Branches for Natty

Name Status Last Modified Last Commit
lp:ubuntu/natty/apache2 bug 2 Mature 2011-02-22 13:02:08 UTC 2011-02-22
67. * Merge from debian unstable, remaini...

Author: Chuck Short
Revision Date: 2011-02-22 13:02:08 UTC

* Merge from debian unstable, remaining changes:
  - debian/{control, rules}: Enable PIE hardening.
  - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles.
  - debian/control: Add bzr tag and point it to our tree
  - debain/apache2.py, debian/apache2.2-common.isntall: Add apport hook.
  - debian/control, debian/ask-for-passphrase, debian/config-dir/mods-available/ssl.conf:
    Plymouth aware passphrase dialog program ask-for-passphrase.

lp:ubuntu/natty-security/apache2 bug 2 Mature 2012-02-16 19:57:25 UTC 2012-02-16
70. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2012-02-14 10:02:26 UTC

* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
  directive (LP: #811422)
  - debian/patches/215_CVE-2011-3607.dpatch: validate length in
    server/util.c.
  - CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
  - debian/patches/216_CVE-2011-4317.dpatch: validate additional URIs in
    modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
    server/protocol.c.
  - CVE-2011-4317
* SECURITY UPDATE: denial of service via invalid cookie
  - debian/patches/217_CVE-2012-0021.dpatch: check name and value in
    modules/loggers/mod_log_config.c.
  - CVE-2012-0021
* SECURITY UPDATE: denial of service and possible code execution via
  type field modification within a scoreboard shared memory segment
  - debian/patches/218_CVE-2012-0031.dpatch: check type field in
    server/scoreboard.c.
  - CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
  - debian/patches/219_CVE-2012-0053.dpatch: check lengths in
    server/protocol.c.
  - CVE-2012-0053

lp:ubuntu/natty-updates/apache2 2 Mature 2012-02-14 10:02:26 UTC 2012-02-14
70. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2012-02-14 10:02:26 UTC

* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
  directive (LP: #811422)
  - debian/patches/215_CVE-2011-3607.dpatch: validate length in
    server/util.c.
  - CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
  - debian/patches/216_CVE-2011-4317.dpatch: validate additional URIs in
    modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
    server/protocol.c.
  - CVE-2011-4317
* SECURITY UPDATE: denial of service via invalid cookie
  - debian/patches/217_CVE-2012-0021.dpatch: check name and value in
    modules/loggers/mod_log_config.c.
  - CVE-2012-0021
* SECURITY UPDATE: denial of service and possible code execution via
  type field modification within a scoreboard shared memory segment
  - debian/patches/218_CVE-2012-0031.dpatch: check type field in
    server/scoreboard.c.
  - CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
  - debian/patches/219_CVE-2012-0053.dpatch: check lengths in
    server/protocol.c.
  - CVE-2012-0053

13 of 3 results