[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[OSRM] please review apache2 2.0.54-5sarge2

Hi,

please review apache2 2.0.54-5sarge2 for the next sarge point release:


apache2 (2.0.54-5sarge2) stable; urgency=low

  * Fix some less critical security issues:
  * Denial of service for threaded MPMs:
    - CVE-2005-2970: mpm_worker memory leak
    - CVE-2005-3357: mod_ssl with custom errorpage
    - CVE-2007-1863: mod_cache
  * Cross site scripting:
    - CVE-2005-3352: mod_imap
    - CVE-2006-3918: via Expect header
    - CVE-2006-5752: mod_status
  * Add check for scoreboard PID protection (CVE-2007-3304)

 -- Stefan Fritsch <sf@debian.org>  Mon, 16 Jul 2007 23:12:36 +0200

The debdiff is at:

http://www.sfritsch.de/~stf/apache2-sarge.diff

Cheers,
Stefan

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: