-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 30 May 2009 14:54:22 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.9-10+lenny3 Distribution: stable-security Urgency: high Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 530834 Changes: apache2 (2.2.9-10+lenny3) stable-security; urgency=high . * Security: CVE-2009-1195: In configurations using the AllowOverride directive with certain Options= arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended (closes: #530834). Checksums-Sha1: 43e8225409173776b1a958ea42e507c46deac201 1673 apache2_2.2.9-10+lenny3.dsc 1541e9b9ecdc5a3dc8a173c826be7cd23f5431dd 137227 apache2_2.2.9-10+lenny3.diff.gz 504cf39a62c5e62302f7dd9afac4d1933a9441fe 6396996 apache2_2.2.9.orig.tar.gz 110168c51a5a8f60db473ebfb113e025184d3680 782404 apache2.2-common_2.2.9-10+lenny3_i386.deb 87206eaaa0d1ff32974210405cf95cfce4c0c5f2 240432 apache2-mpm-worker_2.2.9-10+lenny3_i386.deb 981bddb3cbcd73798ea4c190395002b56f5584f4 236912 apache2-mpm-prefork_2.2.9-10+lenny3_i386.deb 50a0f1c6fca96acea56c98e23f528d82b0954f97 240936 apache2-mpm-event_2.2.9-10+lenny3_i386.deb a5d48b924c13a1bd67320870aba1341552d2eb20 142904 apache2-utils_2.2.9-10+lenny3_i386.deb be8b87a8c6f7cad5133234713c65c3c00178750f 81758 apache2-suexec_2.2.9-10+lenny3_i386.deb 2ea2092253f861058f22a0c56e6d647aa463ca4b 83514 apache2-suexec-custom_2.2.9-10+lenny3_i386.deb deeafb2ca3d46938dcf7e6019be8d8210cb674ea 210822 apache2-prefork-dev_2.2.9-10+lenny3_i386.deb b591c18693b46642c79baee3544d847be0b0f663 212150 apache2-threaded-dev_2.2.9-10+lenny3_i386.deb c2e2ab505ae829a82bb2a6fcf001b394de7c9347 2321250 apache2-dbg_2.2.9-10+lenny3_i386.deb ff65133ce521465183d07c7d4b45b43789d2ce8c 44648 apache2_2.2.9-10+lenny3_all.deb bc399df70442895564d822b06f45d4a8cd8361c4 2059786 apache2-doc_2.2.9-10+lenny3_all.deb b45ae0bc0741ce8f6a39b4fdb3c0bc188731f99f 6735640 apache2-src_2.2.9-10+lenny3_all.deb Checksums-Sha256: 72bfe49b16e92a06d58dae602df53facb5c8627080ab9639ce9704a5c634b44b 1673 apache2_2.2.9-10+lenny3.dsc 54dc5943d7dc08183f6dbdfab91e23791fe82ad0bd2279fc61427344153d4031 137227 apache2_2.2.9-10+lenny3.diff.gz 74c92f9905a809fb18822f0d98e45712bb17495cefaf2b5315c2ce15840a04a2 6396996 apache2_2.2.9.orig.tar.gz e1b1cfe9f1453df0079326a96f024f9b20fc9a9b16c9ebc05babe8eb92b1ca8d 782404 apache2.2-common_2.2.9-10+lenny3_i386.deb 7d1291563f9820d0e7e00ab6209af4c2d11f6e6d30c854fd82457876a68209fd 240432 apache2-mpm-worker_2.2.9-10+lenny3_i386.deb 2a2d490d9a06575c3b1466b37636a32640cba4eec0fd5421f8f66a065da505f5 236912 apache2-mpm-prefork_2.2.9-10+lenny3_i386.deb c07f2925bf55ffd6df552808db41d7a313c8dab0063ef0c4abc6d7307abe3add 240936 apache2-mpm-event_2.2.9-10+lenny3_i386.deb cd4eaabd73800fd62ff2d80c29a944eb362d449353f0e68d57fd9ca64de833b6 142904 apache2-utils_2.2.9-10+lenny3_i386.deb bd7dbe27e2d0c8b24f7af547beedc483e4a6857f6f7d3538b836e66b133cb29c 81758 apache2-suexec_2.2.9-10+lenny3_i386.deb b1e4c1716133d30f5a4bc995a1dff85684912bb419ae2c44cf7872f7fc42d039 83514 apache2-suexec-custom_2.2.9-10+lenny3_i386.deb 35bf4b91103012cb3f72a4934bdc3cfb35c4f85c0d1891e04f4618075e1d1325 210822 apache2-prefork-dev_2.2.9-10+lenny3_i386.deb 6ecfc215211069dae08200b9f6da767fd03add56f2e144944c51ad9b88f06352 212150 apache2-threaded-dev_2.2.9-10+lenny3_i386.deb 38713fad7707c0a483231d5349e6a7bb2812f6574bef46e991b692755f5d83cd 2321250 