libapache-mod-jk (1:1.2.30-1squeeze2) squeeze-lts; urgency=high * Team upload. * Add CVE-2014-8111.patch. (Closes: #783233) It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. - Add option to control handling of multiple adjacent slashes in mount and unmount. New default is collapsing the slashes only in unmount. Before this change, adjacent slashes were never collapsed, so most mounts and unmounts didn't match for URLs with multiple adjacent slashes. - Configuration is done via new JkOption for Apache (values "CollapseSlashesAll", "CollapseSlashesNone" or "CollapseSlashesUnmount"). -- Markus Koschany Sat, 30 May 2015 14:54:17 +0200 libapache-mod-jk (1:1.2.30-1squeeze1) stable; urgency=medium * Team upload. * Fix issue with socket(2) syscall and SOCK_CLOEXEC flag affecting upgrades from 1.2.26 to 1.2.30. (Closes: #609886). -- Miguel Landaeta Wed, 09 Feb 2011 23:07:41 -0500 libapache-mod-jk (1:1.2.30-1) unstable; urgency=low * Team upload * New upstream release * Convert patches to dep3 format. * Switch to source format 3.0. * Remove Stefan (Gybas) and Arnaud from Uploaders list. Thanks to your contribution in the past! * Add Vcs-* headers. * Add missing Depends: ${misc:Depends}. * Update Standards-Version: 3.9.0 (no changes). * Update patch for config.guess and config.sub. * Switch to tomcat6 and default-java in workers.properties. Thanks to Olivier Berger. (Closes: #590078) -- Torsten Werner Sat, 24 Jul 2010 01:04:36 +0200 libapache-mod-jk (1:1.2.28-2) unstable; urgency=low * Added debian/patches/05_config_update.dpatch which updates config.{guess|sub} in native/scripts/build/unix/ (Closes: #540392). * debian/control: Let libapache2-mod-jk suggest tomcat6 instead of tomcat5.5. * Added debian/README.source. * Updated Standards-Version to 3.8.3. -- Michael Koch Thu, 20 Aug 2009 20:04:39 +0200 libapache-mod-jk (1:1.2.28-1) unstable; urgency=low * New upstream release. - Removed debian/patches/05_bug_451494.dpatch. Applied upstream. - Removed debian/patches/06_CVE-2008-5519.dpatch. Applied upstream. * Updated Build-Depends to debhelper (>= 5) as 4 is deprecated. * Link /usr/share/common-licenses/Apache-2.0 in debian/copgyright. * Updated Standards-Version to 3.8.2. -- Michael Koch Sat, 25 Jul 2009 23:08:41 +0200 libapache-mod-jk (1:1.2.26-2.1) unstable; urgency=high * Non-maintainer upload by the security-team. * CVE-2008-5519: Fix information disclosure vulnerability when clients abort connection before sending POST body (closes: #523054). -- Stefan Fritsch Sat, 30 May 2009 15:49:20 +0200 libapache-mod-jk (1:1.2.26-2) unstable; urgency=low * Apply patch to fix JkOptions handling for virtual hosts. Thanks to Toshihiro Sasajima for the patch, Closes: #451494 * Fixed debian/copyright to mention copyright and license properly. * debian/libapache-mod-jk-doc.doc-base: Moved to section System/Administration. * Remove unused lintian override for libapache-mod-jk-doc. -- Michael Koch Wed, 02 Apr 2008 23:09:41 +0200 libapache-mod-jk (1:1.2.26-1) unstable; urgency=low * New upstream release. * Updated Standards-Version to 3.7.3. * Fixed URL in Homepage field. * Fixed typo in debian/libapache2-mod-jk.NEWS. -- Michael Koch Thu, 27 Dec 2007 13:04:55 -0100 libapache-mod-jk (1:1.2.25-2) unstable; urgency=low * debian/workers.properties: Renamed worker.loadbalancer.balanced_workers to worker.loadbalancer.balance_workers. Closes: #448062. -- Michael Koch Thu, 25 Oct 2007 21:18:33 +0200 libapache-mod-jk (1:1.2.25-1) unstable; urgency=low * New upstream release. * Don't suggest tomcat5 anymore. * Use Homepage: field in debian/control -- Michael Koch Sat, 15 Sep 2007 09:07:30 +0200 libapache-mod-jk (1:1.2.23-4) unstable; urgency=low * libapache2-mod-jk: Removed Suggests on tomcat4. * libapache-mod-jk-doc: Removed Suggests on libapache-mod-jk. -- Michael Koch Thu, 5 Jul 2007 13:44:24 +0200 libapache-mod-jk (1:1.2.23-3) unstable; urgency=low * Don't build libapache-mod-jk