[ubuntu/dapper-security] apache2 (delayed), apache2 2.0.55-4ubuntu2.13 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue May 24 19:04:01 UTC 2011
apache2 (2.0.55-4ubuntu2.13) dapper-security; urgency=low
* SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
apache's mod_index
- debian/patches/122_fnmatch_CVE-2011-0419.patch: rewrite
apr_fnmatch to have a better time bounds on execution.
- CVE-2011-0419
- debian/patches/123_fnmatch_CVE-2011-1928.patch: fix possible
DoS introduced by patch for CVE-2011-0419.
- CVE-2011-1928
Date: Sun, 22 May 2011 21:17:32 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
https://launchpad.net/ubuntu/dapper/+source/apache2/2.0.55-4ubuntu2.13
-------------- next part --------------
Format: 1.7
Date: Sun, 22 May 2011 21:17:32 -0700
Source: apache2
Binary: apache2-utils apache2 apache2-prefork-dev apache2-mpm-prefork apache2-doc libapr0-dev apache2-mpm-worker libapr0 apache2-threaded-dev apache2-common apache2-mpm-perchild
Architecture: source
Version: 2.0.55-4ubuntu2.13
Distribution: dapper-security
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
apache2 - next generation, scalable, extendable web server
apache2-common - next generation, scalable, extendable web server
apache2-doc - documentation for apache2
apache2-mpm-perchild - experimental high speed perchild threaded model for Apache2
apache2-mpm-prefork - traditional model for Apache2
apache2-mpm-worker - high speed threaded model for Apache2
apache2-prefork-dev - development headers for apache2
apache2-threaded-dev - development headers for apache2
apache2-utils - utility programs for webservers
libapr0 - the Apache Portable Runtime
libapr0-dev - development headers for libapr
Changes:
apache2 (2.0.55-4ubuntu2.13) dapper-security; urgency=low
.
* SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
apache's mod_index
- debian/patches/122_fnmatch_CVE-2011-0419.patch: rewrite
apr_fnmatch to have a better time bounds on execution.
- CVE-2011-0419
- debian/patches/123_fnmatch_CVE-2011-1928.patch: fix possible
DoS introduced by patch for CVE-2011-0419.
- CVE-2011-1928
Files:
c83b6a6795065c007da7a1764347bf3d 1823 net optional apache2_2.0.55-4ubuntu2.13.dsc
e1bed19dc3827f4e375d1fbb87693cbf 141485 net optional apache2_2.0.55-4ubuntu2.13.diff.gz
More information about the dapper-changes
mailing list