[ubuntu/disco-proposed] libapache2-mod-perl2 2.0.10-2ubuntu5 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Nov 15 16:00:17 UTC 2018
libapache2-mod-perl2 (2.0.10-2ubuntu5) disco; urgency=medium
* SECURITY UPDATE: arbitrary perl code execution via .htaccess file
- debian/patches/CVE-2011-2767.patch: only allow perl and pod sections
in server configuration and not per directory in
src/modules/perl/mod_perl.c.
- CVE-2011-2767
Date: Thu, 15 Nov 2018 08:55:38 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libapache2-mod-perl2/2.0.10-2ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 15 Nov 2018 08:55:38 -0500
Source: libapache2-mod-perl2
Binary: libapache2-mod-perl2 libapache2-mod-perl2-dev libapache2-mod-perl2-doc
Architecture: source
Version: 2.0.10-2ubuntu5
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libapache2-mod-perl2 - Integration of perl with the Apache2 web server
libapache2-mod-perl2-dev - Integration of perl with the Apache2 web server - development fil
libapache2-mod-perl2-doc - Integration of perl with the Apache2 web server - documentation
Changes:
libapache2-mod-perl2 (2.0.10-2ubuntu5) disco; urgency=medium
.
* SECURITY UPDATE: arbitrary perl code execution via .htaccess file
- debian/patches/CVE-2011-2767.patch: only allow perl and pod sections
in server configuration and not per directory in
src/modules/perl/mod_perl.c.
- CVE-2011-2767
Checksums-Sha1:
33d9152ac625ac8786bc1ec57f9947fa9a3cf93c 2771 libapache2-mod-perl2_2.0.10-2ubuntu5.dsc
af4c0c87a622c92415778c48b35a5e71cb3eda7e 28908 libapache2-mod-perl2_2.0.10-2ubuntu5.debian.tar.xz
45ef41d62b4d4d77a29172ad98d016ec35d3d2ad 8176 libapache2-mod-perl2_2.0.10-2ubuntu5_source.buildinfo
Checksums-Sha256:
6c1f0d754a411d2ff658504ce9ba11ac63d035d59f67b783774b029740b0e64b 2771 libapache2-mod-perl2_2.0.10-2ubuntu5.dsc
acfa2d765103b8721c5095a4c85298c4c9675741b867090d9b943ab46abc706f 28908 libapache2-mod-perl2_2.0.10-2ubuntu5.debian.tar.xz
2c792f9f5a34876622ecf5b8dea7c7c11f4a928c8c43e01fa5145b77dae6d15c 8176 libapache2-mod-perl2_2.0.10-2ubuntu5_source.buildinfo
Files:
dc5caecf705475f0265af94c3e3e1f7d 2771 httpd optional libapache2-mod-perl2_2.0.10-2ubuntu5.dsc
03fa1ef02aa65f13ac7595c2b0f9a425 28908 httpd optional libapache2-mod-perl2_2.0.10-2ubuntu5.debian.tar.xz
cb5441d94b2296721737edc5780f4aca 8176 httpd optional libapache2-mod-perl2_2.0.10-2ubuntu5_source.buildinfo
Original-Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlvtl8QACgkQZWnYVadE
vpORFBAAnJmsKc1oQSo7GuGjH36ksV15jWZPgGtv14+jItKrrcN+n42ZGm/KH5oN
A3ZJ1sUgmNcpHMNtpNj6oAE3ybjtRx8URoR4vXKojB/Ein3Ucs9gkrOmhViSZmg5
jZC05lzey7teyjFOmvVayOYZ9Gb07/A6XmNdR1WMQ+SdC5r2Kt6HAnZLthbqEfYr
Pmt4/T1vIXCpV4QpPXasBHczlhoLB1mfzzTccr8E6V9gqEoQVSzIRZQkhYRMjKJV
cM7gVR3ZRq5jdmWWTLyKNTan+qEySWlVa9X96DBF1A7P8geLt//Nu7+deqQQHy5m
gpqEu5SRkTGcbNY/BKcZH8k16nxIWrBI5X2HpiWnppvGO215+I3Tku3u/G4k9W5N
VpjlVESGGwxX7R0D4QXntzHx0zVDzO2uFiozfF7jkfE6qj0Q1CzoGVnFoYrvYZYv
AGFkOvkhw8Ro7VRzwXpnNvXi4DHOzn9O2s1ib4PJF1jh4sP8KrA0bPOaehBuYIGt
AVARuvIRQw5Xj2oFpgN0jRQXxhRG63COP9BZR+CJnJUCz6o8st0cwrJ1MSHloqOf
PTR44LztmKjw+10096Ae8DUz6K5NK7/X1bLkQM8eQTWoaRzd5Zebluti86ojL8pG
K9YQn168XbkEo6s0riVuDWcTqfymY3ddQB5bTa+i5EwRLYlHX08=
=mIKF
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list