binary package anymore. Closes: #429125. * Removed Wolfgang from Uploaders. -- Michael Koch Sun, 24 Jun 2007 18:34:33 -0100 libapache-mod-jk (1:1.2.23-2) unstable; urgency=low * Point workers.tomcat_home to /usr/share/tomcat5 and workers.java_home to /usr/lib/jvm/java-gcj. * Generate changelog from changelog.html correctly. -- Michael Koch Sat, 09 Jun 2007 16:06:13 -0100 libapache-mod-jk (1:1.2.23-1) unstable; urgency=high * New upstream release. - Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 -- Michael Koch Sat, 2 Jun 2007 23:14:13 +0200 libapache-mod-jk (1:1.2.22-1) unstable; urgency=low * New upstream release - works when no JkWorkersFile option set (Closes: #419448). * Added debian/patches/04_no-worker-error.dpatch to make the message "Could not find worker" an error and more visible (Closes: #418887). -- Michael Koch Tue, 17 Apr 2007 08:12:38 +0200 libapache-mod-jk (1:1.2.21-1) unstable; urgency=low * New upstream release -- Michael Koch Thu, 12 Apr 2007 07:21:37 +0000 libapache-mod-jk (1:1.2.18-3) unstable; urgency=medium * debian/rules: copy source tree for native part to compile seperately for Apache 2.0 (Closes: #396224, #406636). * Added tomcat5.5 to Depends on tomcat4 | tomcat5 | tomcat5.5. * Updated Standards-Version to 3.7.2. * Added myself to Uploaders. -- Michael Koch Sat, 17 Feb 2007 17:10:27 +0100 libapache-mod-jk (1:1.2.18-2) unstable; urgency=low * debian/control (Depends): updated to apache2.2-common (closes: #391651), thanks to Philippe Marzouk. * debian/patches/03_jk-runtime-status_default_location.dpatch: added. This change the default location of JkShmFile variable (closes: #362004), thanks to Adrian Bridgett. -- Arnaud Vandyck Mon, 9 Oct 2006 15:41:47 +0200 libapache-mod-jk (1:1.2.18-1) unstable; urgency=low * New upstream * debian/watch: added * Added myself to uploaders * debian/rules: modified to revert changes in upstream structure (jk directory does not exist anymore) -- Arnaud Vandyck Wed, 2 Aug 2006 11:11:03 +0200 libapache-mod-jk (1:1.2.14.1-2) unstable; urgency=low * Fixed binary arch only build by splitting arch and indep install targets -- Wolfgang Baer Mon, 03 Oct 2005 13:25:14 +0200 libapache-mod-jk (1:1.2.14.1-1) unstable; urgency=low * New upstream release (closes: #307331) * Removed cdbs dependency - building only with debhelper * Build Apache2 package (closes: #296345) + debian/control: package libapache2-mod-jk added + debian/control: added apache2-threaded-dev build dependency * Split documentation in own package so it does not ship twice + debian/control: package libapache-mod-jk-doc added + debian/control: xsltproc dependency for building + debian/control: added conflicts/replaces with old libapache-mod-jk * Updated workers.properties * Added example httpd.conf files for Apache 1.3 and 2 * Added tomcat5 as alternative to tomcat4 to suggests * Only provide example conf files (for Apache1.3/2) which have to be installed and modified for a specific setup by the user (closes: #321203) * Added conflicts/replaces with libapache2-mod-jk2 and added NEWS.Debian * Registered documentation with doc-base * Added lintian override for changelog html file used in the manual * Updated copyright to new upstream Apache License Version 2.0 * Updated Standards-Version to 3.6.2 - no changes -- Wolfgang Baer Tue, 6 Sep 2005 14:43:49 +0200 libapache-mod-jk (1:1.2.5-2) unstable; urgency=low * Added libtool build dependency (closes: #229395) -- Stefan Gybas Fri, 30 Jan 2004 17:22:12 +0100 libapache-mod-jk (1:1.2.5-1) unstable; urgency=low * New upstream release (libapache-mod-jk was previously built by the tomcat source package) * Updated download location in copyright file * Mention in the long description that this module can talk to a remote Tomcat server so it can go into main * Updated to the new module handling in Apache 1.3.29 and support Apache, Apache-Perl and Apache-SSL -- Stefan Gybas Sat, 10 Jan 2004 17:18:52 +0100