apache2 (2.2.9-7ubuntu3.6) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/907_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/908_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
Date: Mon, 08 Mar 2010 11:29:11 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/intrepid/+source/apache2/2.2.9-7ubuntu3.6
Format: 1.8
Date: Mon, 08 Mar 2010 11:29:11 -0500
Source: apache2
Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork
apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2
apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg
Architecture: source
Version: 2.2.9-7ubuntu3.6
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-src - Apache source code
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-common - Apache HTTP Server common files
Changes:
apache2 (2.2.9-7ubuntu3.6) intrepid-security; urgency=low
.
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/907_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/908_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
Checksums-Sha1:
8e831adf6ae2b17a05279d05735161b20e4c196c 1789 apache2_2.2.9-7ubuntu3.6.dsc
ba183584170fc9009733fe353930a9d6b7a308e0 139326
apache2_2.2.9-7ubuntu3.6.diff.gz
Checksums-Sha256:
a5ab5f892f25119d21ed4c42f0e38240bd7fac3496e279c6ea6804968f62bfb6 1789
apache2_2.2.9-7ubuntu3.6.dsc
ec3fea780861b7ed526b2512a0963e71611746c75a11e29ddc77c23c3bd4196f 139326
apache2_2.2.9-7ubuntu3.6.diff.gz
Files:
74082691bed2864c646f3a8ac3a16eb4 1789 web optional apache2_2.2.9-7ubuntu3.6.dsc
10707e14c87b5b776a073113a94c6a1b 139326 web optional
apache2_2.2.9-7ubuntu3.6.diff.gz
Original-Maintainer: Debian Apache Maintainers <[email protected]>
--
Intrepid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/intrepid-changes
