-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 30 Nov 2012 09:26:36 +0100 Source: apache2 Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg Architecture: source all i386 Version: 2.2.16-6+squeeze10 Distribution: squeeze-security Urgency: low Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-itk - multiuser MPM for Apache 2.2 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-bin - Apache HTTP Server common binary files apache2.2-common - Apache HTTP Server common files Changes: apache2 (2.2.16-6+squeeze10) squeeze-security; urgency=low . [ Arno Töll ] * Backport disable-ssl-compression.patch from Wheezy. This patch disabled SSL compression upon request by introducing a "Compression on|off" directive to mod_ssl. This is to mitigate impact of CRIME attacks to SSL - which is a browser issue, however. See also Debian bug #674142 and #689936. . [ Stefan Fritsch ] * CVE-2012-4557: mod_proxy_ajp: Remote denial of service (temporary, until mod_proxy_ajp's retry timeout expired). Checksums-Sha1: 260e0709ed1962b9695a896afbd3d081cfdd150b 1836 apache2_2.2.16-6+squeeze10.dsc ae258271b8d48e201b3590e3636fcb62a17b73cd 227402 apache2_2.2.16-6+squeeze10.diff.gz 8a8fdfab89199683e549416fcacd59caa5090c7c 2305412 apache2-doc_2.2.16-6+squeeze10_all.deb d31df6176705e8a6642b936c0bb268c8587be92a 308946 apache2.2-common_2.2.16-6+squeeze10_i386.deb 20795d119be62fc7be872596bcf85c64b77c07e5 1354582 apache2.2-bin_2.2.16-6+squeeze10_i386.deb c7c470eeb9e74c81111b1354872b95d39edc2574 2230 apache2-mpm-worker_2.2.16-6+squeeze10_i386.deb 678fe681f1cc4cd7a257e030bc7873d0084eacc5 2286 apache2-mpm-prefork_2.2.16-6+squeeze10_i386.deb 7ce89268215466fa88ca5dfa8b9fd2ec46c19467 2262 apache2-mpm-event_2.2.16-6+squeeze10_i386.deb c5070f096160c8dbb46cfb2fd41d0296761069a2 2292 apache2-mpm-itk_2.2.16-6+squeeze10_i386.deb 426d847e5d26cf9e5e3bfbd8aab81aeaed827414 165708 apache2-utils_2.2.16-6+squeeze10_i386.deb 5d287b02c3647eb0afa6441b5134dbf08ff4e463 100282 apache2-suexec_2.2.16-6+squeeze10_i386.deb 1b0f23f3e2a488ee477667a78c30e4c0828ed6cb 101842 apache2-suexec-custom_2.2.16-6+squeeze10_i386.deb b4cf93dcf51148a89d5149a5eb242fca89f6ba50 1392 apache2_2.2.16-6+squeeze10_i386.deb c4feddb9ae3b7ad8b6ffbd59cdbd01afa52d4961 137240 apache2-prefork-dev_2.2.16-6+squeeze10_i386.deb db334ac73e861637eb6193efef0da08aaa20bd9f 138376 apache2-threaded-dev_2.2.16-6+squeeze10_i386.deb 822fa52704612bf86b4d73cc8b50ca386213da99 2682012 apache2-dbg_2.2.16-6+squeeze10_i386.deb Checksums-Sha256: 9bca936aba4f1e66882dae51de6cfe3ae4670746de9f7d1efcc70a2e537ecbd8 1836 apache2_2.2.16-6+squeeze10.dsc 56ccd34dae50c7c160458c86712309745c287c88608354dd343bb9633422e3b4 227402 apache2_2.2.16-6+squeeze10.diff.gz 5e90f6d48d12abd6c6ee75bf7a277ad3cb8200c10060df68b008f439eeb34a97 2305412 apache2-doc_2.2.16-6+squeeze10_all.deb 851fe220085d8462eab067fc1d3a3a9cf4caf51336575bc7054920ed219f45f5 308946 apache2.2-common_2.2.16-6+squeeze10_i386.deb fe116075d2a2383f4d32101c894dbd7a5ccc674e69939e67a8e54b1d488af678 1354582 apache2.2-bin_2.2.16-6+squeeze10_i386.deb 5be8b49fff3a334c407fbc77eb2ca37ceeeb39c4c600813914b33401b58ee301 2230 apache2-mpm-worker_2.2.16-6+squeeze10_i386.deb e052f56441d31bc4779e111b5eea5ccd8a354a2dff415f3f282a18be8eeb533d 2286 apache2-mpm-prefork_2.2.16-6+squeeze10_i386.deb bc0505099eaabfc88d6add240b1e3e3d66d4282e77ffc88915d823a4afca720c 2262 apache2-mpm-event_2.2.16-6+squeeze10_i386.deb ae3a49b0b43a7810f25e67e74bcc57c1c815581eaed8cfbb2245b010e5797873 2292 apache2-mpm-itk_2.2.16-6+squeeze10_i386.deb 00d1026833c9d89f3c276a5949e554702565c2cca43e5f6e7b5f4ee47038bd2c 165708 apache2-utils_2.2.16-6+squeeze10_i386.deb 6ae3eb87aecd1b5d3a6bfe0f43c3220016bda6d7b597471ecabe8a954d3a89d1 100282 apache2-suexec_2.2.16-6+squeeze10_i386.deb 2a404ca5da6ff0a5835f8969a1b082f2cce3732e54674c9bfda01c1f258f9b8c 101842 apache2-suexec-custom_2.2.16-6+squeeze10_i386.deb c380f40c313fe29316ed4c7ff79be57aae6017a73a65a17180e2687bbe2d69d9 1392 apache2_2.2.16-6+squeeze10_i386.deb 4c5b149a14fc5137d96e69ac02baaa79a131da726c8f0246754e6b7086de53f0 137240 apache2-prefork-dev_2.2.16-6+squeeze10_i386.deb dd24b51ed448a1def3dd996aa1440a86ca8cd088d8515c0efffb15270c9ee435 138376 apache2-threaded-dev_2.2.16-6+squeeze10_i386.deb 05b1edc76c1f7511f778053324c38cb9dc037a4d372ae1d5b46bc1bb9053372d 2682012 apache2-dbg_2.2.16-6+squeeze10_i386.deb Files: 9b17014aa65386e2ef84f0695c5cf1fa 1836 httpd optional apache2_2.2.16-6+squeeze10.dsc b5f7d1c6262215a30ca51d5aabdbd74d 227402 httpd optional apache2_2.2.16-6+squeeze10.diff.gz 78b7086c4306a562603574a0bed411a8 2305412 doc optional apache2-doc_2.2.16-6+squeeze10_all.deb cc0cfe26f6f08434ccb208e2617879b3 308946 httpd optional apache2.2-common_2.2.16-6+squeeze10_i386.deb 69e02b0eccddbbdb3e9e849060ab010d 1354582 httpd optional apache2.2-bin_2.2.16-6+squeeze10_i386.deb 48a0ae2c8804c580e3d69aa9d39926b0 2230 httpd optional apache2-mpm-worker_2.2.16-6+squeeze10_i386.deb 27800b1bc638a6aedd4e19f44dce2247 2286 httpd optional apache2-mpm-prefork_2.2.16-6+squeeze10_i386.deb 8313f3a300d41c005b13d7302df2c691 2262 httpd optional apache2-mpm-event_2.2.16-6+squeeze10_i386.deb 6d007bcb5439efa7840c704f55df5cfb 2292 httpd extra apache2-mpm-itk_2.2.16-6+squeeze10_i386.deb 766d7887fdbed522295564be599c3086 165708 httpd optional apache2-utils_2.2.16-6+squeeze10_i386.deb fd42dc4e8e25f1c4e138bcd35af983b5 100282 httpd optional apache2-suexec_2.2.16-6+squeeze10_i386.deb 1be7c8ac96f9b781bb99c8f9ecdebef4 101842 httpd extra apache2-suexec-custom_2.2.16-6+squeeze10_i386.deb 5e74ad17705fb3f6c3a211f2c0a80ace 1392 httpd optional apache2_2.2.16-6+squeeze10_i386.deb c6391a385218e106767bf5606e52a57b 137240 httpd extra apache2-prefork-dev_2.2.16-6+squeeze10_i386.deb 79e91ec57afd6f23f607b6a81a01d110 138376 httpd extra apache2-threaded-dev_2.2.16-6+squeeze10_i386.deb 7e18e60c0e2149688e09c8406a9143b5 2682012 debug extra apache2-dbg_2.2.16-6+squeeze10_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFQuHGkbxelr8HyTqQRAslgAKCA0Opfv5SifCO4paKbxvyfbwnF8QCeN+X7 HUMPZu16COiWR22q+DH2xU4= =s8cx -----END PGP SIGNATURE-----