Viewing all changes in revision 37.
- Committer: Package Import Robot
- Date: 2012-02-14 10:49:11 UTC
- mfrom: (27.1.11 hardy-security)
- Revision ID: package-import@ubuntu.com-20120214104911-2j5068jzduwuui0t
* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
directive (LP: #811422)
- debian/patches/220_CVE-2011-3607.dpatch: validate length in
server/util.c.
- CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
- debian/patches/221_CVE-2011-4317.dpatch: validate additional URIs in
modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
server/protocol.c.
- CVE-2011-4317
* SECURITY UPDATE: denial of service and possible code execution via
type field modification within a scoreboard shared memory segment
- debian/patches/222_CVE-2012-0031.dpatch: check type field in
server/scoreboard.c.
- CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
- debian/patches/223_CVE-2012-0053.dpatch: check lengths in
server/protocol.c.
- CVE-2012-0053
directive (LP: #811422)
- debian/patches/220_CVE-2011-3607.dpatch: validate length in
server/util.c.
- CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
- debian/patches/221_CVE-2011-4317.dpatch: validate additional URIs in
modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
server/protocol.c.
- CVE-2011-4317
* SECURITY UPDATE: denial of service and possible code execution via
type field modification within a scoreboard shared memory segment
- debian/patches/222_CVE-2012-0031.dpatch: check type field in
server/scoreboard.c.
- CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
- debian/patches/223_CVE-2012-0053.dpatch: check lengths in
server/protocol.c.
- CVE-2012-0053
expand all
collapse all
added
removed
