Bug#340337: CVE-2005-2970 exists in 2.0.54 too -- please fix stable branch
This problem exists in Debian's stable branch with apache2-mpm-worker
2.0.54.
It appears to have been fixed already in Ubuntu versions 4.10, 5.4, and
5.10.
From http://www.ubuntulinux.org/usn/usn-225-1
"The problem can be corrected by upgrading the affected package to
version 2.0.50-12ubuntu4.9 (for Ubuntu 4.10), 2.0.53-5ubuntu5.4 (for
Ubuntu 5.04), or 2.0.54-5ubuntu3 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes."
A remote attacker can repeatedly trigger this memory leak and exhaust
all the memory. Please fix and provide an update for the stable
branch. Thanks.
Reply to: