Accepted apache2 2.0.52-1ubuntu2 (source)

Martin Pitt martin.pitt at canonical.com
Thu Nov 11 16:20:02 CST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 11 Nov 2004 17:08:56 +0100
Source: apache2
Binary: apache2 apache2-prefork-dev apache2-mpm-prefork apache2-doc libapr0-dev apache2-mpm-threadpool apache2-mpm-worker libapr0 apache2-threaded-dev apache2-common apache2-mpm-perchild
Architecture: source
Version: 2.0.52-1ubuntu2
Distribution: hoary
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
Changed-By: Martin Pitt <martin.pitt at canonical.com>
Description: 
 apache2    - Next generation, scalable, extendable web server
 apache2-common - Next generation, scalable, extendable web server
 apache2-doc - Documentation for apache2
 apache2-mpm-perchild - Experimental High speed perchild threaded model for Apache2
 apache2-mpm-prefork - Traditional model for Apache2
 apache2-mpm-threadpool - Experimental High speed thread pool model for Apache2
 apache2-mpm-worker - High speed threaded model for Apache2
 apache2-prefork-dev - Development headers for apache2
 apache2-threaded-dev - Development headers for apache2
 libapr0    - The Apache Portable Runtime
 libapr0-dev - Development headers for libapr
Changes: 
 apache2 (2.0.52-1ubuntu2) hoary; urgency=low
 .
   * SECURITY UPDATE to fix remote Denial of Service
   * added patch 035_CAN-2004-0942.patch:
     - server/protocol.c - Trim trailing whitespace here, after reading a
       complete field including continuation lines. Also simplify code to remove
       whitespace between field-name and colon.
     - This fixes a denial of service (CPU consumption) via an HTTP GET request
       with a MIME header containing multiple lines with a large number of space
       characters.
   * References:
     CAN-2004-0942
     http://lists.netsys.com/pipermail/full-disclosure/2004-November/028248.html
   * Thanks to Gerardo Di Giacomo <gerardo at linux.it> for preparing this update.
Files: 
 3537c74d04a33395b1bb30ade4dc6e59 1146 net optional apache2_2.0.52-1ubuntu2.dsc
 9e7b8ca00985e18a07d9ed8ef80c6238 100159 net optional apache2_2.0.52-1ubuntu2.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBk+T+DecnbV4Fd/IRAlnJAJ9Tlmt9EikY+2oJomnHAI6t0IAc5ACfSInR
MyqO7uJzu3qQF2uFosPyx4A=
=sZPU
-----END PGP SIGNATURE-----


Accepted:
apache2_2.0.52-1ubuntu2.diff.gz
  to pool/main/a/apache2/apache2_2.0.52-1ubuntu2.diff.gz
apache2_2.0.52-1ubuntu2.dsc
  to pool/main/a/apache2/apache2_2.0.52-1ubuntu2.dsc

More information about the hoary-changes mailing list