Debian Package Tracker

From: Stefan Fritsch <sf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted apache2 2.0.54-5sarge2 (source all i386)
Date: Sat, 18 Aug 2007 19:56:20 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 16 Aug 2007 20:16:15 +0200
Source: apache2
Binary: apache2-utils apache2 apache2-prefork-dev apache2-mpm-prefork apache2-doc libapr0-dev apache2-mpm-threadpool apache2-mpm-worker libapr0 apache2-threaded-dev apache2-common apache2-mpm-perchild
Architecture: source all i386
Version: 2.0.54-5sarge2
Distribution: oldstable-proposed-updates
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 apache2    - next generation, scalable, extendable web server
 apache2-common - next generation, scalable, extendable web server
 apache2-doc - documentation for apache2
 apache2-mpm-perchild - experimental high speed perchild threaded model for Apache2
 apache2-mpm-prefork - traditional model for Apache2
 apache2-mpm-threadpool - experimental high speed model for Apache2 (transitional package)
 apache2-mpm-worker - high speed threaded model for Apache2
 apache2-prefork-dev - development headers for apache2
 apache2-threaded-dev - development headers for apache2
 apache2-utils - utility programs for webservers
 libapr0    - the Apache Portable Runtime
 libapr0-dev - development headers for libapr
Changes: 
 apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low
 .
   * Fix some less critical security issues:
   * Denial of service for threaded MPMs:
     - CVE-2005-2970: mpm_worker memory leak
     - CVE-2005-3357: mod_ssl with custom errorpage
     - CVE-2007-1863: mod_cache
   * Cross site scripting:
     - CVE-2005-3352: mod_imap
     - CVE-2006-3918: via Expect header
     - CVE-2006-5752: mod_status
   * Add check for scoreboard PID protection (CVE-2007-3304)
Files: 
 a27eebf40caec5b5ebbc3cc044aa48c4 1153 net optional apache2_2.0.54-5sarge2.dsc
 6591b23c0d10bb585cdd23fc436104ea 111878 net optional apache2_2.0.54-5sarge2.diff.gz
 d17f122e7d0f8a08fd7b7e1c7fae60d9 33772 net optional apache2-mpm-threadpool_2.0.54-5sarge2_all.deb
 3a63d358620485f18ac20a672713e2c3 3820266 doc optional apache2-doc_2.0.54-5sarge2_all.deb
 f9ce42ce6a78018166f7ce14532e5fa8 807518 net optional apache2-common_2.0.54-5sarge2_i386.deb
 849be7538abc6ddadd41be095fcf1e37 90966 net optional apache2-utils_2.0.54-5sarge2_i386.deb
 b2c4b4457fa65306abb17a7f9f685436 206716 net optional apache2-mpm-worker_2.0.54-5sarge2_i386.deb
 32089ef7e2ff35cd22d5a60b3606a87d 206958 net optional apache2-mpm-perchild_2.0.54-5sarge2_i386.deb
 9d194ab106f0a09370c0872690356062 203190 net optional apache2-mpm-prefork_2.0.54-5sarge2_i386.deb
 65a7c50ac66b25539f1041982328abd7 170184 devel optional apache2-prefork-dev_2.0.54-5sarge2_i386.deb
 2fc6e95d6215822af3a8bbdbf91433c8 170778 devel optional apache2-threaded-dev_2.0.54-5sarge2_i386.deb
 daaa7c35b984f3a64ae720e489f5d7f1 130882 net optional libapr0_2.0.54-5sarge2_i386.deb
 44a2dc4c2c43e3270b97966d1217bcb4 260122 libdevel optional libapr0-dev_2.0.54-5sarge2_i386.deb
 80e00df0f6489297406c2a73637df64c 33690 web optional apache2_2.0.54-5sarge2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGxK2mbxelr8HyTqQRApxOAJ99o2vcFXvJR+qZcUylD4pbP+RG6ACeONf9
Q8AyQJ/CJpA+aca4bDAOJqM=
=UK9P
-----END PGP SIGNATURE-----


Accepted:
apache2-common_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5sarge2_i386.deb
apache2-doc_2.0.54-5sarge2_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5sarge2_all.deb
apache2-mpm-perchild_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge2_i386.deb
apache2-mpm-prefork_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge2_i386.deb
apache2-mpm-threadpool_2.0.54-5sarge2_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5sarge2_all.deb
apache2-mpm-worker_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge2_i386.deb
apache2-prefork-dev_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge2_i386.deb
apache2-threaded-dev_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge2_i386.deb
apache2-utils_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2-utils_2.0.54-5sarge2_i386.deb
apache2_2.0.54-5sarge2.diff.gz
  to pool/main/a/apache2/apache2_2.0.54-5sarge2.diff.gz
apache2_2.0.54-5sarge2.dsc
  to pool/main/a/apache2/apache2_2.0.54-5sarge2.dsc
apache2_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/apache2_2.0.54-5sarge2_i386.deb
libapr0-dev_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/libapr0-dev_2.0.54-5sarge2_i386.deb
libapr0_2.0.54-5sarge2_i386.deb
  to pool/main/a/apache2/libapr0_2.0.54-5sarge2_i386.deb
News for package apache2
