[ubuntu/maverick-security] apr, apr (delayed) 1.4.2-3ubuntu1.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue May 24 19:03:26 UTC 2011


apr (1.4.2-3ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
    apache's mod_index
    - debian/patches/031_fnmatch_CVE-2011-0419.dpatch: rewrite
      apr_fnmatch to have a better time bounds on execution.
    - CVE-2011-0419
    - debian/patches/032_fnmatch_CVE-2011-1928.dpatch: fix possible
      DoS introduced by patch for CVE-2011-0419.
    - CVE-2011-1928

Date: Fri, 20 May 2011 14:05:32 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/apr/1.4.2-3ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Fri, 20 May 2011 14:05:32 -0700
Source: apr
Binary: libapr1 libapr1-dev libapr1-dbg
Architecture: source
Version: 1.4.2-3ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 libapr1    - The Apache Portable Runtime Library
 libapr1-dbg - The Apache Portable Runtime Library - Debugging Symbols
 libapr1-dev - The Apache Portable Runtime Library - Development Headers
Changes: 
 apr (1.4.2-3ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
     apache's mod_index
     - debian/patches/031_fnmatch_CVE-2011-0419.dpatch: rewrite
       apr_fnmatch to have a better time bounds on execution.
     - CVE-2011-0419
     - debian/patches/032_fnmatch_CVE-2011-1928.dpatch: fix possible
       DoS introduced by patch for CVE-2011-0419.
     - CVE-2011-1928
Checksums-Sha1: 
 6073f11ca693aaad097715f0e12730586bd3b6fb 2116 apr_1.4.2-3ubuntu1.1.dsc
 9b4e2bb870e632404d12590eb3be8019f1adf850 26455 apr_1.4.2-3ubuntu1.1.diff.gz
Checksums-Sha256: 
 f6d3191cfc3660cb4efc042406ddf77b569f6e7e2aec41d74b56e7e734d1830e 2116 apr_1.4.2-3ubuntu1.1.dsc
 cebf899c8e7796367f3b99e77c855ead65b13992a4513a9305cab988fb21f387 26455 apr_1.4.2-3ubuntu1.1.diff.gz
Files: 
 556691a221eeeff0805f784e2acb242e 2116 libs optional apr_1.4.2-3ubuntu1.1.dsc
 9bce06b3da3c3c1a5ec2cc3b11fc8ffa 26455 libs optional apr_1.4.2-3ubuntu1.1.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>


More information about the Maverick-changes mailing list