Index: apache2-2.4.29/server/Makefile.in +=================================================================== +--- apache2-2.4.29.orig/server/Makefile.in 2017-11-10 10:56:51.488205250 -0500 ++++ apache2-2.4.29/server/Makefile.in 2017-11-10 10:56:51.488205250 -0500 +@@ -24,9 +24,14 @@ TARGETS = delete-exports $(LTLIBRARY_NAM + include $(top_builddir)/build/rules.mk + include $(top_srcdir)/build/library.mk + ++ifdef CC_FOR_BUILD ++gen_test_char: gen_test_char.c ++ $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) -DCROSS_COMPILE -o $@ $< ++else + gen_test_char_OBJECTS = gen_test_char.lo + gen_test_char: $(gen_test_char_OBJECTS) + $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS) ++endif + + test_char.h: gen_test_char + ./gen_test_char > test_char.h

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: libapache2-mod-auth-mellon

libapache2-mod-auth-mellon (0.14.2-1ubuntu1) disco; urgency=medium * Build the module with --enable-diagnostics (LP: #1820279) -- Dmitrii Shcherbakov <dmitrii.shcherbakov@canonical.com> Fri, 22 Mar 2019 22:27:25 +0300

Modifications :
  1. Download patch debian/rules

    --- 0.14.2-1/debian/rules 2018-03-16 10:41:03.000000000 +0000 +++ 0.14.2-1ubuntu1/debian/rules 2019-03-22 19:27:25.000000000 +0000 @@ -7,6 +7,9 @@ export DEB_BUILD_MAINT_OPTIONS = hardeni override_dh_auto_install: +override_dh_auto_configure: + dh_auto_configure -- --enable-diagnostics + override_dh_fixperms: dh_fixperms chown www-data debian/libapache2-mod-auth-mellon/var/cache/apache2/mod_auth_mellon/

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: libapache2-mod-auth-pgsql

libapache2-mod-auth-pgsql (2.0.3-6.1ubuntu1) artful; urgency=medium * d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3) (LP: #1698758) -- Andreas Hasenack <andreas@canonical.com> Thu, 22 Jun 2017 14:34:03 -0300

Modifications :
  1. Download patch debian/patches/crypt-check-null-1698758.patch

    --- 2.0.3-6.1/debian/patches/crypt-check-null-1698758.patch 1970-01-01 00:00:00.000000000 +0000 +++ 2.0.3-6.1ubuntu1/debian/patches/crypt-check-null-1698758.patch 2017-06-22 17:34:03.000000000 +0000 @@ -0,0 +1,25 @@ +Description: check for a NULL return from crypt(3) + crypt(3) will return NULL in the case of errors, like if an + unsupported hash algorithm is used, or incorrect salt options + are passed. +Author: Andreas Hasenack <andreas@canonical.com> +Bug-Debian: https://bugs.debian.org/865553 +Bug-Ubuntu: https://launchpad.net/bugs/1698758 +Forwarded: yes (emailed Giuseppe Tanzilli <info@giuseppetanzilli.it>) +Last-Update: 2017-07-13 + +--- libapache2-mod-auth-pgsql-2.0.3.orig/mod_auth_pgsql.c ++++ libapache2-mod-auth-pgsql-2.0.3/mod_auth_pgsql.c +@@ -868,6 +868,12 @@ static authn_status check_password(reque + break; + case AUTH_PG_HASH_TYPE_CRYPT: + sent_pw = (char *) crypt(sent_pw, real_pw); ++ if (!sent_pw) { ++ apr_snprintf(pg_errstr, MAX_STRING_LEN, ++ "PG user %s: unsupported CRYPT format", user); ++ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr); ++ return AUTH_DENIED; ++ } + break; + case AUTH_PG_HASH_TYPE_BASE64: + sent_pw = auth_pg_base64(sent_pw);
  2. Download patch debian/control

    --- 2.0.3-6.1/debian/control 2013-08-10 17:22:37.000000000 +0000 +++ 2.0.3-6.1ubuntu1/debian/control 2017-06-22 17:34:03.000000000 +0000 @@ -1,5 +1,6 @@ Source: libapache2-mod-auth-pgsql -Maintainer: Marco Nenciarini <mnencia@debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Marco Nenciarini <mnencia@debian.org> Section: httpd Priority: extra Standards-Version: 3.9.4
  3. Download patch .pc/applied-patches

    --- 2.0.3-6.1/.pc/applied-patches 2017-07-13 16:20:47.047285863 +0000 +++ 2.0.3-6.1ubuntu1/.pc/applied-patches 2017-07-13 16:20:47.275292089 +0000 @@ -3,3 +3,4 @@ documentation.patch encoding.patch apache-2.4.patch fixdoublefree.patch +crypt-check-null-1698758.patch
  4. Download patch debian/patches/series

    --- 2.0.3-6.1/debian/patches/series 2015-01-17 13:04:26.000000000 +0000 +++ 2.0.3-6.1ubuntu1/debian/patches/series 2017-06-22 17:34:03.000000000 +0000 @@ -3,3 +3,4 @@ documentation.patch encoding.patch apache-2.4.patch fixdoublefree.patch +crypt-check-null-1698758.patch
  5. Download patch mod_auth_pgsql.c

