-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 11 Oct 2011 22:54:47 +0200 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg Architecture: source all i386 Version: 2.2.21-2 Distribution: unstable Urgency: high Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-itk - multiuser MPM for Apache 2.2 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Changes: apache2 (2.2.21-2) unstable; urgency=high . * Fix CVE-2011-3368: Prevent unintended pattern expansion in some reverse proxy configurations by strictly validating the request-URI. * Correctly set permissions of suexec.load even if umask is 0002 during build. LP: #872000 Checksums-Sha1: 0b4bc4e05d888e645d749df1974e4553052d5448 2261 apache2_2.2.21-2.dsc 79c20bcefab8293011f4c39c51cc91737c4eb055 204580 apache2_2.2.21-2.diff.gz a70bd96712eba16bd93085d199ddef36fe8d12e4 2663036 apache2-doc_2.2.21-2_all.deb 5243fd35ebca894e00a9aa9d8b8226a72b8cc827 313884 apache2.2-common_2.2.21-2_i386.deb 35d8d3e5853f7ec9e0ea0594fad16a9c8d1d0292 1454562 apache2.2-bin_2.2.21-2_i386.deb acc7b57040cc574b4826b57b8686f4e95f9ccd19 2192 apache2-mpm-worker_2.2.21-2_i386.deb eb9eafc897cb70f4129b9c1bdae9a14927d9590a 2296 apache2-mpm-prefork_2.2.21-2_i386.deb 00864059e6a8bf7f066c865f9da124aaf11a5a84 2256 apache2-mpm-event_2.2.21-2_i386.deb 5b04af3749c73f0dc1a07ae4cb13d8eb865220d3 2284 apache2-mpm-itk_2.2.21-2_i386.deb e4169090db1ceb7c7796e5299ed279c250e64e9a 169046 apache2-utils_2.2.21-2_i386.deb 42ca28d2aa9fb92811ac1f170e87b40863d3f6b3 103090 apache2-suexec_2.2.21-2_i386.deb 40978a50145f838db6fcf45136b404b8087bb6f0 104706 apache2-suexec-custom_2.2.21-2_i386.deb ced4e2af379cc653d34053a096dc4b916db80d0e 1382 apache2_2.2.21-2_i386.deb 0dd448108f43f70198b40551519f3bd97b7bea56 137894 apache2-prefork-dev_2.2.21-2_i386.deb 329174b84a807ec739c0e35873dc3dcae469eef2 139072 apache2-threaded-dev_2.2.21-2_i386.deb 8f59e5f89b8c9f1183050b1288d57252cf33169c 2803728 apache2-dbg_2.2.21-2_i386.deb Checksums-Sha256: 110a19e5ef3b1b6cc1d9275a9013e4211669a372ab24d9bfbabef5d26352636a 2261 apache2_2.2.21-2.dsc 97c6a71bc9f067b212204c77ea76e9f2b354f61ab386ec1763569aa4b6491145 204580 apache2_2.2.21-2.diff.gz fc5794d1e5f52a2e5f131ba740a0f6460fb0ccbb91c4f3abe90b24561a653b7f 2663036 apache2-doc_2.2.21-2_all.deb 1a8206f89085f1691b7b32718de7fc0d87bfb1971093c5ce6868ac2fadf7483b 313884 apache2.2-common_2.2.21-2_i386.deb 076ec04545ff94bd998301b9a5c14ba0ac459ccf30e68ac2ede8d6bec779a0ae 1454562 apache2.2-bin_2.2.21-2_i386.deb 2471c4f867f1971d8a35cf92b5684a8a035a7f2ab10af41d1e60f56eddc8feea 2192 apache2-mpm-worker_2.2.21-2_i386.deb 3dadd9a3dbae1edd7d7e09ff9eed3262d5a5ead911d7fe5233ea672ee3b6edde 2296 apache2-mpm-prefork_2.2.21-2_i386.deb a92d7c177a3097c445a1093f4dae95d4da11c22e8d90c0e88903f1e0dc6fd571 2256 apache2-mpm-event_2.2.21-2_i386.deb 937717fbdee0fc6380360273fc8bb823a35bb9ef844839f8737b3997e2a620a1 2284 apache2-mpm-itk_2.2.21-2_i386.deb 6af90144f4a7dc8bb42e952a2d788138a14b929965a039df8a9d07ec924eed99 169046 apache2-utils_2.2.21-2_i386.deb 863ec37518466216d3fd9d87d862c28a7a5d1e96b3ec09b917d0218551c08d44 103090 apache2-suexec_2.2.21-2_i386.deb 0d50b995ed14f5521be13590de2dbe3145a59402f627cdb5ee1f60496e569e7b 104706 apache2-suexec-custom_2.2.21-2_i386.deb f07317f69468f5c4dbc2b8df280d182b3fa5e45c67aace4e2f315605f651e409 1382 apache2_2.2.21-2_i386.deb 237e60673bd14b0201ead612f1f5d99ed34fa931db37e966f07bd2ca87ecaec5 137894 apache2-prefork-dev_2.2.21-2_i386.deb a8e61bc3b303991e63827c51fdae00777b1a3524a7a1ea393657930ed9a22d76 139072 apache2-threaded-dev_2.2.21-2_i386.deb 8a8fcbf7c8143ae36bd405bdc5aa13be9b03940937ca026cfdf6f517a7d56144 2803728 apache2-dbg_2.2.21-2_i386.deb Files: 8ec0c4f350fbcb777d9c06a5ece557b2 2261 httpd optional apache2_2.2.21-2.dsc dd3d0895952b76ae9be085174a5f230d 204580 httpd optional apache2_2.2.21-2.diff.gz 4d90d15cdda3b5a7ed4144358904dfd9 2663036 doc optional apache2-doc_2.2.21-2_all.deb bf6b17c983911146232e8d1d46649fa6 313884 httpd optional apache2.2-common_2.2.21-2_i386.deb 71352b2b3c16f9d6376a40cfab0a45f8 1454562 httpd optional apache2.2-bin_2.2.21-2_i386.deb dc942bd3a201d0d705857f21ad696578 2192 httpd optional apache2-mpm-worker_2.2.21-2_i386.deb c63544c61e1214a107467233deec8c4b 2296 httpd optional apache2-mpm-prefork_2.2.21-2_i386.deb bfdc47c2e7ed8ce62ab97f32ced2536d 2256 httpd optional apache2-mpm-event_2.2.21-2_i386.deb b479ca8376fdd20e2fe8b8f05c2d65de 2284 httpd extra apache2-mpm-itk_2.2.21-2_i386.deb a8de8c53dc7fbda756e4d363f624b423 169046 httpd optional apache2-utils_2.2.21-2_i386.deb d2bb220c02e71333afffe4031ac2b78a 103090 httpd optional apache2-suexec_2.2.21-2_i386.deb 8fb866f41715acd63c58331eb03cf989 104706 httpd extra apache2-suexec-custom_2.2.21-2_i386.deb f82d7d2380087c689a559a391e3cb5f0 1382 httpd optional apache2_2.2.21-2_i386.deb 7504a8413e4a9c2124c0dd54e0107019 137894 httpd extra apache2-prefork-dev_2.2.21-2_i386.deb 04fddff7e68602f4e91a226c628d81e2 139072 httpd extra apache2-threaded-dev_2.2.21-2_i386.deb 9b7d530dbdadf57a22b8157777428fc0 2803728 debug extra apache2-dbg_2.2.21-2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFOlK5bbxelr8HyTqQRAqk9AJ9EaVVexTb5qd5DhQOPBtAupIMcGwCgiOsT 11rogf8+SxM9x4kwI/cjYVM= =/DwH -----END PGP SIGNATURE----- Accepted: apache2-dbg_2.2.21-2_i386.deb to main/a/apache2/apache2-dbg_2.2.21-2_i386.deb apache2-doc_2.2.21-2_all.deb to main/a/apache2/apache2-doc_2.2.21-2_all.deb apache2-mpm-event_2.2.21-2_i386.deb to main/a/apache2/apache2-mpm-event_2.2.21-2_i386.deb apache2-mpm-itk_2.2.21-2_i386.deb to main/a/apache2/apache2-mpm-itk_2.2.21-2_i386.deb apache2-mpm-prefork_2.2.21-2_i386.deb to main/a/apache2/apache2-mpm-prefork_2.2.21-2_i386.deb apache2-mpm-worker_2.2.21-2_i386.deb to main/a/apache2/apache2-mpm-worker_2.2.21-2_i386.deb apache2-prefork-dev_2.2.21-2_i386.deb to main/a/apache2/apache2-prefork-dev_2.2.21-2_i386.deb apache2-suexec-custom_2.2.21-2_i386.deb to main/a/apache2/apache2-suexec-custom_2.2.21-2_i386.deb apache2-suexec_2.2.21-2_i386.deb to main/a/apache2/apache2-suexec_2.2.21-2_i386.deb apache2-threaded-dev_2.2.21-2_i386.deb to main/a/apache2/apache2-threaded-dev_2.2.21-2_i386.deb apache2-utils_2.2.21-2_i386.deb to main/a/apache2/apache2-utils_2.2.21-2_i386.deb apache2.2-bin_2.2.21-2_i386.deb to main/a/apache2/apache2.2-bin_2.2.21-2_i386.deb apache2.2-common_2.2.21-2_i386.deb to main/a/apache2/apache2.2-common_2.2.21-2_i386.deb apache2_2.2.21-2.diff.gz to main/a/apache2/apache2_2.2.21-2.diff.gz apache2_2.2.21-2.dsc to main/a/apache2/apache2_2.2.21-2.dsc apache2_2.2.21-2_i386.deb to main/a/apache2/apache2_2.2.21-2_i386.deb
