-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 03 Jun 2009 22:53:01 +0200 Source: apr-util Binary: libaprutil1 libaprutil1-dev libaprutil1-dbg Architecture: source i386 Version: 1.2.12+dfsg-8+lenny2 Distribution: stable-security Urgency: high Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: libaprutil1 - The Apache Portable Runtime Utility Library libaprutil1-dbg - The Apache Portable Runtime Utility Library - Development Headers libaprutil1-dev - The Apache Portable Runtime Utility Library - Development Headers Changes: apr-util (1.2.12+dfsg-8+lenny2) stable-security; urgency=high . * CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2. * Fix DoS vulnerability (memory consumption) in handling of internal xml entities. Checksums-Sha1: 21fdbecef1bb16ae8d339fed912e866f942ee986 1530 apr-util_1.2.12+dfsg-8+lenny2.dsc 0f83aa4d35e43a895f247fac0f5c82a619bd057a 22021 apr-util_1.2.12+dfsg-8+lenny2.diff.gz 57fcc5f210e8266e3415937fc1c7a322fc718773 658687 apr-util_1.2.12+dfsg.orig.tar.gz ccba44ebdfa8cb133c3dcfdcdc9fb3b5a02da95e 73636 libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb 31e10b0253443b95041a176ad96825948be893c6 120742 libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb 2d997d14eea758e6acbc2bbda6fdff3cf624bda7 141210 libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb Checksums-Sha256: 5fbab6dcfc9f7c4d741cd9641632a64faf9fbc6a5a342d10c881f27dc3088b65 1530 apr-util_1.2.12+dfsg-8+lenny2.dsc a59d2cf9be662fb339b54e2ba8fd0d8fc19b92574794898d69e261f9c4d0e938 22021 apr-util_1.2.12+dfsg-8+lenny2.diff.gz 0a8cf21eaada6ce138962dbcfe64bf49069f0ba4e8cfef3b169f4213844e5c7b 658687 apr-util_1.2.12+dfsg.orig.tar.gz 008cc12b9cb2310920cc7400cfd2d268c2b252fe1f0f4d71c6faee07739de86a 73636 libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb ab523c857f16b1683ce3b45491393a9ea69ecc0e2511f4a5909ed31924be48dc 120742 libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb 7d2db189a80615d9b90c57c2ab07008193f3c1eb60142826c99edb1459ae95e0 141210 libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb Files: 2e0b102b714edffebe80b7522b60eb93 1530 libs optional apr-util_1.2.12+dfsg-8+lenny2.dsc 5ac66e9e3e4a3b3f93f25a075d7087ea 22021 libs optional apr-util_1.2.12+dfsg-8+lenny2.diff.gz 4ef3e41037fe0cdd3a0d107335a008eb 658687 libs optional apr-util_1.2.12+dfsg.orig.tar.gz e8bafce964601ca062a3e8dc3e9ab887 73636 libs optional libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb 8f22bb0169bb8adfafb8295cd8e11a5d 120742 libdevel optional libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb 9cfb5f9c9a81d8c9d246bcda411330d5 141210 libdevel extra libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKJujybxelr8HyTqQRAkbGAJ4pq0f7e5EbUZlCt/nL5osB0l2ekACeMXIX 8r61KEZj1wPjIJ2miSKtYEw= =spg8 -----END PGP SIGNATURE----- Accepted: apr-util_1.2.12+dfsg-8+lenny2.diff.gz to pool/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.diff.gz apr-util_1.2.12+dfsg-8+lenny2.dsc to pool/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny2.dsc libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb to pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny2_i386.deb libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb to pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny2_i386.deb libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb to pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny2_i386.deb