-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 02 Jul 2012 14:47:33 +0000 Source: libapache-mod-security Binary: libapache-mod-security mod-security-common Architecture: source all i386 Version: 2.5.12-1+squeeze2 Distribution: stable-security Urgency: high Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org> Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org> Description: libapache-mod-security - Tighten web applications security for Apache mod-security-common - Tighten web applications security - common files Closes: 704625 Changes: libapache-mod-security (2.5.12-1+squeeze2) stable-security; urgency=high . * CVE-2013-1915: Fix for XXE attacks. Applied backported patch from 2.7.3. (Closes: #704625) Adds new SecXmlExternalEntity option which by default (Off) disables the external entity load task executed by libxml2. Checksums-Sha1: 4472feb1aeec57eff2308b03fbee27b6f78cc124 1283 libapache-mod-security_2.5.12-1+squeeze2.dsc 768f5ff29abaeb71c43280a9808550c17e1440e7 10769 libapache-mod-security_2.5.12-1+squeeze2.debian.tar.gz d123776838f467d2f676133d8a93e02797541da0 961526 mod-security-common_2.5.12-1+squeeze2_all.deb e10feb33b9eb39fe98dd14c880e8512d70c17f63 114430 libapache-mod-security_2.5.12-1+squeeze2_i386.deb Checksums-Sha256: 654ab7973fcbd79c6fc10438bbc995f06b1f66ef8bb03894339e7895a4105a0e 1283 libapache-mod-security_2.5.12-1+squeeze2.dsc 7b958e8f695e0fefe16fda2c34731aaa1c57a9a5a50dae9cafd649495cb6cdff 10769 libapache-mod-security_2.5.12-1+squeeze2.debian.tar.gz 323145d8068e972e84014052a61fee54b81089ba6c716d2542904eaa94106d6b 961526 mod-security-common_2.5.12-1+squeeze2_all.deb bf54cd81663fb11934e0f91a4781cbf635870b70a9512f97793b5cd819de4d3b 114430 libapache-mod-security_2.5.12-1+squeeze2_i386.deb Files: 19655d5c5c65857e2a7c271db29133a3 1283 httpd optional libapache-mod-security_2.5.12-1+squeeze2.dsc e90fb879eb247a782eabca20395757e8 10769 httpd optional libapache-mod-security_2.5.12-1+squeeze2.debian.tar.gz f2352b44ee9e3ff1a6af0b2e5b518a35 961526 httpd optional mod-security-common_2.5.12-1+squeeze2_all.deb 461c539be94a4eb33692e7061ff98903 114430 httpd optional libapache-mod-security_2.5.12-1+squeeze2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlFi4zgACgkQxRSvjkukAcNb0QCfe13uxOQbiHNw76trXYjfL1ZZ fngAoKmoalP/SdXgYiq6qnG54smYW4+J =PO0x -----END PGP SIGNATURE-----
