lp:ubuntu/dapper-security/apache2

Created by James Westby on 2009-11-06 and last modified on 2011-05-22
Get this branch:
bzr branch lp:ubuntu/dapper-security/apache2
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

22. By Steve Beattie on 2011-05-22

* SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
  apache's mod_index
  - debian/patches/122_fnmatch_CVE-2011-0419.patch: rewrite
    apr_fnmatch to have a better time bounds on execution.
  - CVE-2011-0419
  - debian/patches/123_fnmatch_CVE-2011-1928.patch: fix possible
    DoS introduced by patch for CVE-2011-0419.
  - CVE-2011-1928

21. By Marc Deslauriers on 2010-11-18

* SECURITY UPDATE: denial of service via request that lacks a path in
  mod_dav.
  - debian/patches/120_CVE-2010-1452.dpatch: fix path handling in
    modules/dav/main/util.c.
  - CVE-2010-1452
* SECURITY UPDATE: denial of service via memory leak in
  apr_brigade_split_line function.
  - debian/patches/121_CVE-2010-1623.dpatch: properly destroy bucket in
    srclib/apr-util/buckets/apr_brigade.c.
  - CVE-2010-1623

20. By Marc Deslauriers on 2010-08-16

* debian/patches/119_sslinsecurerenegotiation-directive.dpatch: once
  openssl gets updated to fix CVE-2009-3555, server renegotiations with
  unpatched clients will fail. This patch adds the ability to revert to
  the previous unsafe behaviour with a new SSLInsecureRenegotiation
  directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
  CVE-2009-3555 fix.

19. By Marc Deslauriers on 2010-03-08

* SECURITY UPDATE: information disclosure via improper handling of
  headers in subrequests
  - debian/patches/118_CVE-2010-0434.dpatch: use a copy of r->headers_in
    in server/protocol.c.
  - CVE-2010-0434

18. By Jamie Strandboge on 2009-11-12

* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
  Partial fix for CVE-2009-3555. Configurations requiring renegotiation
  of per-directory/location access controls are still affected until
  OpenSSL is updated.
  - debian/patches/115_CVE-2009-3555.patch: disable all client
    renegotiations
  - based on http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2.patch
  - CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
  - debian/patches/116-CVE-2009-3094.patch: fix NULL pointer dereference
    in mod_proxy_ftp.c/apr_socket_close() and potential buffer overread
    in EPSV response parser
  - based on http://svn.apache.org/viewvc?revision=814652&view=revision
  - CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
  configured as a reverse proxy
  - debian/patches/117-CVE-2009-3095.patch: adjust proxy_ftp_handler()
    in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
    special characters.
  - based on http://svn.apache.org/viewvc?revision=814045&view=revision
  - CVE-2009-3095

17. By Marc Deslauriers on 2009-08-17

* SECURITY UPDATE: remote denial of service in mod_deflate module when
  the network connection was closed before compression completed
  - debian/patches/113_CVE-2009-1891.patch: update patch to fix
    regression that caused segfaults under certain circumstances.
    (LP: #409987)
  - CVE-2009-1891

16. By Jamie Strandboge on 2009-08-07

* SECURITY UPDATE: fix integer overflow in libapr
  - debian/patches/114_CVE-2009-2412.patch: adjust allocator_alloc() and
    apr_palloc() in apr_pools.c to check for overflow after aligning size
  - http://www.apache.org/dist/apr/patches/apr-0.9-CVE-2009-2412.patch
  - CVE-2009-2412
* SECURITY UPDATE: fix integer overflow in libaprutil
  - debian/patches/114_CVE-2009-2412b.patch: adjust apr_rmm_malloc,
    apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
    size
  - http://www.apache.org/dist/apr/patches/apr-util-0.9-CVE-2009-2412.patch
  - CVE-2009-2412

15. By Marc Deslauriers on 2009-07-10

* SECURITY UPDATE: remote denial of service in mod_deflate module when
  the network connection was closed before compression completed
  - debian/patches/113_CVE-2009-1891.patch: fail if the connection has
    been aborted in server/core.c
  - CVE-2009-1891

14. By Jamie Strandboge on 2009-06-10

* SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
  - debian/patches/110_CVE-2009-0023.dpatch: adjust
    srclib/apr-util/strmatch/apr_strmatch.c to properly evaluate strings as
    unsigned char rather than int
  - CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
  - debian/patches/111_CVE-2009-1955.dpatch: adjust
    srclib/apr-util/xml/apr_xml.c to disable internal entity expansion
  - CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
  - debian/patches/112_CVE-2009-1956.dpatch: don't add null terminator to
    vd.vbuff.curpos in srclib/apr-util/buckets/apr_brigade.c
  - CVE-2009-1956

13. By Marc Deslauriers on 2009-02-25

* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in "413 Request
  Entity Too Large" error message
  - debian/patches/106_CVE-2007-6203.patch: properly escape some error
    messages in modules/http/http_protocol.c.
  - CVE-2007-6203
* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability via UTF-7 encoded
  URLs
  - debian/patches/107_CVE-2008-2168.patch: specify a default charset in
    modules/dav/main/mod_dav.c and modules/generators/mod_info.c.
  - CVE-2008-2168
* SECURITY UPDATE: Denial of service via large number of interim responses in
  mod_proxy module (LP: #239894)
  - debian/patches/108_CVE-2008-2364.patch: limit the number of interim
    responses in modules/proxy/proxy_http.c.
  - CVE-2008-2364
* SECURITY UPDATE: Cross-site scripting (XSS) vulnerability in the
  mod_proxy_ftp module
  - debian/patches/109_CVE-2008-2939.patch: escape the html contained in the
    wildcard value in modules/proxy/proxy_ftp.c.
  - CVE-2008-2939

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/apache2
This branch contains Public information 
Everyone can see this information.

Subscribers