Debian Package Tracker

From: Thorsten Alteholz <debian@alteholz.de>
To: <debian-lts-changes@lists.debian.org>
Subject: Accepted passenger 2.2.11debian-2+deb6u1 (source all i386) into squeeze-lts
Date: Mon, 18 Jan 2016 18:49:55 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 28 Jan 2016 18:03:02 +0100
Source: passenger
Binary: libapache2-mod-passenger passenger-doc
Architecture: source all i386
Version: 2.2.11debian-2+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description: 
 libapache2-mod-passenger - Rails and Rack support for Apache2
 passenger-doc - Rails and Rac support for Apache2 - Documentation
Changes: 
 passenger (2.2.11debian-2+deb6u1) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-7519
     agent/Core/Controller/SendRequest.cpp in Phusion Passenger
     before 4.0.60 and 5.0.x before 5.0.22, when used in Apache
     integration mode or in standalone mode without a filtering
     proxy, allows remote attackers to spoof headers passed to
     applications by using an _ (underscore) character instead
     of a - (dash) character in an HTTP header, as demonstrated
     by an X_User header.
Checksums-Sha1: 
 67d6978ff0dd45335a269036af9df731e0edbe42 2065 passenger_2.2.11debian-2+deb6u1.dsc
 2a1633c37af1f26ad8ab03fc7b78a2aeb9b6d412 1626044 passenger_2.2.11debian-2+deb6u1.tar.gz
 8aa97bb5840f32a311df7f76bb425603ffca87b0 629302 passenger-doc_2.2.11debian-2+deb6u1_all.deb
 7d2b0657512b1adc1dda85b082dd416337b21973 403668 libapache2-mod-passenger_2.2.11debian-2+deb6u1_i386.deb
Checksums-Sha256: 
 76325e7c83966d73f2801f7af87b643c4e945317c54b38bcd5a7703d09a05b36 2065 passenger_2.2.11debian-2+deb6u1.dsc
 5f268c20e9cd8bee77fb2ee0d6db48467c184416fe41da656b5030d7cf8a03bc 1626044 passenger_2.2.11debian-2+deb6u1.tar.gz
 f4ad006ba678b949da867b36e1609e55854d04bb72b9371aa7589abdde8239b7 629302 passenger-doc_2.2.11debian-2+deb6u1_all.deb
 913248b1fda1294bd3c5c689174b5d0bd2b8a42986917c26d449553788d28f53 403668 libapache2-mod-passenger_2.2.11debian-2+deb6u1_i386.deb
Files: 
 b3dc8c4f9d90c94da0f5cc96dfb9cba0 2065 web optional passenger_2.2.11debian-2+deb6u1.dsc
 9a420443aeec26a17aa3d41645611e1b 1626044 web optional passenger_2.2.11debian-2+deb6u1.tar.gz
 9526e7748815c7e464a3c4491122ebd7 629302 doc optional passenger-doc_2.2.11debian-2+deb6u1_all.deb
 6720caec4928cbb21246e4ccfd3091d1 403668 web optional libapache2-mod-passenger_2.2.11debian-2+deb6u1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJWnTJMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHibAP/iGOivhPOoHCCcpcV3saNTuH
y8/Q1hQdx+LECIxES0DsRQmffpT6W/HTFldm1roG3i4WvGIJSx5Wd1OVFT94yC2y
5iZWnXUAyeUOdmRYxfivdi4kJNV0LD/TYRRcdYiEK6hMfc7g1g43O4WZfwq1nHAm
VCjEOuBOfwm1V5UmM2H9lSmgs/GE0WhJuH2Bp+/jFW05+Em4gmJVSm4jSQmzC3Ij
8vbpTZOMBURg4GcXRCTLNZ+v1YuIPeMi5xycaXjRLWXhwih2RtHv2uFmYVQv1ycg
Pb5llpxSDI0b0TPZ1rGCkHhAQY2vkktp3OPzxE8COy4hUY2yfspXUrnf+CCI722E
J3odu35/eFYviSY4AKw0UQVqnUkqYL34tlwxLx0GDSdBniJe2XYs5UFyM5SQBUqn
vXTwsP+k0PyqeN2d6UWy5CxfDnK6R2qekL1+gRmDIs3Sr5WN51SVkcP7FwUG+WXb
XOnK5gX90D+BrleRkOGHeHjKr6QRzVO0fGCVOUEyXjVZvObk2qfkGqhB2gPDIzhC
HzDp267Cq1TKGObarrFyrNsALoItKXA/pAwB7dckMqKSWcO2vJkRafmKFD6FXhoG
7HHO7ZPwsUbqnwFC7HeEDXnlhYt+1na12ASd5BPejy1W6QFy4MP7elgpslNF7QvR
xHa3y2cNOjAwONhFvSsB
=O9fY
-----END PGP SIGNATURE-----
News for package passenger
