apache2 2.2.12-1ubuntu2.1 source package in Ubuntu

Changelog

apache2 (2.2.12-1ubuntu2.1) karmic-security; urgency=low

  * SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
    Partial fix for CVE-2009-3555. Configurations requiring renegotiation
    of per-directory/location access controls are still affected until
    OpenSSL is updated.
    - debian/patches/900_CVE-2009-3555.dpatch: disable all client
      renegotiations
    - CVE-2009-3555
  * SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
    - debian/patches/901-CVE-2009-3094.dpatch: fix NULL pointer dereference
      in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
      in EPSV response parser
    - CVE-2009-3094
  * SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
    configured as a reverse proxy
    - debian/patches/902-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
      in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
      special characters.
    - CVE-2009-3095
 -- Jamie Strandboge <email address hidden>   Thu, 12 Nov 2009 12:12:56 -0600

Upload details

Uploaded by:
Jamie Strandboge on 2009-11-12
Uploaded to:
Karmic
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
httpd
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
apache2_2.2.12.orig.tar.gz 6.4 MiB 7f455ebb3ae13401e6e96b1caf9bf252292507371c75f1add96bb6349eef437f
apache2_2.2.12-1ubuntu2.1.diff.gz 180.9 KiB d6311328aac663d4ec1a307d578a7bdc95e8d67a69bbc7aad5d8e5509c8f3926
apache2_2.2.12-1ubuntu2.1.dsc 1.8 KiB 7b25b897c977d3d3449fb5bf567dbe4d51accb0ab7738be42e321d5d291676f2

View changes file

Binary packages built by this source

apache2: No summary available for apache2 in ubuntu karmic.

No description available for apache2 in ubuntu karmic.

apache2-doc: No summary available for apache2-doc in ubuntu karmic.

No description available for apache2-doc in ubuntu karmic.

apache2-mpm-event: No summary available for apache2-mpm-event in ubuntu karmic.

No description available for apache2-mpm-event in ubuntu karmic.

apache2-mpm-itk: No summary available for apache2-mpm-itk in ubuntu karmic.

No description available for apache2-mpm-itk in ubuntu karmic.

apache2-mpm-prefork: No summary available for apache2-mpm-prefork in ubuntu karmic.

No description available for apache2-mpm-prefork in ubuntu karmic.

apache2-mpm-worker: No summary available for apache2-mpm-worker in ubuntu karmic.

No description available for apache2-mpm-worker in ubuntu karmic.

apache2-prefork-dev: No summary available for apache2-prefork-dev in ubuntu karmic.

No description available for apache2-prefork-dev in ubuntu karmic.

apache2-suexec: No summary available for apache2-suexec in ubuntu karmic.

No description available for apache2-suexec in ubuntu karmic.

apache2-suexec-custom: No summary available for apache2-suexec-custom in ubuntu karmic.

No description available for apache2-suexec-custom in ubuntu karmic.

apache2-threaded-dev: No summary available for apache2-threaded-dev in ubuntu karmic.

No description available for apache2-threaded-dev in ubuntu karmic.

apache2-utils: No summary available for apache2-utils in ubuntu karmic.

No description available for apache2-utils in ubuntu karmic.

apache2.2-bin: No summary available for apache2.2-bin in ubuntu karmic.

No description available for apache2.2-bin in ubuntu karmic.

apache2.2-common: No summary available for apache2.2-common in ubuntu karmic.

No description available for apache2.2-common in ubuntu karmic.