Apache 2.4.59 missing for Debian 11 (bullseye, oldstable)

oerdnj / deb.sury.org

Public bugreports for anything ppa:ondrej/*

800 stars 26 forks source link

Apache 2.4.59 missing for Debian 11 (bullseye, oldstable) #2134

Closed fretb closed 4 days ago

fretb commented 1 month ago

Frequently asked questions

[X] I have read Frequently Asked Questions
[X] I have looked at the list of the existing issues (including closed issues) and searched if my issue has been already reported
[X] I have tried to resolve the issue myself and will describe what I did in clear and concise manner

Describe the bug Apache 2.4.59 contains a patch that mitigates the http/2 continuation flood vulnerabilities. The package is built and available for both Debian 10 and 12 (https://packages.sury.org/apache2/pool/main/a/apache2/), but not for Debian 11.

Is this intended?

Thank you for your efforts!

oerdnj commented 4 days ago

Hmm, I don't know what went wrong because the packages were built without any problems, but then they didn't get installed into the repository. I've issued the rebuild just now.

fretb commented 4 days ago

Thank you for your hard work!

fretb commented 4 days ago

@oerdnj any ETA on the release on the repository? Not meaning to put pressure, but on the repository it's still the same situation unfortunately, so their might still be an issue?

If this just takes a longer time, ignore this comment please.

oerdnj commented 4 days ago

It should not take so long. I'll check what's going on.

oerdnj commented 3 days ago

Found it - it was copy&paste error in the repository configuration files - I’ve wrote a script to generate the configurations instead, and the new packages are building now.

oerdnj commented 3 days ago

Thanks for pursuing this