diff options
| author | Stefan Fritsch <sf@debian.org> | 2010-03-07 22:18:20 +0000 |
|---|---|---|
| committer | Stefan Fritsch <sf@sfritsch.de> | 2012-01-02 10:37:08 +0100 |
| commit | cb553da8d47c59a8bcf4614bb5c581855ef6c6ee (patch) | |
| tree | 0d052122878872b982049255baf0da70421af8a1 | |
| parent | 9758b8d214623ba0229b0065993384e9426931cd (diff) | |
| download | apache2-cb553da8d47c59a8bcf4614bb5c581855ef6c6ee.tar.gz | |
Add NEWS entry and rearrange changelog
git-svn-id: svn+ssh://svn.debian.org/svn/pkg-apache/trunk/apache2@1163 01b336ce-410b-0410-9a02-a0e7f243c266
| -rw-r--r-- | debian/NEWS | 11 | ||||
| -rw-r--r-- | debian/changelog | 8 |
2 files changed, 15 insertions, 4 deletions
diff --git a/debian/NEWS b/debian/NEWS index 2c3d806b..4f7fc377 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,3 +1,14 @@ +apache2 (2.2.15-1) unstable; urgency=low + + * This release adds and enables mod_reqtimeout, which limits the time + Apache waits for a client to send a complete request. This helps to + mitigate against certain denial of service attacks. In case of problems + with slow clients, the timeout values can be adjusted in + /etc/apache2/mods-available/reqtimeout.conf , or the module can be + disabled with "a2dismod reqtimeout". + + -- Stefan Fritsch <sf@debian.org> Sun, 07 Mar 2010 23:09:30 +0100 + apache2 (2.2.14-6) unstable; urgency=low * Apache now uses the environment variables APACHE_RUN_DIR, APACHE_LOCK_DIR, diff --git a/debian/changelog b/debian/changelog index 51060d82..cc6b9b7f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,14 +6,14 @@ apache2 (2.2.15-1) UNRELEASED; urgency=low prefix injection attack. - CVE-2010-0434: mod_headers: Fix potential information leak with threaded MPMs. - - mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure - renegotiation with clients which do not yet support the secure - renegotiation protocol. As this requires openssl 0.9.8m, bump - build dependency accordingly. - mod_reqtimeout: New module limiting the time waiting for receiving a request from the client. This is a (partial) mitigation against slowloris-type resource exhaustion attacks. The module is enabled by default. Closes: #533661 + - mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure + renegotiation with clients which do not yet support the secure + renegotiation protocol. As this requires openssl 0.9.8m, bump + build dependency accordingly. * Fix bash completion for a2ensite if the site name contains 'conf' or 'load'. Closes: #572232 * Do a configcheck in the init script before doing a non-graceful restart. |