Format: 1.8 Date: Tue, 14 Feb 2012 10:02:26 -0500 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg Architecture: powerpc Version: 2.2.17-1ubuntu1.5 Distribution: natty Urgency: low Maintainer: Ubuntu/powerpc Build Daemon Changed-By: Marc Deslauriers Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-itk - multiuser MPM for Apache 2.2 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Launchpad-Bugs-Fixed: 811422 Changes: apache2 (2.2.17-1ubuntu1.5) natty-security; urgency=low . * SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf directive (LP: #811422) - debian/patches/215_CVE-2011-3607.dpatch: validate length in server/util.c. - CVE-2011-3607 * SECURITY UPDATE: another mod_proxy reverse proxy exposure - debian/patches/216_CVE-2011-4317.dpatch: validate additional URIs in modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c, server/protocol.c. - CVE-2011-4317 * SECURITY UPDATE: denial of service via invalid cookie - debian/patches/217_CVE-2012-0021.dpatch: check name and value in modules/loggers/mod_log_config.c. - CVE-2012-0021 * SECURITY UPDATE: denial of service and possible code execution via type field modification within a scoreboard shared memory segment - debian/patches/218_CVE-2012-0031.dpatch: check type field in server/scoreboard.c. - CVE-2012-0031 * SECURITY UPDATE: cookie disclosure via Bad Request errors - debian/patches/219_CVE-2012-0053.dpatch: check lengths in server/protocol.c. - CVE-2012-0053 Checksums-Sha1: 0868541ee0b3d1c32beb292246789ff162f076e4 220508 apache2.2-common_2.2.17-1ubuntu1.5_powerpc.deb 0084c31687452035cdc153c8808aee6a1d22e4ca 2829298 apache2.2-bin_2.2.17-1ubuntu1.5_powerpc.deb 153d79f9dc903ebaadeba8ad9efce90bd6f069f5 2320 apache2-mpm-worker_2.2.17-1ubuntu1.5_powerpc.deb 84e9c1ff43a38d32cda8ffd1ff98547bbb726766 2384 apache2-mpm-prefork_2.2.17-1ubuntu1.5_powerpc.deb efc2f31f8c7ec707ab6e938a38b27daef0518abf 2352 apache2-mpm-event_2.2.17-1ubuntu1.5_powerpc.deb 6256b376391712d2c259ab765815476bbd67a6ff 2378 apache2-mpm-itk_2.2.17-1ubuntu1.5_powerpc.deb 8f0e4217b5ff221ff7916bc2496314c7269b0ed2 89084 apache2-utils_2.2.17-1ubuntu1.5_powerpc.deb 72b2f256b19549b2295b973ba2a11173b9a9cd72 20686 apache2-suexec_2.2.17-1ubuntu1.5_powerpc.deb 6030aa16d8c764957b25eda0eaeb60a06e100390 22362 apache2-suexec-custom_2.2.17-1ubuntu1.5_powerpc.deb d1366f6cd191197a07f3d1127876d59e4776cde1 1490 apache2_2.2.17-1ubuntu1.5_powerpc.deb 89f6f5139346ac6cad861a836a072326bcc8089a 136496 apache2-prefork-dev_2.2.17-1ubuntu1.5_powerpc.deb 1bb587ceef4c21179fb2b4f3850820639ed1c364 137530 apache2-threaded-dev_2.2.17-1ubuntu1.5_powerpc.deb Checksums-Sha256: 51ae527c07782b636c29bf16bc4b8ec3692b584eae61fedc1914fddfd0fe190e 220508 