-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 03 Dec 2011 18:54:03 +0100 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg Architecture: source all i386 Version: 2.2.21-3 Distribution: unstable Urgency: medium Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-itk - multiuser MPM for Apache 2.2 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Closes: 650528 Changes: apache2 (2.2.21-3) unstable; urgency=medium . * Fix CVE-2011-4317: Prevent unintended pattern expansion in some reverse proxy configurations. (Similar to CVE-2011-3368, but different attack vector.) * Fix CVE-2011-3607: Integer overflow in ap_pregsub could cause segfault via malicious .htaccess. * Mention dpkg-statoverride for changing permissions of suexec. LP: #897120 * Fix broken link in docs. Closes: #650528 * Remove Tollef Fog Heen, Thom May, and Peter Samuelson from uploaders. Thanks for your work in the past. Checksums-Sha1: e1cb342cf4254bda80d884787f2fcc829aa1d2ba 2162 apache2_2.2.21-3.dsc 6343a13cbd5d0787877fce85d0f1def703abbb5e 205863 apache2_2.2.21-3.diff.gz 9860038fe995a525816bc2217fcf324762c75307 2663180 apache2-doc_2.2.21-3_all.deb a1540b967d03a5ca8162589f069b78db26773c61 314028 apache2.2-common_2.2.21-3_i386.deb b3d02bbf749a3468fcf536629c3d2cfa4439408a 1455170 apache2.2-bin_2.2.21-3_i386.deb 0051d489a594a400febe5568182b1130441d6741 2190 apache2-mpm-worker_2.2.21-3_i386.deb 10f3ad04bbe08d77a48c673baa7dad2572695484 2294 apache2-mpm-prefork_2.2.21-3_i386.deb 245cc2ca0c6fba2a3a5cc563680de83969e31eb9 2254 apache2-mpm-event_2.2.21-3_i386.deb 4cd4c737e4c5e6110ccd7c0876d2fb401d69b56e 2282 apache2-mpm-itk_2.2.21-3_i386.deb 26890a5beb619dc0c6eac45e9e99832a404027cd 169200 apache2-utils_2.2.21-3_i386.deb e03fe20921e5d1cf89b20c0e3e616a15474f9ef1 103232 apache2-suexec_2.2.21-3_i386.deb 2e953ae6ccb32ccae5d6f6cbd9e64c5f7b3883e2 104894 apache2-suexec-custom_2.2.21-3_i386.deb 94af10673d1584ebc1303b51cfd9fe248cd80c1a 1388 apache2_2.2.21-3_i386.deb 1af4acd9eaadf3fdfc9cbd4ae00142ae8ffc9d30 137890 apache2-prefork-dev_2.2.21-3_i386.deb e57b24e81f791eaf75248f1428a75b476b273324 139068 apache2-threaded-dev_2.2.21-3_i386.deb 4d4a40fa0385bd31d7b11768e3898fd8020765f4 2803618 apache2-dbg_2.2.21-3_i386.deb Checksums-Sha256: 81cd9499a5b11640cf2fce12768aa2f8c0a9d3aedf4b0e225ffb90cddc3eef0d 2162 apache2_2.2.21-3.dsc ef1689eeec73b408a0a3cb894b43074f6e1e5091f7c449b9f3f96e3eefa287d3 205863 apache2_2.2.21-3.diff.gz 633723b8f7c00122e0bfa468303ed4e16b6c613bf19889c220d2e3495e92b32d 2663180 apache2-doc_2.2.21-3_all.deb 928b3f9ae4a232896fc6e44e97a1f553649c352c0c6230a3b479dcbff31e23d4 314028 apache2.2-common_2.2.21-3_i386.deb e26050dbf7607470762c56fa3bdd468e2c5de6fe7d7c8d70a17bcab0f2ecb87b 1455170 apache2.2-bin_2.2.21-3_i386.deb 868140f882e9f7366ee00c7577e4e4b390af014df3462be9972cebd9afa62cca 2190 apache2-mpm-worker_2.2.21-3_i386.deb 81dcd2f238f67e1f49ee32e6a1f4308fb1bd6a9d521c3c3b9b00e872123068c6 2294 apache2-mpm-prefork_2.2.21-3_i386.deb 24344898d38619de8c4736a09b0090805b43ca79cdafbc598ff9e492c06768fb 2254 apache2-mpm-event_2.2.21-3_i386.deb ac7abdf2b91ad5afcff8aa31f2c61d8726251b21132d5f1756bfb3ac819e644c 2282 apache2-mpm-itk_2.2.21-3_i386.deb 1d45951707a14a259dfb6a7594b397283b1962c472e54daaa527e6bb2bfd21dd 169200 apache2-utils_2.2.21-3_i386.deb d9d220a49f327ff11d438eb002db3407d00244b11011f585541cfba19cf00bde 103232 apache2-suexec_2.2.21-3_i386.deb