[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#340337: CVE-2005-2970 exists in 2.0.54 too -- please fix stable branch

This problem exists in Debian's stable branch with apache2-mpm-worker 2.0.54.

It appears to have been fixed already in Ubuntu versions 4.10, 5.4, and 5.10.

From http://www.ubuntulinux.org/usn/usn-225-1

"The problem can be corrected by upgrading the affected package to
version 2.0.50-12ubuntu4.9 (for Ubuntu 4.10), 2.0.53-5ubuntu5.4 (for
Ubuntu 5.04), or 2.0.54-5ubuntu3 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes."

A remote attacker can repeatedly trigger this memory leak and exhaust all the memory. Please fix and provide an update for the stable branch. Thanks.

Reply to: