[ubuntu/karmic-security] apache2 (delayed), apache2 2.2.12-1ubuntu2.2 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Mar 10 19:03:30 GMT 2010
apache2 (2.2.12-1ubuntu2.2) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/903_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/904_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
Date: Mon, 08 Mar 2010 10:25:00 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/apache2/2.2.12-1ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Mon, 08 Mar 2010 10:25:00 -0500
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source
Version: 2.2.12-1ubuntu2.2
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Changes:
apache2 (2.2.12-1ubuntu2.2) karmic-security; urgency=low
.
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/903_CVE-2010-0408.dpatch: return the right error code
in modules/proxy/mod_proxy_ajp.c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/904_CVE-2010-0434.dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434
Checksums-Sha1:
ba1e516cd7f68c2659e3e3fe767adb4e6d301fd2 1889 apache2_2.2.12-1ubuntu2.2.dsc
596c9bf3a68f072f3ce9918f22ca6da862485937 185966 apache2_2.2.12-1ubuntu2.2.diff.gz
Checksums-Sha256:
625bf3f0ab53f1a9d32d996bd73b7b192670d8d6c7d3c3766593f2b16f8781f4 1889 apache2_2.2.12-1ubuntu2.2.dsc
6d2c17ec36133fdafdd43325093d7cf31bafc01172591c6fca2b1a4bb74b1be7 185966 apache2_2.2.12-1ubuntu2.2.diff.gz
Files:
f259c015de981d3f9e6ba6652e89ef53 1889 httpd optional apache2_2.2.12-1ubuntu2.2.dsc
1fd1b39b8acae8efd95cfba73035ef5d 185966 httpd optional apache2_2.2.12-1ubuntu2.2.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
More information about the Karmic-changes
mailing list