a181cc7b5342728c6da9270e5fb7aaa0a924ac02e7bdc18f3c1650cce0f4a807 104894 apache2-suexec-custom_2.2.21-3_i386.deb 16eba91dce7c19820eddd8c2dd9291b88a5a3a5c48896fff41dd582719e0990f 1388 apache2_2.2.21-3_i386.deb 14bd37e3519145da51540a7c4f0644f3aac9f1afe72430208baa31fcdb62f63a 137890 apache2-prefork-dev_2.2.21-3_i386.deb 7a4a2a7a21878a35a7790ba7033675b5d84cc260d82fd3b5752f87763f94255e 139068 apache2-threaded-dev_2.2.21-3_i386.deb da7cd5ac828377ab190efb1d66fcdf6f9d4093fc292d01abe55512ba9177b9f1 2803618 apache2-dbg_2.2.21-3_i386.deb Files: 1a9931a4f5c1568ec54aa95ee2178048 2162 httpd optional apache2_2.2.21-3.dsc 9f45f391443f3ef97f87f04682d74f34 205863 httpd optional apache2_2.2.21-3.diff.gz 1b4212bbfffdb16b2c30d88548b806ce 2663180 doc optional apache2-doc_2.2.21-3_all.deb 242fa003f3a9c4c30f8deeead40f4c84 314028 httpd optional apache2.2-common_2.2.21-3_i386.deb e57f0230a8764b884b545e5ec1abff80 1455170 httpd optional apache2.2-bin_2.2.21-3_i386.deb 25eb10d9a69930b8b539da67e6c56cde 2190 httpd optional apache2-mpm-worker_2.2.21-3_i386.deb 6b2189d42af0d546aae104dd0ba334fd 2294 httpd optional apache2-mpm-prefork_2.2.21-3_i386.deb 7347f1f266e53a5b89027d18016135f5 2254 httpd optional apache2-mpm-event_2.2.21-3_i386.deb 255c0540449ab52edf232f1f37ffe3bc 2282 httpd extra apache2-mpm-itk_2.2.21-3_i386.deb f163dfc9e08d61e6c0ad7892d9aea575 169200 httpd optional apache2-utils_2.2.21-3_i386.deb e83a3ff354eeaca4cb65f30dec071a72 103232 httpd optional apache2-suexec_2.2.21-3_i386.deb af8b53e1a526cc5650850ce0d6c3df2a 104894 httpd extra apache2-suexec-custom_2.2.21-3_i386.deb c45cda04a95f1fdecb2b2299e5bf833f 1388 httpd optional apache2_2.2.21-3_i386.deb f388182b5b080729fd252120878b6ec2 137890 httpd extra apache2-prefork-dev_2.2.21-3_i386.deb a2a5f63942587f80503f6eb171d3c395 139068 httpd extra apache2-threaded-dev_2.2.21-3_i386.deb 60bc69354b3df83661b34210b05d9155 2803618 debug extra apache2-dbg_2.2.21-3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFO2mP1bxelr8HyTqQRAvifAJ9PuY8mDj15KmtAOzf7F6iTade6QwCgoxNr y56g7CXPNUCnjnSamE9bL8k= =ZMZV -----END PGP SIGNATURE----- Accepted: apache2-dbg_2.2.21-3_i386.deb to main/a/apache2/apache2-dbg_2.2.21-3_i386.deb apache2-doc_2.2.21-3_all.deb to main/a/apache2/apache2-doc_2.2.21-3_all.deb apache2-mpm-event_2.2.21-3_i386.deb to main/a/apache2/apache2-mpm-event_2.2.21-3_i386.deb apache2-mpm-itk_2.2.21-3_i386.deb to main/a/apache2/apache2-mpm-itk_2.2.21-3_i386.deb apache2-mpm-prefork_2.2.21-3_i386.deb to main/a/apache2/apache2-mpm-prefork_2.2.21-3_i386.deb apache2-mpm-worker_2.2.21-3_i386.deb to main/a/apache2/apache2-mpm-worker_2.2.21-3_i386.deb apache2-prefork-dev_2.2.21-3_i386.deb to main/a/apache2/apache2-prefork-dev_2.2.21-3_i386.deb apache2-suexec-custom_2.2.21-3_i386.deb to main/a/apache2/apache2-suexec-custom_2.2.21-3_i386.deb apache2-suexec_2.2.21-3_i386.deb to main/a/apache2/apache2-suexec_2.2.21-3_i386.deb apache2-threaded-dev_2.2.21-3_i386.deb to main/a/apache2/apache2-threaded-dev_2.2.21-3_i386.deb apache2-utils_2.2.21-3_i386.deb to main/a/apache2/apache2-utils_2.2.21-3_i386.deb apache2.2-bin_2.2.21-3_i386.deb to main/a/apache2/apache2.2-bin_2.2.21-3_i386.deb apache2.2-common_2.2.21-3_i386.deb to main/a/apache2/apache2.2-common_2.2.21-3_i386.deb apache2_2.2.21-3.diff.gz to main/a/apache2/apache2_2.2.21-3.diff.gz apache2_2.2.21-3.dsc to main/a/apache2/apache2_2.2.21-3.dsc apache2_2.2.21-3_i386.deb to main/a/apache2/apache2_2.2.21-3_i386.deb
