Created by James Westby on 2009-11-06 and last modified on 2009-11-06
Get this branch:
bzr branch lp:ubuntu/breezy-security/apache2
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

7. By Martin Pitt on 2006-07-26

* SECURITY UPDATE: Remote DoS, potential remote code execution.
* Add debian/patches/053_mod_rewite_CVE-2006-3747:
  - Fix off-by-one buffer overflow in mod_rewrite's ldap scheme handler.
  - Reported by Mark Dowd of McAfee Avert Labs.
  - CVE-2006-3747

6. By Adam Conrad on 2006-01-08

* SECURITY UPDATE: Remote DoS and Cross-Site Scripting vulnerability.
  - Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
    mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
  - Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
    threaded MPMs when making a non-SSL connection to an SSL-enabled port
    on a server with a custom 400 error document defined; see CVE-2005-3357

5. By Adam Conrad on 2005-12-06

* SECURITY UPDATE: Memory exhaustion denial of service in apache2-mpm-worker
  - Apply 048_worker_memleak_CAN-2005-2970 to resolves a memory leak in
    the worker MPM that can occur after aborted connections; CAN-2005-2970

4. By Adam Conrad on 2005-10-04

Add 047_ssl_reneg_with_body, which adds a (bounded) buffer of request
body data to provide a limited but safe fix for the mod_ssl renegotiation
vs requests-with-bodies bug, as occurs with POST and SVN (Ubuntu #14991)

3. By Adam Conrad on 2005-04-01

Fix the init script to not exit with an error when asked to
stop a daemon that isn't running (Was the root cause of #8374)

2. By Thom May on 2004-10-13

Security Release. Patch from upstream for the following:
CAN-2004-0885SSLCypherSuite can be bypassed during renegotiation.

1. By Thom May on 2004-10-13

Import upstream version 2.0.50

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.