-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 03 Jun 2009 23:12:43 +0200 Source: apr-util Binary: libaprutil1 libaprutil1-dbg libaprutil1-dev Architecture: source i386 Version: 1.2.7+dfsg-2+etch2 Distribution: oldstable-security Urgency: high Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: libaprutil1 - The Apache Portable Runtime Utility Library libaprutil1-dbg - The Apache Portable Runtime Utility Library - Development Headers libaprutil1-dev - The Apache Portable Runtime Utility Library - Development Headers Changes: apr-util (1.2.7+dfsg-2+etch2) oldstable-security; urgency=high . * CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2. * Fix DoS vulnerability (memory consumption) in handling of internal xml entities. Files: 982d6c15afd4477277b01c004b7c8ac0 1036 libs optional apr-util_1.2.7+dfsg-2+etch2.dsc ed3dc8bd1a5891432d7fc0614b94becd 33117 libs optional apr-util_1.2.7+dfsg-2+etch2.diff.gz a3117be657f99e92316be40add59b9ff 643328 libs optional apr-util_1.2.7+dfsg.orig.tar.gz d65d8158a672fc285a5329a96f927ff0 68680 libs optional libaprutil1_1.2.7+dfsg-2+etch2_i386.deb 0fffc0910d45788aa2e5632913f97b5e 116416 libdevel optional libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb 5c6fe8e442ec6aa146cc5f534d045e70 122170 libdevel optional libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKJumjbxelr8HyTqQRAhDrAKDQaMMQ/lt0I2idHUmiDolgWfnqtQCeK7Vv ZmynB3EV+WzO96LwkWrBHYE= =P1R7 -----END PGP SIGNATURE----- Accepted: apr-util_1.2.7+dfsg-2+etch2.diff.gz to pool/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.diff.gz apr-util_1.2.7+dfsg-2+etch2.dsc to pool/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch2.dsc libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb to pool/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch2_i386.deb libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb to pool/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch2_i386.deb libaprutil1_1.2.7+dfsg-2+etch2_i386.deb to pool/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch2_i386.deb