Package: apache-common Version: 1.3.26-0woody5 Severity: grave Justification: user security hole Tags: woody, security According to http://www.apache.org/dist/httpd/Announcement.html the new apache fixes two vulnerabilities with CAN-numbers. While -492 was fixed in a previous security upload, there is no mention of 940 neither in the changelog, nor did I find a bug report, nor is it mentioned on http://www.debian.org/security/nonvulns-woody Please reassing if I submitted against the wrong package or add this CAN to the above mentioned nonvulns-list if woody is not affected. -- System Information Debian Release: 3.0 Architecture: alpha Kernel: Linux jari 2.4.26-grsec-hk04 #1 Fri Aug 6 12:23:40 CEST 2004 alpha Locale: LANG=C, LC_CTYPE=C Versions of packages apache-common depends on: ii libc6.1 2.2.5-11.5 GNU C Library: Shared libraries an ii libdb2 2:2.7.7.0-7 The Berkeley database routines (ru ii libexpat1 1.95.2-6 XML parsing C library - runtime li ii perl 5.6.1-8.7 Larry Wall's Practical Extraction ii perl [perl5] 5.6.1-8.7 Larry Wall's Practical Extraction -- Helge Kreutzmann, Dipl.-Phys. Helge.Kreutzmann@itp.uni-hannover.de gpg signed mail preferred 64bit GNU powered http://www.itp.uni-hannover.de/~kreutzm Help keep free software "libre": http://www.freepatents.org/
Attachment:
pgptC0FgJbomb.pgp
Description: PGP signature