Bug#176077: apache-ssl: uninstallable && SECURITY
Package: apache-ssl
Version: 1.3.26.1+1.48-2
Severity: critical
uninstallable
3) Dangerous bug. Makes the package in question unusable by anyone or
mostly so, or causes data loss, or introduces a security hole allowing
access to the accounts of users who use the package.
depends on old version of apache-common, where current available
aapache-common version is 1.3.27-0.1.
SECURITY
4) Critical bug. Makes unrelated software on the system (or the whole
system) break, or causes serious data loss, or introduces a security
hole on systems where you install the package.
still has the bugs fixed by apache and apache-common NMU version
1.3.27-0.1. (See changelogs there for details, if needed.)
The fix for both bugs is the same, to apply the NMU here as well, so
single bug report filed. This is multiple days old, but nothing has
come through yet. Why was this not NMU'd as well I wonder?
-- System Information
Debian Release: post-3.0(+)
Kernel Version: Linux phoenix 2.4.19 #1 Tue Sep 17 20:34:42 UTC 2002 i586 unknown unknown GNU/Linux
Versions of the packages apache-ssl depends on:
ii apache-common 1.3.26-1.1 Support files for all Apache webservers
ii dpkg 1.10.9 Package maintenance system for Debian
ii libc6 2.3.1-9 GNU C Library: Shared libraries and Timezone
ii libdb2 2.7.7.0-8 The Berkeley database routines (run-time fil
ii libexpat1 1.95.5-1 XML parsing C library - runtime library
ii libssl0.9.6 0.9.6g-10 SSL shared libraries
ii logrotate 3.6.5-2 Log rotation utility
ii mime-support 3.20-1 MIME files 'mime.types' & 'mailcap', and sup
ii openssl 0.9.6g-10 Secure Socket Layer (SSL) binary and related
ii perl 5.8.0-14 Larry Wall's Practical Extraction and Report
ii perl 5.8.0-14 Larry Wall's Practical Extraction and Report
^^^ (Provides virtual package perl5)
Reply to: