-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 05 Oct 2009 19:07:08 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: alpha Version: 2.2.9-10+lenny5 Distribution: stable Urgency: low Maintainer: Debian Build Daemon Changed-By: Stefan Fritsch Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 517089 524268 528951 537665 545951 Changes: apache2 (2.2.9-10+lenny5) stable; urgency=low . * Minor security fixes in mod_proxy_ftp (closes: #545951): - DoS by malicious ftp server (CVE-2009-3094) - missing input sanitization: a user could execute arbitrary ftp commands on the backend ftp server (CVE-2009-3095) * Fix segfault in legacy ap_r* API which is triggered more often since the fix for CVE-2009-1891 was applied (closes: #537665). * Take care to not override existing index.shtml files when upgrading from before 2.2.8-1 (closes: #517089). * mod_deflate: Fix invalid etag to be emitted for on-the-fly gzip content-encoding. This prevented apache from sending "304 NOT MODIFIED" responses for compressed content. * mod_rewrite: Fix "B" flag breakage (closes: #524268) * Properly declare that apache2-suexec* replace files in old versions of apache2.2-common (closes: #528951). * Remove other_vhosts_access.log on package purge. Checksums-Sha1: aec9fed3222ac78d002c8eaf0ea7ca6507a06ca6 848734 apache2.2-common_2.2.9-10+lenny5_alpha.deb a3d7b5bdffe76ecb2b87e86b5a8680ec994b48bd 261556 apache2-mpm-worker_2.2.9-10+lenny5_alpha.deb 8f488062fc27a95571b9423a6c2bbe74d03eaed7 256476 apache2-mpm-prefork_2.2.9-10+lenny5_alpha.deb 92ca985772f2327c0b83f58877859ebdd31e160b 262218 apache2-mpm-event_2.2.9-10+lenny5_alpha.deb 6a48340ee83db8ea4778adfd2e943edc33a48c9a 147728 apache2-utils_2.2.9-10+lenny5_alpha.deb b3631586b99267b37ec3c3ebbc2d0dc734e828ed 82618 apache2-suexec_2.2.9-10+lenny5_alpha.deb 6b5a0bc15ae977a471c6803a7f455eceb2d6a7b3 84338 apache2-suexec-custom_2.2.9-10+lenny5_alpha.deb 4b9461ecad2dfb5f405216a44dbcdcbae4c94d3c 208576 apache2-prefork-dev_2.2.9-10+lenny5_alpha.deb f34a1b785a799aa7910d54fea0b84ee5a84d2dd6 209606 apache2-threaded-dev_2.2.9-10+lenny5_alpha.deb 01b4992bb4ee42d9539a8aaeaa131e686b3abe81 2401662 apache2-dbg_2.2.9-10+lenny5_alpha.deb Checksums-Sha256: 20c4124bf4d06ce40e024d4c5cd7ef6c8acfe40197eb0c49d068f023600e0ff0 848734 apache2.2-common_2.2.9-10+lenny5_alpha.deb 7becbc4a29818b6daaaa1d1d4835661aa7d15713e360005c86ca11026835c8ef 261556 apache2-mpm-worker_2.2.9-10+lenny5_alpha.deb da0bbbe1ca2752c1571e17d97ec326d9e47de5e0ef60de453d0dab1c185d877f 256476 apache2-mpm-prefork_2.2.9-10+lenny5_alpha.deb a7beaa802de94514ad4fe369995b6a7ad999490884cca733d04fe51158b07d79 262218 apache2-mpm-event_2.2.9-10+lenny5_alpha.deb cee22d46ef208eb9d2999bcb403a109a4bc351bf767950d57de9cb9fccd5f509 147728 apache2-utils_2.2.9-10+lenny5_alpha.deb d7d147e21a2aa6520ab9fbb210f8e139719e12aa4c279cbcfb231ff2654f9e93 82618 apache2-suexec_2.2.9-10+lenny5_alpha.deb b139f49ad57cc8e8b09b760601b69e69bb865289837dac27d1f161c2e57fb461 84338 apache2-suexec-custom_2.2.9-10+lenny5_alpha.deb ed8b5a1432bd2c9fd9fa9bbd03bfe1da6f4a43b6b9886ac6044ee62c6d33cbe2 208576 apache2-prefork-dev_2.2.9-10+lenny5_alpha.deb 226c729474c926acc6bf5d561ad0be945375e85384b7bee01ce8b3de187de463 209606 apache2-threaded-dev_2.2.9-10+lenny5_alpha.deb 3d261edda17587be87cdc233f47b4d115c2dbf5e38f8b9d5eeaf8169fe155fc0 2401662 apache2-dbg_2.2.9-10+lenny5_alpha.deb Files: 07880514af070ccafa07b47b4dfb6aba 848734 web optional apache2.2-common_2.2.9-10+lenny5_alpha.deb 5d402c905149192d7f4d307c84372c83 261556 web optional apache2-mpm-worker_2.2.9-10+lenny5_alpha.deb de55131eff3870e801dc50dcfe5ae7c1 256476 web optional apache2-mpm-prefork_2.2.9-10+lenny5_alpha.deb 167f43033a65fdd74394f33cc0551648 262218 web optional apache2-mpm-event_2.2.9-10+lenny5_alpha.deb 3ca1091a38d2147c7496a3bd191d08a3 147728 web optional apache2-utils_2.2.9-10+lenny5_alpha.deb ab3e4a1d54ea4ed0cb93faa2e0d719bd 82618 web optional apache2-suexec_2.2.9-10+lenny5_alpha.deb 4a676308458fd0392fd53ac420d045ba 84338 web extra apache2-suexec-custom_2.2.9-10+lenny5_alpha.deb e60a817ab670cecb493951c23c50a851 208576 devel extra apache2-prefork-dev_2.2.9-10+lenny5_alpha.deb 4f843efbb6aa9da60483f27ee91ad6e8 209606 devel extra apache2-threaded-dev_2.2.9-10+lenny5_alpha.deb 9cdf776ac1551fd786cff7adf022f218 2401662 libdevel extra apache2-dbg_2.2.9-10+lenny5_alpha.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrZ74IACgkQ7Ro5M7LPzdgvbwCgqI1P4GPQtKyrtOPZU/MxIt0l 6zcAn0Ad/WVVJ+zrrCdS4pzfQaExVmeQ =Xm9R -----END PGP SIGNATURE-----