[ubuntu/natty-security] apr, apr (delayed) 1.4.2-7ubuntu2.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue May 24 19:03:19 UTC 2011 

apr (1.4.2-7ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
    apache's mod_index
    - debian/patches/029_fnmatch_CVE-2011-0419.dpatch: rewrite
      apr_fnmatch to have a better time bounds on execution.
    - CVE-2011-0419
    - debian/patches/030_fnmatch_CVE-2011-1928.dpatch: fix possible
      DoS introduced by patch for CVE-2011-0419.
    - CVE-2011-1928

Date: Thu, 19 May 2011 17:28:01 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/apr/1.4.2-7ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Thu, 19 May 2011 17:28:01 -0700
Source: apr
Binary: libapr1 libapr1-dev libapr1-dbg
Architecture: source
Version: 1.4.2-7ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 libapr1    - The Apache Portable Runtime Library
 libapr1-dbg - The Apache Portable Runtime Library - Debugging Symbols
 libapr1-dev - The Apache Portable Runtime Library - Development Headers
Changes: 
 apr (1.4.2-7ubuntu2.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
     apache's mod_index
     - debian/patches/029_fnmatch_CVE-2011-0419.dpatch: rewrite
       apr_fnmatch to have a better time bounds on execution.
     - CVE-2011-0419
     - debian/patches/030_fnmatch_CVE-2011-1928.dpatch: fix possible
       DoS introduced by patch for CVE-2011-0419.
     - CVE-2011-1928
Checksums-Sha1: 
 a595fdfa7dff47d221b38f43c85cdca196060967 2123 apr_1.4.2-7ubuntu2.1.dsc
 b3ae4f1c2b377bbcbaa0ddad40148007d04aef0f 27467 apr_1.4.2-7ubuntu2.1.diff.gz
Checksums-Sha256: 
 8f26d0a4bda46f05ddc9cc3ffcd44123488d05d8b06e626d5c268eb5d2cf0b1a 2123 apr_1.4.2-7ubuntu2.1.dsc
 e9d064c83034b7e59d3593751eed0dc8881ce1c1be0f0b2a04227dcb90171762 27467 apr_1.4.2-7ubuntu2.1.diff.gz
Files: 
 8895c11aa905c59ba295869bab976382 2123 libs optional apr_1.4.2-7ubuntu2.1.dsc
 68dde8ef6cea950abdd4d224ce36d434 27467 libs optional apr_1.4.2-7ubuntu2.1.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>

More information about the Natty-changes mailing list