-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.6
Date: Sat, 26 Oct 2002 11:18:13 +0200
Source: apache-ssl
Binary: apache-ssl
Architecture: source sparc
Version: 1.3.9.13-4.2
Distribution: oldstable-security
Urgency: high
Maintainer: Martin Schulze <[EMAIL PROTECTED]>
Description:
apache-ssl - Versatile, high-performance HTTP server with SSL support
Changes:
apache-ssl (1.3.9.13-4.2) oldstable-security; urgency=high
.
* Non-maintainer upload by the Security Team
* Backport security fixes from 1.3.27 for the following issues:
- CAN-2002-0839 (shared memory scoreboard uid/gid)
- CAN-2002-0840 (cross-site scripting in error page)
- CAN-2002-0843 (buffer overflows in ApacheBench ab.c)
* Fix insecure temporary file creation in htpasswd and htdigest
* Added another fix against two overflowed buffer in the htdigest
program
* Backported security patch from 1.3.13 that fixes a bug in mod_rewrite
that enables an attacker to be able to access any file on the web
server.
Files:
9b4125e33235ec9635042f439cb00f56 741 non-us/main optional apache-ssl_1.3.9.13-4.2.dsc
b182c280fef5c37ee5a5beab73ad9719 32210 non-us/main optional
apache-ssl_1.3.9.13-4.2.diff.gz
89b2c9d9c14720240ef9d85f27edd010 421204 non-us/main optional
apache-ssl_1.3.9.13-4.2_sparc.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9unvpW5ql+IAeqTIRAld9AKCzYJiKOIdAt5Iva8MzJvMqq8SqkACdE3jL
dLKyHu90voAagC+y9GKxX00=
=ndmN
-END PGP SIGNATURE-
Accepted:
apache-ssl_1.3.9.13-4.2.diff.gz
to pool/non-US/main/a/apache-ssl/apache-ssl_1.3.9.13-4.2.diff.gz
apache-ssl_1.3.9.13-4.2.dsc
to pool/non-US/main/a/apache-ssl/apache-ssl_1.3.9.13-4.2.dsc
apache-ssl_1.3.9.13-4.2_sparc.deb
to pool/non-US/main/a/apache-ssl/apache-ssl_1.3.9.13-4.2_sparc.deb
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]