apache2.2-common_2.2.17-1ubuntu1.5_powerpc.deb c6052c1614c71784e705a2101296178ee93400090824223b0847b9d0898d6a08 2829298 apache2.2-bin_2.2.17-1ubuntu1.5_powerpc.deb e7c7836451149e5a2841e802e94735bb1e7558aaa8c280cade86ee3959d79bed 2320 apache2-mpm-worker_2.2.17-1ubuntu1.5_powerpc.deb c6ddab47579a16981c500c2fe9c5ea3b7d82627222bea14788178047ab42ff6b 2384 apache2-mpm-prefork_2.2.17-1ubuntu1.5_powerpc.deb bf2b40d79a2100f758bc2168d7c79ce7556d1be02879188e501f1129b04a4c22 2352 apache2-mpm-event_2.2.17-1ubuntu1.5_powerpc.deb 12fc8e5f8d6eecc35456c50a28f50b09c9acac827057a411835748e87d0707ec 2378 apache2-mpm-itk_2.2.17-1ubuntu1.5_powerpc.deb 1d7267bbfb5b5ab0f5174f6b8231bb3cdcb502e5a6f6a0b5690aa02f243828f2 89084 apache2-utils_2.2.17-1ubuntu1.5_powerpc.deb 2c5b28a2730d19f9a904d419d99c90314ed17153219d81e0ea396b2eebc1788c 20686 apache2-suexec_2.2.17-1ubuntu1.5_powerpc.deb e721ed23d6a9d6df01916d0296e17c55f319c2efe375d8bc3951cfff4d1dc238 22362 apache2-suexec-custom_2.2.17-1ubuntu1.5_powerpc.deb 88e18a80ad9b00cee6e124a9c5cdc48dfb6b276ca21a1d51e009173113e396e5 1490 apache2_2.2.17-1ubuntu1.5_powerpc.deb c5da72d7467eb0944500ab40bd029eed829406f1d3358e926b0d2ed7148a6bdc 136496 apache2-prefork-dev_2.2.17-1ubuntu1.5_powerpc.deb 9428efd43f418525d4bef43b4dc89bb3bd680efc4a415961ca5b46ea360a9168 137530 apache2-threaded-dev_2.2.17-1ubuntu1.5_powerpc.deb Files: 69c74d20c41dd9523883242ef9244665 220508 httpd optional apache2.2-common_2.2.17-1ubuntu1.5_powerpc.deb fb12bfcd0ed3b7a43ac9ad509496fbfd 2829298 httpd optional apache2.2-bin_2.2.17-1ubuntu1.5_powerpc.deb d2f409343d0b7158767e90a1b6211006 2320 httpd optional apache2-mpm-worker_2.2.17-1ubuntu1.5_powerpc.deb 0003ec5d7a43ed572f0c0544025fcacf 2384 httpd optional apache2-mpm-prefork_2.2.17-1ubuntu1.5_powerpc.deb 8b3ada71ca773b173b865f3a1dbce66e 2352 httpd optional apache2-mpm-event_2.2.17-1ubuntu1.5_powerpc.deb 3aa6588c250ba94c9b6a6b2e1c53c1c8 2378 httpd extra apache2-mpm-itk_2.2.17-1ubuntu1.5_powerpc.deb 0bb06d5ea5f9e6893ccd0966fb2444ea 89084 httpd optional apache2-utils_2.2.17-1ubuntu1.5_powerpc.deb 6207e90b9b121c6c907dd652add94512 20686 httpd optional apache2-suexec_2.2.17-1ubuntu1.5_powerpc.deb 82ac18915e9889efcf1c86c9650ee5a0 22362 httpd extra apache2-suexec-custom_2.2.17-1ubuntu1.5_powerpc.deb 34ec0898287fc48e01ca3cfde6fa768d 1490 httpd optional apache2_2.2.17-1ubuntu1.5_powerpc.deb 030ef6eedf991e9bdeeeeb1d5b6ea7aa 136496 httpd extra apache2-prefork-dev_2.2.17-1ubuntu1.5_powerpc.deb e8f84e49d9d8251023d634066c0d6c48 137530 httpd extra apache2-threaded-dev_2.2.17-1ubuntu1.5_powerpc.deb Original-Maintainer: Debian Apache Maintainers Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2 Original-Vcs-Svn: svn://svn.debian.org/pkg-apache/trunk/apache2