Viewing all changes in revision 6.
- Committer: Bazaar Package Importer
- Date: 2006-01-08 00:01:47 UTC
- Revision ID: james.westby@ubuntu.com-20060108000147-1vzo2lgiul2m8ivy
* SECURITY UPDATE: Remote DoS and Cross-Site Scripting vulnerability.
- Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
- Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
threaded MPMs when making a non-SSL connection to an SSL-enabled port
on a server with a custom 400 error document defined; see CVE-2005-3357
- Add 050_mod_imap_CVE-2005-3352 to escape untrusted referer headers in
mod_imap before outputting HTML to avoid XSS attacks; see CVE-2005-3352
- Add 051_mod_ssl_CVE-2005-3357 to avoid a remote denial of service in
threaded MPMs when making a non-SSL connection to an SSL-enabled port
on a server with a custom 400 error document defined; see CVE-2005-3357
- files added:
- debian/patches/050_mod_imap_CVE-2005-3352
- files modified:
- debian/changelog
expand all
collapse all
added
removed
