Package: apache Version: 1.3.34-2 Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The latest release notes [1] of apache 1.3.37, 2.0.59 and 2.2.3 contains a note, about an off-by-one flaw (CVE-2006-3747 [2]). [1] http://www.apache.org/dist/httpd/Announcement2.2.html [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 Please check, if the Debian package(s) is/are vulnerable. Regards, Daniel - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (850, 'unstable'), (700, 'testing'), (550, 'stable'), (110, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15.08060320 Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages apache depends on: ii apache-common 1.3.34-2 support files for all Apache webse ii debconf [debconf-2.0] 1.5.2 Debian configuration management sy ii libc6 2.3.6-16 GNU C Library: Shared libraries ii libdb4.3 4.3.29-6 Berkeley v4.3 Database Libraries [ ii libexpat1 1.95.8-3.2 XML parsing C library - runtime li ii libmagic1 4.17-2 File type determination library us ii logrotate 3.7.1-3 Log rotation utility ii lsb-base 3.1-10 Linux Standard Base 3.1 init scrip ii mime-support 3.37-1 MIME files 'mime.types' & 'mailcap ii perl 5.8.8-6 Larry Wall's Practical Extraction apache recommends no packages. - -- debconf information excluded -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEyif+dg0kG0+YFBERAiX2AJ98Pu062RB/oGwJl2203bfkT+l9FQCeONDR 2xQ6gHZYpYvpau1HDRhoZqE= =goy6 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
