-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 05 Oct 2009 19:07:08 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: hppa Version: 2.2.9-10+lenny5 Distribution: stable Urgency: low Maintainer: hppa Build Daemon Changed-By: Stefan Fritsch Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 517089 524268 528951 537665 545951 Changes: apache2 (2.2.9-10+lenny5) stable; urgency=low . * Minor security fixes in mod_proxy_ftp (closes: #545951): - DoS by malicious ftp server (CVE-2009-3094) - missing input sanitization: a user could execute arbitrary ftp commands on the backend ftp server (CVE-2009-3095) * Fix segfault in legacy ap_r* API which is triggered more often since the fix for CVE-2009-1891 was applied (closes: #537665). * Take care to not override existing index.shtml files when upgrading from before 2.2.8-1 (closes: #517089). * mod_deflate: Fix invalid etag to be emitted for on-the-fly gzip content-encoding. This prevented apache from sending "304 NOT MODIFIED" responses for compressed content. * mod_rewrite: Fix "B" flag breakage (closes: #524268) * Properly declare that apache2-suexec* replace files in old versions of apache2.2-common (closes: #528951). * Remove other_vhosts_access.log on package purge. Checksums-Sha1: a3d82efd3415e5b30bf1237868e01f2e278196a2 896486 apache2.2-common_2.2.9-10+lenny5_hppa.deb db0de26f8b0105fcf840ce5336dfae4daf10be6a 245670 apache2-mpm-worker_2.2.9-10+lenny5_hppa.deb cbf474d0b8ca07fcc970b07111cda9576ba126f9 241478 apache2-mpm-prefork_2.2.9-10+lenny5_hppa.deb 1c29c0ae5e1e551ad0f7c1f59cdea9b2cb5d8706 246258 apache2-mpm-event_2.2.9-10+lenny5_hppa.deb a563fd5b57bf110dc64b5b8a02005ff04b782890 152944 apache2-utils_2.2.9-10+lenny5_hppa.deb 5b54717bec9371d7c7480c69a8fb06dbd1151f48 82064 apache2-suexec_2.2.9-10+lenny5_hppa.deb 0a2818de6e1c988a693cc7309808903fde1c01e7 83890 apache2-suexec-custom_2.2.9-10+lenny5_hppa.deb 0786ef185221c5d509e093b32c935a52542e838e 211610 apache2-prefork-dev_2.2.9-10+lenny5_hppa.deb b8f5d93902793235ef56b7e51895e6f83cd86888 212904 apache2-threaded-dev_2.2.9-10+lenny5_hppa.deb d5e6c172d4913a4afd5bfa5e6cab972f781a07fb 2383448 apache2-dbg_2.2.9-10+lenny5_hppa.deb Checksums-Sha256: a50f57a598ec40d4cadac5e82109e094972d90ad6442cf6c3d69354b4c680dc5 896486 apache2.2-common_2.2.9-10+lenny5_hppa.deb fbf1d99600184c76e1220953fec4364cfe78c1e6c1a7559601a4827c6a09f875 245670 apache2-mpm-worker_2.2.9-10+lenny5_hppa.deb 6c096a3d9659edfc27b803ebfaf33e425fb962cbec66f877553353cda32b7c09 241478 apache2-mpm-prefork_2.2.9-10+lenny5_hppa.deb eb5016cdc636ae255d6e66d24fe074594828e9190a7571bf907a1fcaaaa35ecc 246258 apache2-mpm-event_2.2.9-10+lenny5_hppa.deb ffc8a9032731f6aff18e295cb20d34b0840523dacef13f5d0c28201d56445353 152944 apache2-utils_2.2.9-10+lenny5_hppa.deb 6a3e10fe545da933093ed91567abacf70067a2c117be4f658d063f2f90dfeafd 82064 apache2-suexec_2.2.9-10+lenny5_hppa.deb 83d1a7c3b501c472f5fe6150f84c5f84e3f4dce00582e59ae857f7b730b181fa 83890 apache2-suexec-custom_2.2.9-10+lenny5_hppa.deb f01e93620304216691abdcf839130c2116394a7971da46a1f11d4b142de8e5d6 211610 apache2-prefork-dev_2.2.9-10+lenny5_hppa.deb de6bb6dbf3e4682af5cc67426b7230edada2640bfd5c33031d6d1191f07bf02b 212904 apache2-threaded-dev_2.2.9-10+lenny5_hppa.deb 114559649f00a33edc3ac363518646f39f0fdbf0119f5729bf6d3504fed3e232 2383448 apache2-dbg_2.2.9-10+lenny5_hppa.deb Files: de6ac1f7d81761e84bbbf1e82d691840 896486 web optional apache2.2-common_2.2.9-10+lenny5_hppa.deb 8a8abb3eba071cead21213c8245b5027 245670 web optional apache2-mpm-worker_2.2.9-10+lenny5_hppa.deb efbdad148de6d91509ed34edc425c053 241478 web optional apache2-mpm-prefork_2.2.9-10+lenny5_hppa.deb e34ef2c351490192a6d4a4919a8edb6d 246258 web optional apache2-mpm-event_2.2.9-10+lenny5_hppa.deb d9f4dabd8eece38533599d71925a0396 152944 web optional apache2-utils_2.2.9-10+lenny5_hppa.deb fa87b1509869055dd1b3bfdf7f6b349e 82064 web optional apache2-suexec_2.2.9-10+lenny5_hppa.deb e66c53f650331db809262799b9a9a529 83890 web extra apache2-suexec-custom_2.2.9-10+lenny5_hppa.deb 6b6efd4176fddc9ed86fe2bd81752537 211610 devel extra apache2-prefork-dev_2.2.9-10+lenny5_hppa.deb 0cb5ae6df3c922da9ad60539cf286c9e 212904 devel extra apache2-threaded-dev_2.2.9-10+lenny5_hppa.deb 08e915e636489ae6de65ad77a947cde2 2383448 libdevel extra apache2-dbg_2.2.9-10+lenny5_hppa.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrZ74cACgkQ7Ro5M7LPzdhRTgCdH+gkVLKCKSsqvrGxsMJ/rgJa Qa8AoJcCzjlsLW0b2kK0UyfIx11N4MbS =PHqT -----END PGP SIGNATURE-----