-
Committer:
Bazaar Package Importer
-
Author(s):
Stefan Fritsch
-
Date:
2009-11-07 14:37:37 UTC
-
mto:
(52.1.1 lucid)
(14.3.11 sid)
-
mto:
This revision was merged to the branch mainline in
revision
52.
-
Revision ID:
james.westby@ubuntu.com-20091107143737-wmnc9x1z6k5x0b7f
Tags: 2.2.14-2
* Security:
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://'. Closes: #442266
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian