Accepted apache2 2.2.3-4+etch11 (source all i386)

To: debian-changes@lists.debian.org
Subject: Accepted apache2 2.2.3-4+etch11 (source all i386)
From: Stefan Fritsch <sf@debian.org>
Date: Sat, 05 Dec 2009 22:03:41 +0000
Message-id: <[🔎] E1NH2j7-0008Q8-Bc@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 13 Nov 2009 16:06:22 +0100
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src apache2-threaded-dev apache2-mpm-perchild
Architecture: source all i386
Version: 2.2.3-4+etch11
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 apache2    - Next generation, scalable, extendable web server
 apache2-doc - documentation for apache2
 apache2-mpm-event - Event driven model for Apache HTTPD 2.1
 apache2-mpm-perchild - Transitional package - please remove
 apache2-mpm-prefork - Traditional model for Apache HTTPD 2.1
 apache2-mpm-worker - High speed threaded model for Apache HTTPD 2.1
 apache2-prefork-dev - development headers for apache2
 apache2-src - Apache source code
 apache2-threaded-dev - development headers for apache2
 apache2-utils - utility programs for webservers
 apache2.2-common - Next generation, scalable, extendable web server
Changes: 
 apache2 (2.2.3-4+etch11) oldstable-security; urgency=high
 .
   * Security:
     - Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
       for the TLS renegotiation prefix injection attack (CVE-2009-3555).
       Any configuration which requires renegotiation for per-directory/location
       access control or uses "SSLVerifyClient optional" is still vulnerable.
     - Fix DoS by malicious ftp server (CVE-2009-3094)
     - Fix missing input sanitization: a user could execute arbitrary ftp
       commands on the backend ftp server (CVE-2009-3095)
Files: 
 dff8f31d88ede35bb87f92743d2db202 1071 web optional apache2_2.2.3-4+etch11.dsc
 c9b197b2a4bade4e92f3c65b88eea614 124890 web optional apache2_2.2.3-4+etch11.diff.gz
 f2755fd250837dd878a24ffc8527855d 963818 web optional apache2.2-common_2.2.3-4+etch11_i386.deb
 fc0b075a77853494886719b1bf4d7092 425034 web optional apache2-mpm-worker_2.2.3-4+etch11_i386.deb
 d2758678dc6dcfb2298a5e69dbd199d0 421206 web optional apache2-mpm-prefork_2.2.3-4+etch11_i386.deb
 5df035120241567d62ba4154a7ade25f 425510 web optional apache2-mpm-event_2.2.3-4+etch11_i386.deb
 435638e472ccb187c7713f96840cf156 343876 web optional apache2-utils_2.2.3-4+etch11_i386.deb
 04bafa059e90c14851f290c02fc7a29e 409776 devel optional apache2-prefork-dev_2.2.3-4+etch11_i386.deb
 833b5256083de5f76d83354f63916af2 410518 devel optional apache2-threaded-dev_2.2.3-4+etch11_i386.deb
 8ff0ac120a46e235a9253df6be09e4d5 275872 web optional apache2-mpm-perchild_2.2.3-4+etch11_all.deb
 27661a99c55641d534a5ffe4ea828c4b 41626 web optional apache2_2.2.3-4+etch11_all.deb
 357f2daba8360eaf00b0157326c4d258 2247064 doc optional apache2-doc_2.2.3-4+etch11_all.deb
 043a6a14dc48aae5fa8101715f4ddf81 6668542 devel extra apache2-src_2.2.3-4+etch11_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFK/XrEbxelr8HyTqQRAi2fAJwKh8zzGKExzC1iNFEaqZooq4LzNgCgwLux
6qvR0Pmy6XOETsSfXwOhL0k=
=S325
-----END PGP SIGNATURE-----


Accepted:
apache2-doc_2.2.3-4+etch11_all.deb
  to main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb
apache2-mpm-event_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb
apache2-mpm-perchild_2.2.3-4+etch11_all.deb
  to main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb
apache2-mpm-prefork_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb
apache2-mpm-worker_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb
apache2-prefork-dev_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb
apache2-src_2.2.3-4+etch11_all.deb
  to main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb
apache2-threaded-dev_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb
apache2-utils_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb
apache2.2-common_2.2.3-4+etch11_i386.deb
  to main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb
apache2_2.2.3-4+etch11.diff.gz
  to main/a/apache2/apache2_2.2.3-4+etch11.diff.gz
apache2_2.2.3-4+etch11.dsc
  to main/a/apache2/apache2_2.2.3-4+etch11.dsc
apache2_2.2.3-4+etch11_all.deb
  to main/a/apache2/apache2_2.2.3-4+etch11_all.deb

Reply to:

Prev by Date: Accepted xfs 1:1.0.8-2.2+lenny1 (source i386)
Next by Date: Accepted cupsys 1.2.7-4+etch9 (source i386 all)
Previous by thread: Accepted xfs 1:1.0.8-2.2+lenny1 (source i386)
Next by thread: Accepted cupsys 1.2.7-4+etch9 (source i386 all)
Index(es):
- Date
- Thread