Bug#316173: marked as done (SECURITY: HTTP proxy responses with both Transfer-Encoding and Content-Length headers (CAN-2005-2088))

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#316173: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 28 Jun 2005 22:49:46 +
From [EMAIL PROTECTED] Tue Jun 28 15:49:44 2005
Return-path: [EMAIL PROTECTED]
Received: from inutil.org (vserver151.vserver151.serverflex.de) 
[193.22.164.111] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnOtj-0005fj-00; Tue, 28 Jun 2005 15:49:43 -0700
Received: from dsl-082-082-137-197.arcor-ip.net ([82.82.137.197] 
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa 
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DnOo7-0006DV-N0
for [EMAIL PROTECTED]; Wed, 29 Jun 2005 00:43:55 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.51)
id 1DnOtX-0001i1-IX; Wed, 29 Jun 2005 00:49:31 +0200
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: apache2: Security issues in HTTP proxy responses with both 
Transfer-Encoding
 and Content-Length headers
X-Mailer: reportbug 3.15
Date: Wed, 29 Jun 2005 00:49:31 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
X-SA-Exim-Connect-IP: 82.82.137.197
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond 
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: apache2
Severity: grave
Tags: security
Justification: user security hole

Latest 2.1.6-alpha fixes a security in the proxy HTTP code:

| The 2.1.6-alpha release addresses a security vulnerability present
| in all previous 2.x versions.  This fault did not affect Apache 1.3.x
| (which did not proxy keepalives or chunked transfer encoding);

|Proxy HTTP: If a response contains both Transfer-Encoding
|and a Content-Length, remove the Content-Length to eliminate
|an HTTP Request Smuggling vulnerability and don't reuse the
|connection, stopping some HTTP Request Spoofing attacks.

Cheers,
Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

---
Received: (at 316173-close) by bugs.debian.org; 17 Dec 2005 08:11:10 +
From [EMAIL PROTECTED] Sat Dec 17 00:11:10 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003C7-9d; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#316173: fixed in apache2 2.0.54-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sat, 17 Dec 2005 00:05:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 3

Source: apache2
Source-Version: 2.0.54-5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-common_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5_i386.deb
apache2-doc_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5_all.deb
apache2-mpm-perchild_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
apache2-mpm-prefork_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
apache2-mpm-threadpool_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
apache2-mpm-worker_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
apache2-prefork-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb

Bug#320048: marked as done (SECURITY: buffer-overrun in apache2-ssl (CAN-2005-1268))

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#320048: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 Jul 2005 17:11:21 +
From [EMAIL PROTECTED] Tue Jul 26 10:11:21 2005
Return-path: [EMAIL PROTECTED]
Received: from mail.incase.de [85.10.192.47] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DxSxd-0007O9-00; Tue, 26 Jul 2005 10:11:21 -0700
Received: from localhost (localhost [127.0.0.1])
by mail1_1.incase.de (Postfix) with ESMTP id 0C19B251B18
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 19:10:46 +0200 (CEST)
Received: from mail.incase.de ([127.0.0.1])
by localhost (mail1.incase.de [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 28020-01 for [EMAIL PROTECTED];
Tue, 26 Jul 2005 19:10:44 +0200 (CEST)
Received: from mail2.incase.de (mail.incase.de [85.10.192.47])
by mail.incase.de (Postfix) with SMTP id B17F6251B17
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 19:10:44 +0200 (CEST)
Received: by mail2.incase.de (sSMTP sendmail emulation); Tue, 26 Jul 2005 
19:10:44 +0200
Content-Type: multipart/mixed; boundary1719839988==
MIME-Version: 1.0
From: Sven Mueller [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: security: Buffer overflow in ssl_engine_kernel.c
X-Mailer: reportbug 3.8
Date: Tue, 26 Jul 2005 19:10:44 +0200
Message-Id: [EMAIL PROTECTED]
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at incase.de
X-Spam-Bayes: Score: 0. Tokensummary: Tokens: new, 47; hammy, 98; neutral,
 61; spammy, 0.
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02

This is a multi-part MIME message sent by reportbug.

--===1719839988==
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: apache2
Version: 2.0.54-4
Severity: grave
Tags: security, patch
Justification: possible DoS


There is a buffer overflow (off-by-one in buffer size checks) in
ssl_engine_kernel.c which could be exploited to DoS the server.

Upstream bug report at
http://issues.apache.org/bugzilla/show_bug.cgi?id=35081

Upstream patch at
http://svn.apache.org/viewcvs.cgi/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=179781view=diffr1=179781r2=179780p1=httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.cp2=/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

(SVN revision 179781)

patch which can be dropped into the Debian package as
043_fix_buffer_overflow_in_ssl_engine_kernel is attached

-- System Information:
Debian Release: 3.1
  APT prefers stable
Architecture: i386 (i686)
Kernel: Linux 2.6.11.12-incase
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages apache2 depends on:
ii  apache2-mpm-prefork   2.0.54-4   traditional model for Apache2

-- no debconf information

--===1719839988==
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=043_fix_buffer_overflow_in_ssl_engine_kernel

diff -ruN -x Makefile.in -x configure -x '*~' -x build-tree.orig -x '*.rej' 
build-tree.orig/apache2/config.layout build-tree/apache2/config.layout
--- build-tree.orig/apache2/modules/ssl/ssl_engine_kernel.c 2005/06/03 
12:43:35 179780
+++ build-tree/apache2/modules/ssl/ssl_engine_kernel.c  2005/06/03 12:54:53 
179781
@@ -1408,7 +1408,7 @@
 BIO_printf(bio, , nextUpdate: );
 ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
 
-n = BIO_read(bio, buff, sizeof(buff));
+n = BIO_read(bio, buff, sizeof(buff) - 1);
 buff[n] = '\0';
 
 BIO_free(bio);



--===1719839988==--


---
Received: (at 320048-close) by bugs.debian.org; 17 Dec 2005 08:11:00 +
From [EMAIL PROTECTED] Sat Dec 17 00:11:00 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003CA-Ae; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision:

Bug#320063: marked as done (Security: buffer-overrun in apache2-ssl)

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#320048: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 Jul 2005 18:45:58 +
From [EMAIL PROTECTED] Tue Jul 26 11:45:58 2005
Return-path: [EMAIL PROTECTED]
Received: from svr.bitshelter.net (mx0.bitshelter.net) [85.10.193.115] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DxURC-0002H7-00; Tue, 26 Jul 2005 11:45:58 -0700
Received: from localhost (localhost [127.0.0.1])
by mx0.bitshelter.net (Postfix) with ESMTP id 2AC873FFEC
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 20:45:54 +0200 (CEST)
Received: from mx0.bitshelter.net ([127.0.0.1])
by localhost (svr.bitshelter.net [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 29705-01-2 for [EMAIL PROTECTED];
Tue, 26 Jul 2005 20:45:39 +0200 (CEST)
Received: from nz (J1afb.j.pppool.de [85.74.26.251])
(using TLSv1 with cipher RC4-MD5 (128/128 bits))
(No client certificate requested)
by mx0.bitshelter.net (Postfix) with ESMTP id 6A0BD3FF4A
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 20:45:39 +0200 (CEST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Security: buffer-overrun in apache2-ssl
Date: Tue, 26 Jul 2005 20:45:35 +0200
User-Agent: KMail/1.8.1
X-Fingerprint: BBF9 60C6 892A A542 0006 B208 63F8 974C 8DC6 9FB4
X-PGP: 8DC69FB4
MIME-Version: 1.0
Content-Type: text/plain;
  charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02


Package: apache2
Version: 2.0.54-4
Severity:critical
Tags: security, fixed-upstream

There is a possible remote-exploitable buffer overrun in the Apache2 ssl 
implementation. A patch is available.

See
http://issues.apache.org/bugzilla/show_bug.cgi?id=35081
and
http://svn.apache.org/viewcvs?rev=189562view=rev

---
Received: (at 320048-close) by bugs.debian.org; 17 Dec 2005 08:11:00 +
From [EMAIL PROTECTED] Sat Dec 17 00:11:00 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003CA-Ae; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#320048: fixed in apache2 2.0.54-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sat, 17 Dec 2005 00:05:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2

Source: apache2
Source-Version: 2.0.54-5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-common_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5_i386.deb
apache2-doc_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5_all.deb
apache2-mpm-perchild_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
apache2-mpm-prefork_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
apache2-mpm-threadpool_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
apache2-mpm-worker_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
apache2-prefork-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb
apache2-threaded-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb
apache2-utils_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-utils_2.0.54-5_i386.deb
apache2_2.0.54-5.diff.gz
  to pool/main/a/apache2/apache2_2.0.54-5.diff.gz
apache2_2.0.54-5.dsc
  to pool/main/a/apache2/apache2_2.0.54-5.dsc
apache2_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2_2.0.54-5_i386.deb
libapr0-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/libapr0-dev_2.0.54-5_i386.deb
libapr0_2.0.54-5_i386.deb

Bug#320063: marked as done (Security: buffer-overrun in apache2-ssl)

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#320063: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 Jul 2005 18:45:58 +
From [EMAIL PROTECTED] Tue Jul 26 11:45:58 2005
Return-path: [EMAIL PROTECTED]
Received: from svr.bitshelter.net (mx0.bitshelter.net) [85.10.193.115] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DxURC-0002H7-00; Tue, 26 Jul 2005 11:45:58 -0700
Received: from localhost (localhost [127.0.0.1])
by mx0.bitshelter.net (Postfix) with ESMTP id 2AC873FFEC
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 20:45:54 +0200 (CEST)
Received: from mx0.bitshelter.net ([127.0.0.1])
by localhost (svr.bitshelter.net [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 29705-01-2 for [EMAIL PROTECTED];
Tue, 26 Jul 2005 20:45:39 +0200 (CEST)
Received: from nz (J1afb.j.pppool.de [85.74.26.251])
(using TLSv1 with cipher RC4-MD5 (128/128 bits))
(No client certificate requested)
by mx0.bitshelter.net (Postfix) with ESMTP id 6A0BD3FF4A
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 20:45:39 +0200 (CEST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Security: buffer-overrun in apache2-ssl
Date: Tue, 26 Jul 2005 20:45:35 +0200
User-Agent: KMail/1.8.1
X-Fingerprint: BBF9 60C6 892A A542 0006 B208 63F8 974C 8DC6 9FB4
X-PGP: 8DC69FB4
MIME-Version: 1.0
Content-Type: text/plain;
  charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02


Package: apache2
Version: 2.0.54-4
Severity:critical
Tags: security, fixed-upstream

There is a possible remote-exploitable buffer overrun in the Apache2 ssl 
implementation. A patch is available.

See
http://issues.apache.org/bugzilla/show_bug.cgi?id=35081
and
http://svn.apache.org/viewcvs?rev=189562view=rev

---
Received: (at 320063-close) by bugs.debian.org; 17 Dec 2005 08:10:59 +
From [EMAIL PROTECTED] Sat Dec 17 00:10:59 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003CC-Bc; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#320063: fixed in apache2 2.0.54-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sat, 17 Dec 2005 00:05:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02

Source: apache2
Source-Version: 2.0.54-5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-common_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5_i386.deb
apache2-doc_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5_all.deb
apache2-mpm-perchild_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
apache2-mpm-prefork_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
apache2-mpm-threadpool_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
apache2-mpm-worker_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
apache2-prefork-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb
apache2-threaded-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb
apache2-utils_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-utils_2.0.54-5_i386.deb
apache2_2.0.54-5.diff.gz
  to pool/main/a/apache2/apache2_2.0.54-5.diff.gz
apache2_2.0.54-5.dsc
  to pool/main/a/apache2/apache2_2.0.54-5.dsc
apache2_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2_2.0.54-5_i386.deb
libapr0-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/libapr0-dev_2.0.54-5_i386.deb
libapr0_2.0.54-5_i386.deb
  to

Bug#320048: marked as done (SECURITY: buffer-overrun in apache2-ssl (CAN-2005-1268))

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#320063: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 Jul 2005 17:11:21 +
From [EMAIL PROTECTED] Tue Jul 26 10:11:21 2005
Return-path: [EMAIL PROTECTED]
Received: from mail.incase.de [85.10.192.47] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DxSxd-0007O9-00; Tue, 26 Jul 2005 10:11:21 -0700
Received: from localhost (localhost [127.0.0.1])
by mail1_1.incase.de (Postfix) with ESMTP id 0C19B251B18
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 19:10:46 +0200 (CEST)
Received: from mail.incase.de ([127.0.0.1])
by localhost (mail1.incase.de [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 28020-01 for [EMAIL PROTECTED];
Tue, 26 Jul 2005 19:10:44 +0200 (CEST)
Received: from mail2.incase.de (mail.incase.de [85.10.192.47])
by mail.incase.de (Postfix) with SMTP id B17F6251B17
for [EMAIL PROTECTED]; Tue, 26 Jul 2005 19:10:44 +0200 (CEST)
Received: by mail2.incase.de (sSMTP sendmail emulation); Tue, 26 Jul 2005 
19:10:44 +0200
Content-Type: multipart/mixed; boundary1719839988==
MIME-Version: 1.0
From: Sven Mueller [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: security: Buffer overflow in ssl_engine_kernel.c
X-Mailer: reportbug 3.8
Date: Tue, 26 Jul 2005 19:10:44 +0200
Message-Id: [EMAIL PROTECTED]
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at incase.de
X-Spam-Bayes: Score: 0. Tokensummary: Tokens: new, 47; hammy, 98; neutral,
 61; spammy, 0.
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02

This is a multi-part MIME message sent by reportbug.

--===1719839988==
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: apache2
Version: 2.0.54-4
Severity: grave
Tags: security, patch
Justification: possible DoS


There is a buffer overflow (off-by-one in buffer size checks) in
ssl_engine_kernel.c which could be exploited to DoS the server.

Upstream bug report at
http://issues.apache.org/bugzilla/show_bug.cgi?id=35081

Upstream patch at
http://svn.apache.org/viewcvs.cgi/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=179781view=diffr1=179781r2=179780p1=httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.cp2=/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

(SVN revision 179781)

patch which can be dropped into the Debian package as
043_fix_buffer_overflow_in_ssl_engine_kernel is attached

-- System Information:
Debian Release: 3.1
  APT prefers stable
Architecture: i386 (i686)
Kernel: Linux 2.6.11.12-incase
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages apache2 depends on:
ii  apache2-mpm-prefork   2.0.54-4   traditional model for Apache2

-- no debconf information

--===1719839988==
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=043_fix_buffer_overflow_in_ssl_engine_kernel

diff -ruN -x Makefile.in -x configure -x '*~' -x build-tree.orig -x '*.rej' 
build-tree.orig/apache2/config.layout build-tree/apache2/config.layout
--- build-tree.orig/apache2/modules/ssl/ssl_engine_kernel.c 2005/06/03 
12:43:35 179780
+++ build-tree/apache2/modules/ssl/ssl_engine_kernel.c  2005/06/03 12:54:53 
179781
@@ -1408,7 +1408,7 @@
 BIO_printf(bio, , nextUpdate: );
 ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
 
-n = BIO_read(bio, buff, sizeof(buff));
+n = BIO_read(bio, buff, sizeof(buff) - 1);
 buff[n] = '\0';
 
 BIO_free(bio);



--===1719839988==--


---
Received: (at 320063-close) by bugs.debian.org; 17 Dec 2005 08:10:59 +
From [EMAIL PROTECTED] Sat Dec 17 00:10:59 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003CC-Bc; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision:

Bug#326435: marked as done (CAN-2005-2728: DoS through overly long Range values passed to the byte-range filter)

2005-12-17 Thread Debian Bug Tracking System 
Your message dated Sat, 17 Dec 2005 00:05:09 -0800
with message-id [EMAIL PROTECTED]
and subject line Bug#326435: fixed in apache2 2.0.54-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 3 Sep 2005 09:52:21 +
From [EMAIL PROTECTED] Sat Sep 03 02:52:21 2005
Return-path: [EMAIL PROTECTED]
Received: from (vserver151.vserver151.serverflex.de) [193.22.164.111] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EBUhA-000690-00; Sat, 03 Sep 2005 02:52:21 -0700
Received: from dsl-082-082-147-113.arcor-ip.net ([82.82.147.113] 
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa 
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1EBUh5-0007MF-M0
for [EMAIL PROTECTED]; Sat, 03 Sep 2005 11:52:15 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.52)
id 1EBUhm-0001WK-DA; Sat, 03 Sep 2005 11:52:58 +0200
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: CAN-2005-2728: DoS through overly long Range values passed to the 
byte-range
 filter
X-Mailer: reportbug 3.17
Date: Sat, 03 Sep 2005 11:52:58 +0200
X-Debbugs-Cc: Debian Security Team [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
X-SA-Exim-Connect-IP: 82.82.147.113
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond 
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02

Package: apache2
Severity: important
Tags: security

CAN-2005-2728 describes a DoS vulnerability through overly long values
in the Range field. Please see 
http://issues.apache.org/bugzilla/show_bug.cgi?id=29962
for a more complete description and a patch.

Cheers,
Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

---
Received: (at 326435-close) by bugs.debian.org; 17 Dec 2005 08:11:11 +
From [EMAIL PROTECTED] Sat Dec 17 00:11:11 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EnX41-0003CF-Ch; Sat, 17 Dec 2005 00:05:09 -0800
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.17 $
Subject: Bug#326435: fixed in apache2 2.0.54-5
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Sat, 17 Dec 2005 00:05:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 4

Source: apache2
Source-Version: 2.0.54-5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-common_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5_i386.deb
apache2-doc_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5_all.deb
apache2-mpm-perchild_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
apache2-mpm-prefork_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
apache2-mpm-threadpool_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
apache2-mpm-worker_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
apache2-prefork-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb
apache2-threaded-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb
apache2-utils_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-utils_2.0.54-5_i386.deb
apache2_2.0.54-5.diff.gz
  to pool/main/a/apache2/apache2_2.0.54-5.diff.gz
apache2_2.0.54-5.dsc
  to pool/main/a/apache2/apache2_2.0.54-5.dsc
apache2_2.0.54-5_i386.deb
  to

apache2_2.0.54-5_i386.changes INSTALLED into stable

2005-12-17 Thread Debian Installer 

Installing:
apache2-common_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-common_2.0.54-5_i386.deb
apache2-doc_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.0.54-5_all.deb
apache2-mpm-perchild_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb
apache2-mpm-prefork_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb
apache2-mpm-threadpool_2.0.54-5_all.deb
  to pool/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb
apache2-mpm-worker_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb
apache2-prefork-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb
apache2-threaded-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb
apache2-utils_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2-utils_2.0.54-5_i386.deb
apache2_2.0.54-5.diff.gz
  to pool/main/a/apache2/apache2_2.0.54-5.diff.gz
apache2_2.0.54-5.dsc
  to pool/main/a/apache2/apache2_2.0.54-5.dsc
apache2_2.0.54-5_i386.deb
  to pool/main/a/apache2/apache2_2.0.54-5_i386.deb
libapr0-dev_2.0.54-5_i386.deb
  to pool/main/a/apache2/libapr0-dev_2.0.54-5_i386.deb
libapr0_2.0.54-5_i386.deb
  to pool/main/a/apache2/libapr0_2.0.54-5_i386.deb
Announcing to debian-changes@lists.debian.org
Closing bugs: 316173 320048 320063 326435 


Thank you for your contribution to Debian.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Disattivazione completata.

2005-12-17 Thread opt-in 

Grazie per aver utilizzato i servizi AMGI .

L'indirizzo email [EMAIL PROTECTED] รจ stato inserito nella lista di esclusione 
(BlackList).

Per riattivarlo clicca questo link: http://www2.amgi.it/mailing/mailing/[EMAIL 
PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

2 neue Kontaktanzeige(n) fuer Dich

2005-12-17 Thread email-partner.com 
   
1 Million neue Baeume fuer die Welt -
  jetzt dabeisein und sogar mitverdienen!
http://email-partner.com/nlforestation.asp
   


Hallo,

hier kommt der Newsletter von http://email-partner.com/newsletter.asp mit neuen 
Anzeigen sortiert nach PLZ, die Deinen Suchkriterien entsprechen! Um sie zu 
lesen und zu beantworten, besuche bitte unseren Website und klicke auf 
'Anzeigen lesen':


   -
   Erotik-/Hardcore-DVDs selbst brennen
   und hunderte heisse Videos downloaden
   mit FLATRATE zum Preis einer Kauf-CD!
   http://email-partner.com/nldvd.asp
   -


 Annette, 27/170/schlank aus 509 Koeln (mit Foto) 
  (ohne finanzielle Interessen)

WEIHNACHTSSTERN SUCHT WEIHNACHTSMANN DER MICH RICHTIG VERFUE
Bist du genau so zeigefreudig und leicht erregbar wie ich? Dann bist du, der 
Mann den ich suche um mich hemmungslos fallen zu lassen. Bin fuer alles offen, 
was zu zweit Spass macht, mein Faible umfasst Dinge wie NS, Dildospiele, AV und 
Bondage.
Alles kann nichts muss! Wichtig sind mir Geilheit und Standfestigkeit.
Ich lege Wert auf Sauberkeit und Diskretion.
Wenn es dich gibt, dann melde  ...

http://email-partner.com/newsletter.asp 


 Alina, 20/174/schlank aus 700 Spaeter :-) (mit Foto) 
  (ohne finanzielle Interessen)

ALINA, 20, SCHWANGER
SCHWANGER  als mein Freund das erfuhr sagte er LECK MICH und verliess mich auf 
der Stelle.
Tja jetzt steh ich allein da mit meinem dicken Bauch ...

Bin 20 Jahre alt, blond, bi, sauber, gepflegt und sau-geil 
Hatte schon lang auch keinen geilen Sex mehr und sehne mich danach, dass jemand 
wieder meine, schon mit Milch gefuellten Brueste streichelt, daran lutscht oder 
mir etwas dazwischen schiebt.
Bin sehr begabt im Blasen, Lecken und lasse es mir auch gerne mal anal machen.

Wenn du  ...

http://email-partner.com/newsletter.asp 




   --
 Und ab in den Urlaub!  
   Lastminute  Restplaetze superguenstig bei
  http://email-partner.com/urlaub.asp  
   --




Passen die obigen Anzeigen zu Deinen Erwartungen? Wenn nein, dann besuche 
unseren Website nochmals und bestelle diesen Newsletter einfach mit anderen 
Kriterien neu! Diese gelten dann sofort fuer den naechsten Newsletter! Und Du 
siehst dabei ja dann auch gleich alle Anzeigen, nach denen Du gesucht hast.

Also, dann viel Spass auf http://email-partner.com/newsletter.asp !

Liebe Gruesse


Chris

PS: Du erhaeltst diese automatisierte Mail, da auf unserem Website 
http://email-partner.com am 16.09.05 um 09:42:59 Uhr von der IP-Adresse 
66.249.65.234 unser kostenfreier Newsletter fuer die Email-Adresse [EMAIL 
PROTECTED] abonniert wurde. Das Abonnement unseres Newsletters kannst Du 
jederzeit im Menuepunkt Newsletter wieder abbestellen.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]