apache2 2.2.3-3.2ubuntu2.1 source package in Ubuntu
Changelog
apache2 (2.2.3-3.2ubuntu2.1) feisty-security; urgency=low
* SECURITY UPDATE: denial of service (application crash) when using
mod_proxy in threaded MPM via crafted date headers.
* debian/patches/100_CVE-2007-3847.dpatch: fix proxy_util.c to use
apr_date_parse_http() and apr_rfc822_date()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_autoindex.c
when charset not defined
* debian/patches/101_CVE-2007-4465.dpatch: fix mod_autoindex.c to properly
check for and use charset
* SECURITY UPDATE: cross-site scripting vulnerability in mod_imagemap
* debian/patches/102_CVE-2007-5000.dpatch: fix for mod_imagemap.c to use
ap_escape_html()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_status when
server-status is enabled
* debian/patches/103_CVE-2007-6388.dpatch: fix for mod_status.c to properly
setup table
* SECURITY UPDATE: cross-site scripting vulnerability in mod_proxy_balancer
* debian/patches/104_CVE-2007-6421.dpatch: fix for mod_proxy_balancer.c to
use ap_escape_html()
* SECURITY UPDATE: denial of service (application crash) in
mod_proxy_balancer when MPM is used
* debian/patches/105_CVE-2007-6422.dpatch: fix for /mod_proxy_balancer.c to
check bsel is non-NULL
* SECURITY UPDATE: cross-site scripting vulnerability in mod_proxy_ftp when
charset is not defined
* debian/patches/106_CVE-2008-0005.dpatch: fix for mod_proxy_ftp.c to define
a charset
* References
CVE-2007-3847
CVE-2007-4465
CVE-2007-5000
CVE-2007-6388
CVE-2007-6421
CVE-2007-6422
CVE-2008-0005
-- Jamie Strandboge <email address hidden> Tue, 29 Jan 2008 17:34:21 +0000
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Feisty
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache2_2.2.3.orig.tar.gz | 6.0 MiB | 1cf27b27a915ebe1f43939ea78d334a2546e0fdcf78aa0a1664ba174bcb300d2 |
| apache2_2.2.3-3.2ubuntu2.1.diff.gz | 113.2 KiB | 5122bb2252e9da21eae5d6a14c3451b9b698c6db6096152beff0d2a8d2b83935 |
| apache2_2.2.3-3.2ubuntu2.1.dsc | 1.1 KiB | 81fcb42d24d2291973c67c87898b3373a59a9f7e5cc36baf19b3959713eb671f |
Binary packages built by this source
- apache2: No summary available for apache2 in ubuntu feisty.
No description available for apache2 in ubuntu feisty.
- apache2-doc: No summary available for apache2-doc in ubuntu feisty.
No description available for apache2-doc in ubuntu feisty.
- apache2-mpm-event: No summary available for apache2-mpm-event in ubuntu feisty.
No description available for apache2-mpm-event in ubuntu feisty.
- apache2-mpm-perchild: No summary available for apache2-mpm-perchild in ubuntu feisty.
No description available for apache2-
mpm-perchild in ubuntu feisty.
- apache2-mpm-prefork: No summary available for apache2-mpm-prefork in ubuntu feisty.
No description available for apache2-mpm-prefork in ubuntu feisty.
- apache2-mpm-worker: No summary available for apache2-mpm-worker in ubuntu feisty.
No description available for apache2-mpm-worker in ubuntu feisty.
- apache2-prefork-dev: No summary available for apache2-prefork-dev in ubuntu feisty.
No description available for apache2-prefork-dev in ubuntu feisty.
- apache2-src: No summary available for apache2-src in ubuntu feisty.
No description available for apache2-src in ubuntu feisty.
- apache2-threaded-dev: No summary available for apache2-threaded-dev in ubuntu feisty.
No description available for apache2-
threaded- dev in ubuntu feisty.
- apache2-utils: No summary available for apache2-utils in ubuntu feisty.
No description available for apache2-utils in ubuntu feisty.
- apache2.2-common: No summary available for apache2.2-common in ubuntu feisty.
No description available for apache2.2-common in ubuntu feisty.
