Ubuntu
apache2 package

Branches for Edgy

Name Status Last Modified Last Commit
lp:ubuntu/edgy/apache2 1 Development 2009-11-06 05:53:38 UTC
11. * Add debian/patches/054_restore_pref...

Author: Martin Pitt
Revision Date: 2006-09-27 16:23:09 UTC

* Add debian/patches/054_restore_prefix_fix:
  - Fix autoconf macros to work with autoconf 2.60 (AC_CANONICAL_SYSTEM
    overwrites $@ in 2.60, see Debian bug #372179), so that the package
    builds again on recent Edgy.
  - Thanks to Daniel Schepler <schepler@math.berkeley.edu> for this patch
    (taken from Debian #374160)
  - Closes: LP#62242
lp:ubuntu/edgy-security/apache2 1 Development 2009-11-06 05:53:56 UTC
13. * SECURITY UPDATE: denial of service ...

Author: Jamie Strandboge
Revision Date: 2008-01-29 20:12:00 UTC

* SECURITY UPDATE: denial of service (application crash) when using
  mod_proxy in threaded MPM via crafted date headers.
* debian/patches/100_CVE-2007-3847.patch: fix proxy_util.c to use
  apr_date_parse_http() and apr_rfc822_date()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_autoindex.c
  when charset not defined
* debian/patches/101_CVE-2007-4465.patch: fix mod_autoindex.c to properly
  check for and use charset
* SECURITY UPDATE: cross-site scripting vulnerability in mod_imap
* debian/patches/102_CVE-2007-5000.patch: fix for mod_imap.c to use
  ap_escape_html()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_status when
  server-status is enabled
* debian/patches/103_CVE-2007-6388.patch: fix for mod_status.c to properly
  setup table
* SECURITY UPDATE: cross-site scripting vulnerability in proxy_ftp when
  charset is not defined
* debian/patches/104_CVE-2008-0005.patch: fix for proxy_ftp.c to define
  a charset
* SECURITY UPDATE: cross-site scripting vulnerability in Expect headers
* debian/patches/105_CVE-2006-3918.patch: fix for http_protocol.c to use
  ap_escape_html()
* References
  CVE-2007-3847
  CVE-2007-4465
  CVE-2007-5000
  CVE-2007-6388
  CVE-2008-0005
  CVE-2006-3918
lp:ubuntu/edgy-updates/apache2 1 Development 2009-11-06 05:54:13 UTC
13. * SECURITY UPDATE: denial of service ...

Author: Jamie Strandboge
Revision Date: 2008-01-29 20:12:00 UTC

* SECURITY UPDATE: denial of service (application crash) when using
  mod_proxy in threaded MPM via crafted date headers.
* debian/patches/100_CVE-2007-3847.patch: fix proxy_util.c to use
  apr_date_parse_http() and apr_rfc822_date()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_autoindex.c
  when charset not defined
* debian/patches/101_CVE-2007-4465.patch: fix mod_autoindex.c to properly
  check for and use charset
* SECURITY UPDATE: cross-site scripting vulnerability in mod_imap
* debian/patches/102_CVE-2007-5000.patch: fix for mod_imap.c to use
  ap_escape_html()
* SECURITY UPDATE: cross-site scripting vulnerability in mod_status when
  server-status is enabled
* debian/patches/103_CVE-2007-6388.patch: fix for mod_status.c to properly
  setup table
* SECURITY UPDATE: cross-site scripting vulnerability in proxy_ftp when
  charset is not defined
* debian/patches/104_CVE-2008-0005.patch: fix for proxy_ftp.c to define
  a charset
* SECURITY UPDATE: cross-site scripting vulnerability in Expect headers
* debian/patches/105_CVE-2006-3918.patch: fix for http_protocol.c to use
  ap_escape_html()
* References
  CVE-2007-3847
  CVE-2007-4465
  CVE-2007-5000
  CVE-2007-6388
  CVE-2008-0005
  CVE-2006-3918
13 of 3 results FirstPreviousNextLast