    --- 2.0.3-6.1/mod_auth_pgsql.c 2017-07-13 16:20:47.000000000 +0000 +++ 2.0.3-6.1ubuntu1/mod_auth_pgsql.c 2017-07-13 16:20:47.000000000 +0000 @@ -868,6 +868,12 @@ static authn_status check_password(reque break; case AUTH_PG_HASH_TYPE_CRYPT: sent_pw = (char *) crypt(sent_pw, real_pw); + if (!sent_pw) { + apr_snprintf(pg_errstr, MAX_STRING_LEN, + "PG user %s: unsupported CRYPT format", user); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "[mod_auth_pgsql.c] - ERROR - %s", pg_errstr); + return AUTH_DENIED; + } break; case AUTH_PG_HASH_TYPE_BASE64: sent_pw = auth_pg_base64(sent_pw);
  6. Download patch .pc/crypt-check-null-1698758.patch/mod_auth_pgsql.c

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: libapache2-mod-perl2

libapache2-mod-perl2 (2.0.10-3ubuntu1) disco; urgency=low * Merge from Debian unstable. Remaining changes: - Change locales-all to locales. - Drop dwww from a recommends to a suggests to avoid pulling this into main. -- Gianfranco Costamagna <locutusofborg@debian.org> Thu, 07 Feb 2019 12:49:53 +0100

Modifications :
  1. Download patch debian/control

    --- 2.0.10-3/debian/control 2018-11-15 19:21:42.000000000 +0000 +++ 2.0.10-3ubuntu1/debian/control 2019-02-07 11:49:53.000000000 +0000 @@ -20,7 +20,7 @@ Build-Depends: perl, libperl-dev, libreadonly-perl, libwww-perl, - locales-all, + locales, netbase, rename Build-Conflicts: apache2-mpm-event @@ -69,7 +69,7 @@ Package: libapache2-mod-perl2-doc Architecture: all Section: doc Depends: ${misc:Depends} -Recommends: dwww +Suggests: dwww Description: Integration of perl with the Apache2 web server - documentation mod_perl allows the use of Perl for just about anything Apache-related, including <Perl> sections in the config

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: libapache2-mod-python

libapache2-mod-python (3.3.1-11ubuntu2) trusty; urgency=medium * d/tests/smoke: use new default Apache DocumentRoot /var/www/html. -- Robie Basak <robie.basak@ubuntu.com> Wed, 15 Jan 2014 00:30:23 +0000 libapache2-mod-python (3.3.1-11ubuntu1) saucy; urgency=low * Merge from Debian unstable. Remaining changes: none. * Drop all previous changes; adopted in Debian: - Switch to dh_python2. (LP: #788514) - FTBFS: switch configure.in to pkg-config to configure Python. This fixes discovery with multiarch Python (LP: #1098597). * d/tests/smoke: add dep8 test. -- Robie Basak <robie.basak@ubuntu.com> Mon, 08 Jul 2013 18:56:19 +0000

Modifications :
  1. Download patch debian/tests/control

    --- 3.3.1-11/debian/tests/control 1970-01-01 00:00:00.000000000 +0000 +++ 3.3.1-11ubuntu2/debian/tests/control 2014-01-15 00:30:19.000000000 +0000 @@ -0,0 +1,3 @@ +Tests: smoke +Restrictions: needs-root +Depends: libapache2-mod-python, wget, apache2
  2. Download patch debian/control

    --- 3.3.1-11/debian/control 2013-05-26 21:09:52.000000000 +0000 +++ 3.3.1-11ubuntu2/debian/control 2013-07-08 13:30:22.000000000 +0000 @@ -1,7 +1,8 @@ Source: libapache2-mod-python Section: httpd Priority: optional -Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> Uploaders: Robert S. Edmonds <edmonds@debian.org> Build-Depends: debhelper (>= 9), dh-autoreconf, python-dev (>= 2.6.6-3~), dh-apache2, apache2-dev (>> 2.4~) @@ -10,6 +11,7 @@ Vcs-Svn: svn://anonscm.debian.org/python Vcs-Browser: http://anonscm.debian.org/viewvc/python-modules/packages/libapache2-mod-python/trunk/ Homepage: http://www.modpython.org/ Standards-Version: 3.9.4 +XS-Testsuite: autopkgtest Package: libapache2-mod-python Architecture: any
  3. Download patch debian/tests/smoke

    --- 3.3.1-11/debian/tests/smoke 1970-01-01 00:00:00.000000000 +0000 +++ 3.3.1-11ubuntu2/debian/tests/smoke 2014-01-15 00:29:49.000000000 +0000 @@ -0,0 +1,23 @@ +#!/bin/sh +set -e + +cat >> /etc/apache2/apache2.conf <<EOT +<Directory /var/www/html/python/> + SetHandler mod_python + PythonHandler mod_python.publisher +</Directory> +EOT + +mkdir /var/www/html/python +cat > /var/www/html/python/hello.py <<EOT +#!/usr/bin/python + +def index(): + return "Hello, world!\n" +EOT + +a2enmod python +service apache2 reload + +output=`wget -O- http://localhost/python/hello.py 2>/dev/null` +test "$output" = "Hello, world!"
  1. apache2
  2. libapache2-mod-auth-mellon
  3. libapache2-mod-auth-pgsql
  4. libapache2-mod-perl2
  5. libapache2-mod-python