[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#642956: pu: package apache2/2.2.16-6+squeeze4

tag 642956 + confirmed squeeze
thanks

On Mon, 2011-09-26 at 18:31 +0200, Stefan Fritsch wrote:
> On Monday 26 September 2011, Adam D. Barratt wrote:
> > On Mon, 2011-09-26 at 00:34 +0200, Stefan Fritsch wrote:
> > > Please review apache2/2.2.16-6+squeeze4 for inclusion in s-p-u.
> > > It fixes a minor DoS issue, some bugs in the init script and
> > > adds some docs.
> > 
> > Thanks for this.  A couple of queries:
> > >    * Fix CVE-2011-3348: Possible denial of service in
> > >    mod_proxy_ajp
> > >    
> > >      if combined with mod_proxy_balancer.
> > 
> > As far as I can tell from the upload history and the security
> > tracker, this is still unfixed in unstable - is that correct?
> 
> Yes. It's included in upstream 2.2.21 which I will upload to unstable 
> shortly. So, the patch has already seen some use and is unlikely to 
> introduce regressions.

Please go ahead; thanks.

Regards,

Adam
Reply to: