[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#533662: marked as done ("slowloris" denial-of-service vulnerability)

Your message dated Wed, 16 Sep 2009 20:34:02 +0100
with message-id <1253129642.957460.2562.nullmailer@kmos.homeip.net>
and subject line Package apache has been removed from Debian
has caused the Debian Bug report #533662,
regarding "slowloris" denial-of-service vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
533662: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533662
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
package: apache2
version: 2.2.3-4+etch6
severity: important
tags: security

hello,

this package is supposedly vulnerable to something called a
"slowloris" denial-of-service attack.  please check to see whether
this is a correct assessment.  see [1],[2] for more info.  thanks.

[1] http://ha.ckers.org/slowloris/
[2] http://www.securityfocus.com/archive/1/456339/30/0/threaded

--- End Message ---
--- Begin Message --- 
Version: 1.3.34-4.1+rm

You filled the bug http://bugs.debian.org/533662 in Debian BTS
against the package apache. I'm closing it at *unstable*, but it will
remain open for older distributions.

For more information about this package's removal, read
http://bugs.debian.org/418266. That bug might give the reasons why
this package was removed and suggestions of possible replacements.

Don't hesitate to reply to this mail if you have any question.

Thank you for your contribution to Debian.

--
Marco Rodrigues

--- End Message ---
Reply to: