apache2 2.2.11-2ubuntu2.5 source package in Ubuntu
Changelog
apache2 (2.2.11-2ubuntu2.5) jaunty-security; urgency=low
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/904_CVE-2009-3555.dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/905-CVE-2009-3094.dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/906-CVE-2009-3095.dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095
-- Jamie Strandboge <email address hidden> Thu, 12 Nov 2009 12:46:19 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Jaunty
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache2_2.2.11.orig.tar.gz | 6.5 MiB | 1ba74f9d864d8fbaa41604eba67e51287e7e196b3a4e844e7f3ea7b707dd4c27 |
| apache2_2.2.11-2ubuntu2.5.diff.gz | 137.7 KiB | 154782a1b6c5285d8ce54965204a3f7140c55a0a8cefd9dfd3b6b54577239f0c |
| apache2_2.2.11-2ubuntu2.5.dsc | 1.8 KiB | 5a97dfe5a56bac9ff1e36902d6340643f19fc3030fc3c9ac943256ba05a8ddc9 |
Available diffs
Binary packages built by this source
- apache2: No summary available for apache2 in ubuntu jaunty.
No description available for apache2 in ubuntu jaunty.
- apache2-doc: No summary available for apache2-doc in ubuntu jaunty.
No description available for apache2-doc in ubuntu jaunty.
- apache2-mpm-event: No summary available for apache2-mpm-event in ubuntu jaunty.
No description available for apache2-mpm-event in ubuntu jaunty.
- apache2-mpm-prefork: No summary available for apache2-mpm-prefork in ubuntu jaunty.
No description available for apache2-mpm-prefork in ubuntu jaunty.
- apache2-mpm-worker: No summary available for apache2-mpm-worker in ubuntu jaunty.
No description available for apache2-mpm-worker in ubuntu jaunty.
- apache2-prefork-dev: No summary available for apache2-prefork-dev in ubuntu jaunty.
No description available for apache2-prefork-dev in ubuntu jaunty.
- apache2-src: No summary available for apache2-src in ubuntu jaunty.
No description available for apache2-src in ubuntu jaunty.
- apache2-suexec: No summary available for apache2-suexec in ubuntu jaunty.
No description available for apache2-suexec in ubuntu jaunty.
- apache2-suexec-custom: No summary available for apache2-suexec-custom in ubuntu jaunty.
No description available for apache2-
suexec- custom in ubuntu jaunty.
- apache2-threaded-dev: No summary available for apache2-threaded-dev in ubuntu jaunty.
No description available for apache2-
threaded- dev in ubuntu jaunty.
- apache2-utils: No summary available for apache2-utils in ubuntu jaunty.
No description available for apache2-utils in ubuntu jaunty.
- apache2.2-common: No summary available for apache2.2-common in ubuntu jaunty.
No description available for apache2.2-common in ubuntu jaunty.
