[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SRM] Please review apache_1.3.34-4.1+etch1


please review apache_1.3.34-4.1+etch1 for inclusion in etch r3, as 
agreed with luk and jmm.

Here is the changelog:
apache (1.3.34-4.1+etch1) stable; urgency=low

  * Minor security fixes:
    - CVE-2007-1349: DoS in mod_perl
    - CVE-2007-3304: potential DoS by sending SIGUSR1 to arbitrary
    - CVE-2006-5752, CVE-2007-6388: XSS in mod_status
    - CVE-2007-5000: XSS in mod_imap

The debdiff is at

Deviating from my previous plan, I now included the fix for 
CVE-2007-3304. I reviewed the patch and tested it, and could not find 
any problems.


PS: I also plan an apache2 s-p-u upload. Separate mail follows.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: