-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2011-09-01 01:53:46 UTC
-
mfrom:
(27.1.9 hardy-security)
-
Revision ID:
package-import@ubuntu.com-20110901015346-2l9gnsc5txnh2qei
Tags: 2.2.8-1ubuntu0.21
* SECURITY UPDATE: Range header DoS vulnerability
* debian/patches/214_CVE-2011-3192.dpatch: filter out large
byte ranges and improve memory efficiency in handling buckets.
(thanks to Debian and upstream)
* CVE-2011-3192
* Include fix for regressions introduced by above patch:
- debian/patches/084_CVE-2011-3192_regression.dpatch: return 206
and 416 response codes where appropriate (see deban bug 639825)