-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 05 Oct 2009 19:07:08 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.9-10+lenny5 Distribution: stable Urgency: low Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 517089 524268 528951 537665 545951 Changes: apache2 (2.2.9-10+lenny5) stable; urgency=low . * Minor security fixes in mod_proxy_ftp (closes: #545951): - DoS by malicious ftp server (CVE-2009-3094) - missing input sanitization: a user could execute arbitrary ftp commands on the backend ftp server (CVE-2009-3095) * Fix segfault in legacy ap_r* API which is triggered more often since the fix for CVE-2009-1891 was applied (closes: #537665). * Take care to not override existing index.shtml files when upgrading from before 2.2.8-1 (closes: #517089). * mod_deflate: Fix invalid etag to be emitted for on-the-fly gzip content-encoding. This prevented apache from sending "304 NOT MODIFIED" responses for compressed content. * mod_rewrite: Fix "B" flag breakage (closes: #524268) * Properly declare that apache2-suexec* replace files in old versions of apache2.2-common (closes: #528951). * Remove other_vhosts_access.log on package purge. Checksums-Sha1: 4cd35bacf4367636f64b061ac25fe41792e80ce8 1674 apache2_2.2.9-10+lenny5.dsc 9d73dbc120d1b61cc0b8f74a949df7890403c22b 142370 apache2_2.2.9-10+lenny5.diff.gz 2a7f19ab0f9ff14facf562cb329fdb85e1dcb2a8 782656 apache2.2-common_2.2.9-10+lenny5_i386.deb cdb0f46d11ede65702cddc69e7bdf7fdb025cc11 241510 apache2-mpm-worker_2.2.9-10+lenny5_i386.deb d01781a04e2314f4663f714a7ebff582ccb4418c 238480 apache2-mpm-prefork_2.2.9-10+lenny5_i386.deb 6e22292309b13aec0e087dded68011f1f8343041 241964 apache2-mpm-event_2.2.9-10+lenny5_i386.deb eff93d624f98e78fd21e4cf8c593c39c7e62eea0 144090 apache2-utils_2.2.9-10+lenny5_i386.deb bcb27f5d5017f69f83d167169aa89f4698dbcd8f 82550 apache2-suexec_2.2.9-10+lenny5_i386.deb c0e1a8c9646e5aad8619b3b52f6e46aed2d9d61d 84198 apache2-suexec-custom_2.2.9-10+lenny5_i386.deb 3554646b49f15c750a3c23113e74577437f892ff 211154 apache2-prefork-dev_2.2.9-10+lenny5_i386.deb fba7e333c7f21cb0ff22647eecd836128a34c02f 212460 apache2-threaded-dev_2.2.9-10+lenny5_i386.deb a90f5a3996472ab6aa545851be1add2e2a90c123 2315310 apache2-dbg_2.2.9-10+lenny5_i386.deb cc4b9f2000f1642fe2e7a8e21fcf63bb622082c7 45096 apache2_2.2.9-10+lenny5_all.deb d1160b790d86d31372ee178789a37142a9272068 2060758 apache2-doc_2.2.9-10+lenny5_all.deb e2e67571bcc95c914ada5c1aa35ac189babece4d 6732286 apache2-src_2.2.9-10+lenny5_all.deb Checksums-Sha256: 2b4fc052962e6336830c99b8cc4ccb9ea327ff1b1a236e5159d6608c5432bfd4 1674 apache2_2.2.9-10+lenny5.dsc af4750a36287fb34f50c876723889378c26483ab03ee7f7e58ef240b7fc4d303 142370 apache2_2.2.9-10+lenny5.diff.gz 7e353ab812a5011304093ef347176acc3ce83eba4a85a8728c2583e514f62cda 782656 apache2.2-common_2.2.9-10+lenny5_i386.deb 6e8723a506733f7d9481607a012f2641b209d75086c12a82524d94258bb16371 241510 apache2-mpm-worker_2.2.9-10+lenny5_i386.deb 6c3743c3ec5f8c95c9b93f23891021a33715d95e9c76cdb2383060a6d5ac0027 238480 apache2-mpm-prefork_2.2.9-10+lenny5_i386.deb da5d06deaf139008c3f93f39c5153454479ac0114aa90cf1b62bf77cf7016e39 241964 apache2-mpm-event_2.2.9-10+lenny5_i386.deb 2d0367e4ad03714cdb3a703d180ca0645c287996a525f30607cb708fc1cc0543 144090 apache2-utils_2.2.9-10+lenny5_i386.deb f9cb2b6370e275bcbc0550c423b660298698774264be2b11965c9638e6be8372 82550 apache2-suexec_2.2.9-10+lenny5_i386.deb 1b392eef4c38a9017c702738621f120d0c16d51bd3a1ba090acc019513460627 84198 apache2-suexec-custom_2.2.9-10+lenny5_i386.deb 