Change logs for apache2 source package in Warty

  • apache2 (2.0.50-12ubuntu4.10) warty-security; urgency=low
    
    
      * SECURITY UPDATE: Remote DoS and Cross-Site Scripting vulnerability.
        - Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
          mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
        - Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
          threaded MPMs when making a non-SSL connection to an SSL-enabled port
          on a server with a custom 400 error document defined; see CVE-2005-3357
    
     -- Adam Conrad <email address hidden>  Sun,  8 Jan 2006 00:00:08 +1100
  • apache2 (2.0.50-12ubuntu4.9) warty-security; urgency=low
    
    
      * SECURITY UPDATE: Memory exhaustion denial of service in apache2-mpm-worker
        - Apply 048_worker_memleak_CAN-2005-2970 to resolves a memory leak in
          the worker MPM that can occur after aborted connections; CAN-2005-2970
    
     -- Adam Conrad <email address hidden>  Tue,  6 Dec 2005 02:17:58 +1100
  • apache2 (2.0.50-12ubuntu4) warty; urgency=low
    
    
      * Security Release. Patch from upstream for the following:
        CAN-2004-0885 - SSLCypherSuite can be bypassed during renegotiation.
    
     -- Thom May <email address hidden>  Wed, 13 Oct 2004 19:46:10 +0100