-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 05 Oct 2009 19:07:08 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: arm Version: 2.2.9-10+lenny5 Distribution: stable Urgency: low Maintainer: Debian/ARM Build Daemon Changed-By: Stefan Fritsch Description: apache2 - Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 517089 524268 528951 537665 545951 Changes: apache2 (2.2.9-10+lenny5) stable; urgency=low . * Minor security fixes in mod_proxy_ftp (closes: #545951): - DoS by malicious ftp server (CVE-2009-3094) - missing input sanitization: a user could execute arbitrary ftp commands on the backend ftp server (CVE-2009-3095) * Fix segfault in legacy ap_r* API which is triggered more often since the fix for CVE-2009-1891 was applied (closes: #537665). * Take care to not override existing index.shtml files when upgrading from before 2.2.8-1 (closes: #517089). * mod_deflate: Fix invalid etag to be emitted for on-the-fly gzip content-encoding. This prevented apache from sending "304 NOT MODIFIED" responses for compressed content. * mod_rewrite: Fix "B" flag breakage (closes: #524268) * Properly declare that apache2-suexec* replace files in old versions of apache2.2-common (closes: #528951). * Remove other_vhosts_access.log on package purge. Checksums-Sha1: 2fb5daed6359e211e6a3600167415646dfa4c2e3 771706 apache2.2-common_2.2.9-10+lenny5_arm.deb cf85d14e1609700f72f367415051f070430b7249 223710 apache2-mpm-worker_2.2.9-10+lenny5_arm.deb 4f96b7c2e0c1a9ee9126cf148ed84ada7062d72b 219148 apache2-mpm-prefork_2.2.9-10+lenny5_arm.deb 8da0226db63c56435327163aa3053e154c51b5e6 224582 apache2-mpm-event_2.2.9-10+lenny5_arm.deb 52308fd2deb5130bad29c1a6b01599ccc4a7d2c1 146878 apache2-utils_2.2.9-10+lenny5_arm.deb 9405c635ad62837550a4106b2636047a55fbf6d2 81706 apache2-suexec_2.2.9-10+lenny5_arm.deb 2fe7183bb8e59c0eae0f42e9d0ae029bd3c32530 83416 apache2-suexec-custom_2.2.9-10+lenny5_arm.deb b685ecfca0a8713affcebbedca441ae8cabe8bf9 208586 apache2-prefork-dev_2.2.9-10+lenny5_arm.deb 2d4e80a6367f060b78061e741f4a2cff38ad5f98 209594 apache2-threaded-dev_2.2.9-10+lenny5_arm.deb 362494a4df56af09b9418635e2ad14e001ede4ae 2321330 apache2-dbg_2.2.9-10+lenny5_arm.deb Checksums-Sha256: 3a97f8173e597408c7032d829a4fbd0d9dff3e958be2467539782b7fc6e7acf4 771706 apache2.2-common_2.2.9-10+lenny5_arm.deb e76aeeb6d956ff50afbf4e9c68f7eaed0fa8970f661d636a7a3c4ae4f826617a 223710 apache2-mpm-worker_2.2.9-10+lenny5_arm.deb 4e49dcfc6af942f317055e037efdd7469a52d9860aadbdd7958199f7c4e68f34 219148 apache2-mpm-prefork_2.2.9-10+lenny5_arm.deb e45c7dffd3426d5657c75fab3f15c478512216134c6a4dd7d95c83c44f03f7a5 224582 apache2-mpm-event_2.2.9-10+lenny5_arm.deb f86ae6045b80ac85a3b72587c3676e5aedeed644454ec036b88abf1f00e8c70a 146878 apache2-utils_2.2.9-10+lenny5_arm.deb cb1c879015e378d758f2adcf3b55d0b598048057e209374d7e3bd8adf81649e1 81706 apache2-suexec_2.2.9-10+lenny5_arm.deb 12308906210542608e93594c7c1df343d46e355487d1b5fe0140b4e09c6723de 83416 apache2-suexec-custom_2.2.9-10+lenny5_arm.deb d169d9bdda4c02c32350bc5dc70ecf02e9939ec1ac45793b3c28a149b84f4ac7 208586 apache2-prefork-dev_2.2.9-10+lenny5_arm.deb 16e100a911250397a3f395e2653832253b6a6db5643e6d08ca2bb83bf9151cd9 209594 apache2-threaded-dev_2.2.9-10+lenny5_arm.deb 64d70a6b99cbe1b37f783e7ba5385d03755737c1a40763d305392b1be65434eb 2321330 apache2-dbg_2.2.9-10+lenny5_arm.deb Files: 176f37aa21d41fd185b6dfb6f092e0d0 771706 web optional apache2.2-common_2.2.9-10+lenny5_arm.deb 2933f8405c3bd0f18fd62f3c979a1842 223710 web optional apache2-mpm-worker_2.2.9-10+lenny5_arm.deb 76baf76cf6ef9a0f166d34d5eeb41550 219148 web optional apache2-mpm-prefork_2.2.9-10+lenny5_arm.deb 80e3bcd16ddf8e60c5cac45d20ee579c 224582 web optional apache2-mpm-event_2.2.9-10+lenny5_arm.deb 3b2a50829dc03f5a2fb4a124079b8dae 146878 web optional apache2-utils_2.2.9-10+lenny5_arm.deb 86dead658e9738fc15a130e54cdd0caf 81706 web optional apache2-suexec_2.2.9-10+lenny5_arm.deb 5870c40e9fba63dbe622e03dc205bcb8 83416 web extra apache2-suexec-custom_2.2.9-10+lenny5_arm.deb 37ec4b763bec08f58991c9c8fba45746 208586 devel extra apache2-prefork-dev_2.2.9-10+lenny5_arm.deb a0deda5364dc91df127ee08f70cb507a 209594 devel extra apache2-threaded-dev_2.2.9-10+lenny5_arm.deb ae195154184949af29b851fbdacf0c52 2321330 libdevel extra apache2-dbg_2.2.9-10+lenny5_arm.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK31/ww3ao2vG823MRAhV8AJ0QRB3DnWAjkOvB8PMuIad52KRSfgCeLf8j LuVTfTkQA1NIGgDNfkLdLTU= =eAvR -----END PGP SIGNATURE-----