debian_build_apache24
Build apache 2.4 on debian from scratch
MIT License
Bot releases are hidden (Show)
Published by JBlond about 3 years ago
Security fix release
However, only 2.4.49 was affected.
- SECURITY: CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
- SECURITY: CVE-2021-41524: null pointer dereference in h2 fuzzing
Published by JBlond about 3 years ago
- Removed subversion (svn) dependency
- enabled ssl in curl
- add mod_md
Published by JBlond about 3 years ago
- Update Apache to 2.4.49
Published by JBlond about 3 years ago
Release 2.4.48.1
- Add mod_proxy_http2 to the build
- Fix here is no pyhton 3.8 native on debian 10
- Update CURL Version
- Update PHP over fcgid Docs
- Update SSL recommendation
- Update OpenSSL version
Published by JBlond over 3 years ago
Release 2.4.48
- Added 1_security_mod_security.conf example
- Updated Apache to 2.4.48
Published by JBlond over 3 years ago
Release 2.4.46.3
- fix mod-security build
- downgrade to 2.4.46 since 2.4.47 was never released official
Published by JBlond over 3 years ago
- Upgrade Apache to 2.4.47
Published by JBlond over 3 years ago
2.4.46.2
- OpenSSL Security Update
Published by JBlond over 3 years ago
#2.4.46.1
- Updated OpenSSL to 1.1.1j
Published by JBlond almost 4 years ago
Update Apache Version and OpenSSL Version
Published by JBlond about 4 years ago
Update OpenSSL Version
Published by JBlond about 4 years ago
Remove old openssl config option that no longer works
Published by JBlond about 4 years ago
Updated download locations
Published by JBlond over 4 years ago
Updated builds for CentOS and OpenSuse
Published by JBlond over 4 years ago
Added mod_security
Published by JBlond over 4 years ago
2.4.43
changes
- Upgraded OpenSSL to 1.1.1f from 1.1.1e
- Upgraded nghttp2 to 1.40.0
- Upgraded pcre to 8.44
ASF changes
- mod_ssl: Fix memory leak of OCSP stapling response
- mod_proxy_http: Fix the forwarding of requests with content body when a
balancer member is unavailable; the retry on the next member was issued
with an empty body (regression introduced in 2.4.41). PR63891. - mod_http2: Fixes issue where mod_unique_id would generate non-unique request
identifier under load, see < https://github.com/icing/mod_h2/issues/195 > - mod_proxy_hcheck: Allow healthcheck expressions to use %{Content-Type}.
PR64140. - mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info".
PR64172. - mod_proxy_ajp: Add "secret" parameter to proxy workers to implement legacy
AJP13 authentication. - mpm_event: avoid possible KeepAliveTimeout off by -100 ms.
- Add a config layout for OpenWRT.
- mod_ssl: Disable client verification on ACME ALPN challenges.
- mod_ssl: use OPENSSL_init_ssl() to initialise OpenSSL on versions 1.1+.
- mod_ssl: Support use of private keys and certificates from an
OpenSSL ENGINE via PKCS#11 URIs in SSLCertificateFile/KeyFile. - mod_ssl: OCSP does not apply to proxy mode.
Published by JBlond about 5 years ago
2.4.41.2
- Fix: Denial-of-Service-Angriffe against HTTP/2
Published by JBlond about 5 years ago
2.4.41
- Some Bugfixes
- new mod_md 2.0 version
Published by JBlond over 5 years ago
Fix some typos
Published by JBlond over 5 years ago