apache2 2.2.9-10+lenny12 source package in Debian
Changelog
apache2 (2.2.9-10+lenny12) lenny-security; urgency=high * Prevent unintended pattern expansion in some reverse proxy configurations by strictly validating the request-URI. Fixes CVE-2011-3368, CVE-2011-3639, CVE-2011-4317. * CVE-2011-3607: Fix integer overflow in ap_pregsub(), which allowed local privilege escalation. * CVE-2012-0031: Fix client process being able to crash parent process during shutdown. * CVE-2012-0053: Fix an issue in code 400 error responses that could expose "httpOnly" cookies. -- Stefan Fritsch <email address hidden> Sun, 05 Feb 2012 21:56:02 +0100
Upload details
- Uploaded by:
- Debian Apache Maintainers
- Uploaded to:
- Lenny
- Original maintainer:
- Debian Apache Maintainers
- Architectures:
- any
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Lenny | release | main | web |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
apache2_2.2.9-10+lenny12.dsc | 1.7 KiB | 0414eca4a7aaa05d272473045e24d98eb87427ca6dd8c0648dfc8867876e21e2 |
apache2_2.2.9.orig.tar.gz | 6.1 MiB | 74c92f9905a809fb18822f0d98e45712bb17495cefaf2b5315c2ce15840a04a2 |
apache2_2.2.9-10+lenny12.diff.gz | 157.3 KiB | 67b5d1add22e1f74704888d4852079dd681de348004695d42801b7aeee1887cd |
No changes file available.