[ubuntu/hardy-security] apache2 (delayed), apache2 2.2.8-1ubuntu0.15 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Mar 10 19:04:10 GMT 2010 

apache2 (2.2.8-1ubuntu0.15) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
    - debian/patches/209_CVE-2010-0408.dpatch: return the right error code
      in modules/proxy/mod_proxy_ajp.c.
    - CVE-2010-0408
  * SECURITY UPDATE: information disclosure via improper handling of
    headers in subrequests
    - debian/patches/210_CVE-2010-0434.dpatch: use a copy of r->headers_in
      in server/protocol.c.
    - CVE-2010-0434

Date: Mon, 08 Mar 2010 11:56:13 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/apache2/2.2.8-1ubuntu0.15
-------------- next part --------------
Format: 1.7
Date: Mon, 08 Mar 2010 11:56:13 -0500
Source: apache2
Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-perchild apache2-utils apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg
Architecture: source
Version: 2.2.8-1ubuntu0.15
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 apache2    - Next generation, scalable, extendable web server
 apache2-dbg - Apache debugging symbols
 apache2-doc - documentation for apache2
 apache2-mpm-event - Event driven model for Apache HTTPD
 apache2-mpm-perchild - Transitional package - please remove
 apache2-mpm-prefork - Traditional model for Apache HTTPD
 apache2-mpm-worker - High speed threaded model for Apache HTTPD
 apache2-prefork-dev - development headers for apache2
 apache2-src - Apache source code
 apache2-threaded-dev - development headers for apache2
 apache2-utils - utility programs for webservers
 apache2.2-common - Next generation, scalable, extendable web server
Changes: 
 apache2 (2.2.8-1ubuntu0.15) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
     - debian/patches/209_CVE-2010-0408.dpatch: return the right error code
       in modules/proxy/mod_proxy_ajp.c.
     - CVE-2010-0408
   * SECURITY UPDATE: information disclosure via improper handling of
     headers in subrequests
     - debian/patches/210_CVE-2010-0434.dpatch: use a copy of r->headers_in
       in server/protocol.c.
     - CVE-2010-0434
Files: 
 c73a33ddb07551037f66f941f7c09f67 1382 web optional apache2_2.2.8-1ubuntu0.15.dsc
 9ae15355b3b33bfffd57b7c387a623af 143511 web optional apache2_2.2.8-1ubuntu0.15.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>

More information about the Hardy-changes mailing list