5e8bc5cbcd4f1ff2e3898226ce35d595dc71df635983672990222535e296541b 211154 apache2-prefork-dev_2.2.9-10+lenny5_i386.deb d485ebce33f62e60221013a0fa8c2d0554ff0f1e1b235a7b9b91624407cfce3d 212460 apache2-threaded-dev_2.2.9-10+lenny5_i386.deb 8d3b9c3c508cda66401d2e021e0e56e0502e3cb14c4c8b502215584cc2d8d47b 2315310 apache2-dbg_2.2.9-10+lenny5_i386.deb 72e576b2aff702793f53e0a25597b241c24978f95fdbf62581d08ee39bdf2bf2 45096 apache2_2.2.9-10+lenny5_all.deb a0825424647d29a523991c390d0f211e341219600b4fcbefb155c826adab7206 2060758 apache2-doc_2.2.9-10+lenny5_all.deb 70115c44791f64197034553ab42ab6e47f90d9a3ca514942e4ba129839179cfe 6732286 apache2-src_2.2.9-10+lenny5_all.deb Files: af4959f5d19a41499227492ab5a1ad0b 1674 web optional apache2_2.2.9-10+lenny5.dsc e0248c2405b395a7764a63293ad4a7aa 142370 web optional apache2_2.2.9-10+lenny5.diff.gz 77096cd161c26931b4056fb95a1557ef 782656 web optional apache2.2-common_2.2.9-10+lenny5_i386.deb acc6fe5a6f95a25678f358481291bc2f 241510 web optional apache2-mpm-worker_2.2.9-10+lenny5_i386.deb 808c0f7d0e7d9de2ed6ac968a5b1ad64 238480 web optional apache2-mpm-prefork_2.2.9-10+lenny5_i386.deb d0435d86316e0ed664ff34f9257be791 241964 web optional apache2-mpm-event_2.2.9-10+lenny5_i386.deb 6d912ecf32d064b7ff40d7bee13ccd55 144090 web optional apache2-utils_2.2.9-10+lenny5_i386.deb ce8c2e3b263f4af1e76fa1ac9190ed2c 82550 web optional apache2-suexec_2.2.9-10+lenny5_i386.deb 356fb4544d50d55d7db777721828b302 84198 web extra apache2-suexec-custom_2.2.9-10+lenny5_i386.deb 796706af29f60b63656f69d5fe4666b9 211154 devel extra apache2-prefork-dev_2.2.9-10+lenny5_i386.deb b12a7b066f2a4b75414dc149f4d057a7 212460 devel extra apache2-threaded-dev_2.2.9-10+lenny5_i386.deb d5ef2bc8ffef29d5c56fe947d7237453 2315310 libdevel extra apache2-dbg_2.2.9-10+lenny5_i386.deb 676c152d136010dafcb21af27b97f103 45096 web optional apache2_2.2.9-10+lenny5_all.deb 7755ddf1f1da4cda8cfe38789e14d545 2060758 doc optional apache2-doc_2.2.9-10+lenny5_all.deb 1e15a9c0e64aed90f14342f85af2a237 6732286 devel extra apache2-src_2.2.9-10+lenny5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFKyi3kbxelr8HyTqQRArCNAKC8ybX0A26QjotH/mEoC5XHB5QzwQCcDdka YtBLTWBjhTp31i4aAzgCdAo= =2E/y -----END PGP SIGNATURE----- Accepted: apache2-dbg_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-10+lenny5_i386.deb apache2-doc_2.2.9-10+lenny5_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-10+lenny5_all.deb apache2-mpm-event_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny5_i386.deb apache2-mpm-prefork_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny5_i386.deb apache2-mpm-worker_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny5_i386.deb apache2-prefork-dev_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny5_i386.deb apache2-src_2.2.9-10+lenny5_all.deb to pool/main/a/apache2/apache2-src_2.2.9-10+lenny5_all.deb apache2-suexec-custom_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny5_i386.deb apache2-suexec_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-10+lenny5_i386.deb apache2-threaded-dev_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny5_i386.deb apache2-utils_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-10+lenny5_i386.deb apache2.2-common_2.2.9-10+lenny5_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.9-10+lenny5_i386.deb apache2_2.2.9-10+lenny5.diff.gz to pool/main/a/apache2/apache2_2.2.9-10+lenny5.diff.gz apache2_2.2.9-10+lenny5.dsc to pool/main/a/apache2/apache2_2.2.9-10+lenny5.dsc apache2_2.2.9-10+lenny5_all.deb to pool/main/a/apache2/apache2_2.2.9-10+lenny5_all.deb