Package: apache-common
Version: 1.3.26-0woody5
Severity: grave
Justification: user security hole
Tags: woody, security
According to
http://www.apache.org/dist/httpd/Announcement.html
the new apache fixes two vulnerabilities with CAN-numbers. While -492 was
fixed in a previous security upload, there is no mention of 940 neither in
the changelog, nor did I find a bug report, nor is it mentioned on
http://www.debian.org/security/nonvulns-woody
Please reassing if I submitted against the wrong package or add this CAN to
the above mentioned nonvulns-list if woody is not affected.
-- System Information
Debian Release: 3.0
Architecture: alpha
Kernel: Linux jari 2.4.26-grsec-hk04 #1 Fri Aug 6 12:23:40 CEST 2004 alpha
Locale: LANG=C, LC_CTYPE=C
Versions of packages apache-common depends on:
ii libc6.1 2.2.5-11.5 GNU C Library: Shared libraries an
ii libdb2 2:2.7.7.0-7 The Berkeley database routines (ru
ii libexpat1 1.95.2-6 XML parsing C library - runtime li
ii perl 5.6.1-8.7 Larry Wall's Practical Extraction
ii perl [perl5] 5.6.1-8.7 Larry Wall's Practical Extraction
--
Helge Kreutzmann, Dipl.-Phys. Helge.Kreutzmann@itp.uni-hannover.de
gpg signed mail preferred
64bit GNU powered http://www.itp.uni-hannover.de/~kreutzm
Help keep free software "libre": http://www.freepatents.org/
Attachment:
pgptC0FgJbomb.pgp
Description: PGP signature