apache2_2.2.22-4_i386.changes ACCEPTED into unstable
Accepted:
apache2-dbg_2.2.22-4_i386.deb
to main/a/apache2/apache2-dbg_2.2.22-4_i386.deb
apache2-doc_2.2.22-4_all.deb
to main/a/apache2/apache2-doc_2.2.22-4_all.deb
apache2-mpm-event_2.2.22-4_i386.deb
to main/a/apache2/apache2-mpm-event_2.2.22-4_i386.deb
apache2-mpm-itk_2.2.22-4_i386.deb
to main/a/apache2/apache2-mpm-itk_2.2.22-4_i386.deb
apache2-mpm-prefork_2.2.22-4_i386.deb
to main/a/apache2/apache2-mpm-prefork_2.2.22-4_i386.deb
apache2-mpm-worker_2.2.22-4_i386.deb
to main/a/apache2/apache2-mpm-worker_2.2.22-4_i386.deb
apache2-prefork-dev_2.2.22-4_i386.deb
to main/a/apache2/apache2-prefork-dev_2.2.22-4_i386.deb
apache2-suexec-custom_2.2.22-4_i386.deb
to main/a/apache2/apache2-suexec-custom_2.2.22-4_i386.deb
apache2-suexec_2.2.22-4_i386.deb
to main/a/apache2/apache2-suexec_2.2.22-4_i386.deb
apache2-threaded-dev_2.2.22-4_i386.deb
to main/a/apache2/apache2-threaded-dev_2.2.22-4_i386.deb
apache2-utils_2.2.22-4_i386.deb
to main/a/apache2/apache2-utils_2.2.22-4_i386.deb
apache2.2-bin_2.2.22-4_i386.deb
to main/a/apache2/apache2.2-bin_2.2.22-4_i386.deb
apache2.2-common_2.2.22-4_i386.deb
to main/a/apache2/apache2.2-common_2.2.22-4_i386.deb
apache2_2.2.22-4.debian.tar.gz
to main/a/apache2/apache2_2.2.22-4.debian.tar.gz
apache2_2.2.22-4.dsc
to main/a/apache2/apache2_2.2.22-4.dsc
apache2_2.2.22-4_i386.deb
to main/a/apache2/apache2_2.2.22-4_i386.deb
Changes:
apache2 (2.2.22-4) unstable; urgency=high
.
* CVE-2012-0216: Remove "Alias /doc /usr/share/doc" from the default virtual
hosts' config files.
If scripting modules like mod_php or mod_rivet are enabled on systems
where either 1) some frontend server forwards connections to an apache2
backend server on the localhost address, or 2) the machine running
apache2 is also used for web browsing, this could allow a remote
attacker to execute example scripts stored under /usr/share/doc.
Depending on the installed packages, this could lead to issues like cross
site scripting, code execution, or leakage of sensitive data.
Override entries for your package:
apache2-dbg_2.2.22-4_i386.deb - extra debug
apache2-doc_2.2.22-4_all.deb - optional doc
apache2-mpm-event_2.2.22-4_i386.deb - optional httpd
apache2-mpm-itk_2.2.22-4_i386.deb - extra httpd
apache2-mpm-prefork_2.2.22-4_i386.deb - optional httpd
apache2-mpm-worker_2.2.22-4_i386.deb - optional httpd
apache2-prefork-dev_2.2.22-4_i386.deb - extra httpd
apache2-suexec-custom_2.2.22-4_i386.deb - extra httpd
apache2-suexec_2.2.22-4_i386.deb - optional httpd
apache2-threaded-dev_2.2.22-4_i386.deb - extra httpd
apache2-utils_2.2.22-4_i386.deb - optional httpd
apache2.2-bin_2.2.22-4_i386.deb - optional httpd
apache2.2-common_2.2.22-4_i386.deb - optional httpd
apache2_2.2.22-4.dsc - source httpd
apache2_2.2.22-4_i386.deb - optional httpd
Announcing to debian-devel-changes@lists.debian.org
Thank you for your contribution to Debian.
Reply to: