Hi, please review apache2 2.0.54-5sarge2 for the next sarge point release: apache2 (2.0.54-5sarge2) stable; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) -- Stefan Fritsch <sf@debian.org> Mon, 16 Jul 2007 23:12:36 +0200 The debdiff is at: http://www.sfritsch.de/~stf/apache2-sarge.diff Cheers, Stefan
Attachment:
signature.asc
Description: This is a digitally signed message part.