lp:ubuntu/hardy-security/apache2
- Get this branch:
- bzr branch lp:ubuntu/hardy-security/apache2
Branch merges
Branch information
Recent revisions
- 38. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
directive (LP: #811422)
- debian/patches/ 220_CVE- 2011-3607. dpatch: validate length in
server/util.c.
- CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
- debian/patches/ 221_CVE- 2011-4317. dpatch: validate additional URIs in
modules/mappers/ mod_rewrite. c, modules/ proxy/mod_ proxy.c,
server/protocol. c.
- CVE-2011-4317
* SECURITY UPDATE: denial of service and possible code execution via
type field modification within a scoreboard shared memory segment
- debian/patches/ 222_CVE- 2012-0031. dpatch: check type field in
server/scoreboard. c.
- CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
- debian/patches/ 223_CVE- 2012-0053. dpatch: check lengths in
server/protocol. c.
- CVE-2012-0053 - 37. By Steve Beattie
-
[ Michael Jeanson ]
* SECURITY UPDATE: mod_proxy reverse proxy exposure
* debian/patches/ 216_CVE- 2011-3368. dpatch: return 400
on invalid requests.
- debian/patches/ 214_CVE- 2011-3368_ part2.dpatch: fix same for http
0.9 protocol[ Steve Beattie ]
* SECURITY UPDATE: mod_proxy_ajp denial of service (LP: #871674)
- debian/patches/ 213_CVE- 2011-3348. dpatch: return
HTTP_NOT_IMPLEMENTED when AJP_EBAD_METHOD is requested
- CVE-2011-3348
* Include additional fixes for regressions introduced by
CVE-2011-3192 fixes
- debian/patches/ 084_CVE- 2011-3192_ regression_ part2.dpatch:
take upstream fixes for byterange_filter.c through the 2.2.21
release except for the added MaxRanges configuration option. - 36. By Steve Beattie
-
* SECURITY UPDATE: Range header DoS vulnerability
* debian/patches/ 214_CVE- 2011-3192. dpatch: filter out large
byte ranges and improve memory efficiency in handling buckets.
(thanks to Debian and upstream)
* CVE-2011-3192
* Include fix for regressions introduced by above patch:
- debian/patches/ 084_CVE- 2011-3192_ regression. dpatch: return 206
and 416 response codes where appropriate (see deban bug 639825) - 35. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via request that lacks a path in
mod_dav.
- debian/patches/ 213_CVE- 2010-1452. dpatch: fix path handling in
modules/dav/main/ util.c.
- CVE-2010-1452 - 34. By Marc Deslauriers
-
* debian/
patches/ 212_sslinsecure renegotiation- directive. dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix. - 33. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via crafted request in mod_proxy_ajp
- debian/patches/ 209_CVE- 2010-0408. dpatch: return the right error code
in modules/proxy/mod_ proxy_ajp. c.
- CVE-2010-0408
* SECURITY UPDATE: information disclosure via improper handling of
headers in subrequests
- debian/patches/ 210_CVE- 2010-0434. dpatch: use a copy of r->headers_in
in server/protocol.c.
- CVE-2010-0434 - 32. By Jamie Strandboge
-
* SECURITY UPDATE: Reject client-initiated SSL/TLS renegotiations.
Partial fix for CVE-2009-3555. Configurations requiring renegotiation
of per-directory/location access controls are still affected until
OpenSSL is updated.
- debian/patches/ 206_CVE- 2009-3555. dpatch: disable all client
renegotiations
- CVE-2009-3555
* SECURITY UPDATE: fix NULL pointer dereference in mod_proxy_ftp module
- debian/patches/ 207-CVE- 2009-3094. dpatch: fix NULL pointer dereference
in mod_proxy_ftp.c/apr_ socket_ close() and potential buffer overread
in EPSV response parser
- CVE-2009-3094
* SECURITY UPDATE: fix access control bypass in mod_proxy_ftp when
configured as a reverse proxy
- debian/patches/ 208-CVE- 2009-3095. dpatch: adjust proxy_ftp_handler()
in mod_proxy_ftp.c to fail if the decoded Basic credentials contain
special characters.
- CVE-2009-3095 - 31. By Marc Deslauriers
-
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/ 205_CVE- 2009-1891. dpatch: update patch to fix
regression that caused segfaults under certain circumstances.
(LP: #409987)
- CVE-2009-1891 - 30. By Marc Deslauriers
-
* SECURITY UPDATE: remote denial of service in the mod_proxy module via
amount of streamed data that exceeds the Content-Length value
- debian/patches/ 204_CVE- 2009-1890. dpatch: make sure Content-Length is
sane and check the length of the data in modules/proxy/mod_ proxy_http. c
- CVE-2009-1890
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/ 205_CVE- 2009-1891. dpatch: fail if the connection has
been aborted in server/core_filters. c
- CVE-2009-1891 - 29. By Jamie Strandboge
-
* SECURITY UPDATE: Includes option could be overridden via .htaccess file
when AllowOverride restrictions do not permit it
- debian/patches/ 203_CVE- 2009-1195. dpatch: adjust server/config.c,
server/core.c, modules/filters/ mod_include. c, include/http_core.h to
only enable .htaccess override when permitted.
- CVE-2009-1195
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/apache2