lp:ubuntu/hoary-security/apache2
- Get this branch:
- bzr branch lp:ubuntu/hoary-security/apache2
Branch merges
Branch information
Recent revisions
- 6. By Martin Pitt
-
* SECURITY UPDATE: Remote DoS, potential remote code execution.
* Add debian/patches/ 053_mod_ rewite_ CVE-2006- 3747:
- Fix off-by-one buffer overflow in mod_rewrite's ldap scheme handler.
- Reported by Mark Dowd of McAfee Avert Labs.
- CVE-2006-3747 - 5. By Adam Conrad
-
* SECURITY UPDATE: Remote DoS and Cross-Site Scripting vulnerability.
- Add 050_mod_imap_CVE- 2005-3352 to escape untrusted referer headers in
mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
- Add 051_mod_ssl_CVE- 2005-3357 to avoid a remote denial of service in
threaded MPMs when making a non-SSL connection to an SSL-enabled port
on a server with a custom 400 error document defined; see CVE-2005-3357 - 4. By Adam Conrad
-
* SECURITY UPDATE: Memory exhaustion denial of service in apache2-mpm-worker
- Apply 048_worker_memleak_ CAN-2005- 2970 to resolves a memory leak in
the worker MPM that can occur after aborted connections; CAN-2005-2970 - 3. By Adam Conrad
-
Fix the init script to not exit with an error when asked to
stop a daemon that isn't running (Was the root cause of #8374)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/apache2