-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-07-09 14:35:07 UTC
-
Revision ID:
james.westby@ubuntu.com-20090709143507-a7wbtk2tgqh3jjbh
Tags: 2.2.11-2ubuntu2.2
* SECURITY UPDATE: remote denial of service in the mod_proxy module via
amount of streamed data that exceeds the Content-Length value
- debian/patches/902_CVE-2009-1890.dpatch: make sure Content-Length is
sane and check the length of the data in modules/proxy/mod_proxy_http.c
- CVE-2009-1890
* SECURITY UPDATE: remote denial of service in mod_deflate module when
the network connection was closed before compression completed
- debian/patches/903_CVE-2009-1891.dpatch: fail if the connection has
been aborted in server/core_filters.c
- CVE-2009-1891