apache2-dbg_2.2.9-10+lenny3_i386.deb 723b3af288eb2df4dc7fda74315cf7c5d802e7b44f6eb3fd1c274831a821c823 44648 apache2_2.2.9-10+lenny3_all.deb 807736e0c192266d1320854185acb0728664a82c6a944b8e28286544e791cfbf 2059786 apache2-doc_2.2.9-10+lenny3_all.deb 50e06ffb082804de9429fdee8c44c99e3fcc082105a6d539b843ac681744d7a7 6735640 apache2-src_2.2.9-10+lenny3_all.deb Files: cbadd8b289a12b3f646c72a9f98edb22 1673 web optional apache2_2.2.9-10+lenny3.dsc c9b4da9312222075e97c68dd88760afc 137227 web optional apache2_2.2.9-10+lenny3.diff.gz 80d3754fc278338033296f0d41ef2c04 6396996 web optional apache2_2.2.9.orig.tar.gz 0094ac3350d87b5ac8896de7a63c56c6 782404 web optional apache2.2-common_2.2.9-10+lenny3_i386.deb 3d82d54ffaa46778b9353ca212187f63 240432 web optional apache2-mpm-worker_2.2.9-10+lenny3_i386.deb 2e212dfd60ad731fded5d0801003f3f3 236912 web optional apache2-mpm-prefork_2.2.9-10+lenny3_i386.deb b6f3463734881e19af151308e6a7f979 240936 web optional apache2-mpm-event_2.2.9-10+lenny3_i386.deb 32b93602af8f9b38062b7027ae436f6c 142904 web optional apache2-utils_2.2.9-10+lenny3_i386.deb 6215a7f8a67e57813fddcaab50c7f351 81758 web optional apache2-suexec_2.2.9-10+lenny3_i386.deb b00c2bcbb431d2ae963fe0c8adb23bf3 83514 web extra apache2-suexec-custom_2.2.9-10+lenny3_i386.deb 34090aeed35ed15ec8605f344d4c13f1 210822 devel extra apache2-prefork-dev_2.2.9-10+lenny3_i386.deb 89abf1c6028d02e25bdb5111197b3cbf 212150 devel extra apache2-threaded-dev_2.2.9-10+lenny3_i386.deb 4027f4a596cd8b3b8473d07f9dd31118 2321250 libdevel extra apache2-dbg_2.2.9-10+lenny3_i386.deb eaa00e0c442f6923aaee5b3f3d63eabb 44648 web optional apache2_2.2.9-10+lenny3_all.deb 8ec25b1f4b421acdcb56b4c30a46adce 2059786 doc optional apache2-doc_2.2.9-10+lenny3_all.deb 312c8afd7ad4a42cef5b998e929d7307 6735640 devel extra apache2-src_2.2.9-10+lenny3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKMNEObxelr8HyTqQRAnslAJ9MDYlSVM9s/f2nRBNgZWEogOr/SwCgotun dAtW9+bN7lmhWRcO/nwszRw= =9Mc0 -----END PGP SIGNATURE----- Accepted: apache2-dbg_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-10+lenny3_i386.deb apache2-doc_2.2.9-10+lenny3_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-10+lenny3_all.deb apache2-mpm-event_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny3_i386.deb apache2-mpm-prefork_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny3_i386.deb apache2-mpm-worker_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny3_i386.deb apache2-prefork-dev_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny3_i386.deb apache2-src_2.2.9-10+lenny3_all.deb to pool/main/a/apache2/apache2-src_2.2.9-10+lenny3_all.deb apache2-suexec-custom_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny3_i386.deb apache2-suexec_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-10+lenny3_i386.deb apache2-threaded-dev_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny3_i386.deb apache2-utils_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-10+lenny3_i386.deb apache2.2-common_2.2.9-10+lenny3_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.9-10+lenny3_i386.deb apache2_2.2.9-10+lenny3.diff.gz to pool/main/a/apache2/apache2_2.2.9-10+lenny3.diff.gz apache2_2.2.9-10+lenny3.dsc to pool/main/a/apache2/apache2_2.2.9-10+lenny3.dsc apache2_2.2.9-10+lenny3_all.deb to pool/main/a/apache2/apache2_2.2.9-10+lenny3_all.deb