On Wed, Jul 18, 2007 at 11:28:39PM +0200, Martin Zobel-Helas wrote: > Hi, > > On Wed Jul 18, 2007 at 23:24:19 +0200, Stefan Fritsch wrote: > > Hi, > > > > please review apache2 2.0.54-5sarge2 for the next sarge point release: > > > > > > apache2 (2.0.54-5sarge2) stable; urgency=low > > > > * Fix some less critical security issues: > > * Denial of service for threaded MPMs: > > - CVE-2005-2970: mpm_worker memory leak > > - CVE-2005-3357: mod_ssl with custom errorpage > > - CVE-2007-1863: mod_cache > > * Cross site scripting: > > - CVE-2005-3352: mod_imap > > - CVE-2006-3918: via Expect header > > - CVE-2006-5752: mod_status > > * Add check for scoreboard PID protection (CVE-2007-3304) > > > > -- Stefan Fritsch <[EMAIL PROTECTED]> Mon, 16 Jul 2007 23:12:36 +0200 > > Moritz, will this be going via security?
No, none of these warrants a DSA. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]