Ubuntu

“apache2” 2.2.20-1ubuntu1.3 source package in The Oneiric Ocelot

Publishing history

2.2.20-1ubuntu1.3
SUPERSEDED: Oneiric pocket Updates in component main and section httpd
  • Removed from disk on 2013-03-19.
  • Removal requested on 2013-03-19.
  • Superseded on 2013-03-18 by apache2 - 2.2.20-1ubuntu1.4
  • Published on 2012-11-08
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
2.2.20-1ubuntu1.3
SUPERSEDED: Oneiric pocket Security in component main and section httpd
  • Removed from disk on 2013-03-19.
  • Removal requested on 2013-03-19.
  • Superseded on 2013-03-18 by apache2 - 2.2.20-1ubuntu1.4
  • Published on 2012-11-08
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

apache2 (2.2.20-1ubuntu1.3) oneiric-security; urgency=low

  * SECURITY UPDATE: XSS vulnerability in mod_negotiation
    - debian/patches/220_CVE-2012-2687.dpatch: escape filenames in
      modules/mappers/mod_negotiation.c.
    - CVE-2012-2687
  * SECURITY UPDATE: CRIME attack ssl attack (LP: #1068854)
    - debian/patches/221_CVE-2012-4929.dpatch: backport SSLCompression
      on|off directive. Defaults to off as enabling compression enables the
      CRIME attack.
    - CVE-2012-4929
 -- Marc Deslauriers <email address hidden>   Tue, 06 Nov 2012 14:32:40 -0500