Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?

To: Christian Hammers <ch@debian.org>, 322604@bugs.debian.org, control@bugs.debian.org
Subject: Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
From: Joey Hess <joeyh@debian.org>
Date: Thu, 11 Aug 2005 15:41:03 -0400
Message-id: <[🔎] 20050811194103.GA10067@kitenet.net>
Reply-to: Joey Hess <joeyh@debian.org>, 322604@bugs.debian.org
In-reply-to: <[🔎] 20050811180712.02FF53700A6@xeniac.intern>
References: <[🔎] 20050811180712.02FF53700A6@xeniac.intern>

notfound 322604 2.0.54-3
merge 307134 322604
thanks

Christian Hammers wrote:
> Hello Apache maintainers,
> 
> please check if Debian is vulnerable to CAN-2005-1344 and make sure it
> enters http://www.debian.org/security/crossreferences or the not-vulnerable
> lists.

You can find a note that this bug was fixed in the changelog for apache2
(2.0.54-3), as well as in the testing security teams's database. Bug
#307134 was previously filed for that. It might be wise to at least
check the changelog before filing grave bug reports in the future.

So this hole was not present in the stable release and thus the stable
security team will never issue a DSA for it (apache2 is not in
oldstable), and so it will never appear on the Debian website.

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Processed: Re: Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
  - From: Christian Hammers <ch@debian.org>

Prev by Date: Processed: Re: Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
Next by Date: Processed: closing 322604
Previous by thread: Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
Next by thread: Processed: Re: Bug#322604: SECURITY: Vulnerable to CAN-2005-1344?
Index(es):
- Date
- Thread